eate_object.isra.0+0x3a/0xa20 [ 1448.787753] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1448.788389] kmem_cache_alloc_bulk+0x168/0x320 [ 1448.789011] io_submit_sqes+0x707f/0x86a0 [ 1448.789626] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1448.790316] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1448.790992] ? lock_downgrade+0x6d0/0x6d0 [ 1448.791549] ? find_held_lock+0x2c/0x110 [ 1448.792116] ? io_submit_sqes+0x86a0/0x86a0 [ 1448.792727] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1448.793341] ? wait_for_completion_io+0x270/0x270 [ 1448.793953] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.794545] ? vfs_write+0x354/0xa30 [ 1448.795023] ? fput_many+0x2f/0x1a0 [ 1448.795506] ? ksys_write+0x1a9/0x260 [ 1448.795999] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.796675] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.797337] do_syscall_64+0x33/0x40 [ 1448.797808] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1448.798464] RIP: 0033:0x7fe0662fcb19 [ 1448.798940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.801343] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1448.802423] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1448.803430] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1448.804422] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1448.805374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.806359] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:37:20 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r2, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r3, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:20 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:37:20 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) 23:37:20 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 23:37:20 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000040)=0x80, &(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @local}}, 0x0, 0x100000, 0x1}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1448.928507] FAULT_INJECTION: forcing a failure. [ 1448.928507] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.929969] CPU: 1 PID: 8725 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1448.930778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.931762] Call Trace: [ 1448.932101] dump_stack+0x107/0x167 [ 1448.932533] should_fail.cold+0x5/0xa [ 1448.932989] should_failslab+0x5/0x20 [ 1448.933450] kmem_cache_alloc_bulk+0x4b/0x320 [ 1448.933991] io_submit_sqes+0x707f/0x86a0 [ 1448.934517] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1448.935107] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1448.935670] ? lock_downgrade+0x6d0/0x6d0 [ 1448.936166] ? find_held_lock+0x2c/0x110 [ 1448.936656] ? io_submit_sqes+0x86a0/0x86a0 [ 1448.937170] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1448.937753] ? wait_for_completion_io+0x270/0x270 [ 1448.938328] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.938872] ? vfs_write+0x354/0xa30 [ 1448.939315] ? fput_many+0x2f/0x1a0 [ 1448.939747] ? ksys_write+0x1a9/0x260 [ 1448.940208] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.940828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.941447] do_syscall_64+0x33/0x40 [ 1448.941889] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1448.942500] RIP: 0033:0x7fe0662fcb19 [ 1448.942938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.945115] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1448.945998] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1448.946826] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1448.947655] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1448.948491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.949319] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:37:20 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1448.993191] device veth0_vlan entered promiscuous mode [ 1449.150758] device veth0_vlan entered promiscuous mode 23:37:33 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:37:33 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:33 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:37:33 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 23:37:33 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) syz_io_uring_setup(0x6d2a, &(0x7f0000000080)={0x0, 0xd80d, 0x10, 0x3, 0xcd, 0x0, r3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000180)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x8, 0x7, 0x8, 0x7f, 0x0, 0x1000, 0x0, 0x9, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000040), 0x1}, 0x124, 0x3, 0x0, 0x4, 0x5, 0x5, 0x1, 0x0, 0x4}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x0) [ 1461.979421] FAULT_INJECTION: forcing a failure. [ 1461.979421] name failslab, interval 1, probability 0, space 0, times 0 [ 1461.983409] CPU: 0 PID: 8752 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1461.984857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1461.986580] Call Trace: [ 1461.987135] dump_stack+0x107/0x167 [ 1461.987902] should_fail.cold+0x5/0xa [ 1461.988698] ? create_object.isra.0+0x3a/0xa20 [ 1461.989648] should_failslab+0x5/0x20 [ 1461.990438] kmem_cache_alloc+0x5b/0x360 [ 1461.991286] ? mark_held_locks+0x9e/0xe0 [ 1461.992145] create_object.isra.0+0x3a/0xa20 [ 1461.993059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1461.994119] kmem_cache_alloc_bulk+0x168/0x320 [ 1461.995085] io_submit_sqes+0x707f/0x86a0 [ 1461.995990] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1461.997041] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1461.998048] ? lock_downgrade+0x6d0/0x6d0 [ 1461.998906] ? find_held_lock+0x2c/0x110 [ 1461.999756] ? io_submit_sqes+0x86a0/0x86a0 [ 1462.000671] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1462.001681] ? wait_for_completion_io+0x270/0x270 [ 1462.002684] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.003643] ? vfs_write+0x354/0xa30 [ 1462.004422] ? fput_many+0x2f/0x1a0 [ 1462.005175] ? ksys_write+0x1a9/0x260 [ 1462.005973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1462.007058] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.008153] do_syscall_64+0x33/0x40 [ 1462.008928] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1462.009983] RIP: 0033:0x7fe0662fcb19 [ 1462.010750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.014568] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1462.016147] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1462.017616] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1462.019085] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1462.020679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.022324] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:37:33 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r7}}, 0x7f) syz_io_uring_setup(0x356e, &(0x7f0000000580)={0x0, 0xe772, 0x1, 0x1, 0x149, 0x0, r3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000600), &(0x7f0000000640)=0x0) syz_io_uring_submit(r4, r9, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x400, 0x8, 0x1, {0x0, r7, r3}}, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r10, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_WRITEV={0x2, 0x0, 0x2000, @fd=r0, 0xfffffffffffffffc, &(0x7f00000004c0)=[{&(0x7f0000000040)="6dbf49d3fce5819670759e46dc016010fffd7706e8af4ab2cd74f76bc09d441b88fd49f168e7642f79e5ad6d2ed4342afe15f64cf0087e6d50e2e4658fddacf6224ed758d98bd7e03d45ecc15ccb580446434f3f51ff67c6f181b05c2e095671d6edb68c3dd10e42aa907f4f61ccfff655343d4633ea2b7bd449f7fdce27e2d976b3d330c4cebf275cddf9d7e44fad8f4f629a48c64215f21da1c5b3a1e4c32e6c8e495bbd528af8ecb2caf27b5b6a2ec4264f2066d8be63d90ae8a325eea3e91f3a37533271cc6cf8b279ef4bc8c85448e404e50f5cf7740055b7e3e028d769ee9a4f6d5724cc55992a0d9692476615141506aa8778", 0xf6}, {&(0x7f0000000340)="ed286bdb765041daf2a33503f99d2a2844fb599977145d3e12d0ef59a79bdd9f4b65d397a4c873db64348e9917c59bb612686cddf210538c6d6d914000d86b6506e71718b5e1edcf38633f8a8941a867cd53f4eb42bd8d4c15b110c845c94a540344b1d4f60be9860e3f0d6a02a2778bc3ebd8e2cff99a8025e6c714c63bb2bcedfd7b699229aea7f5aae1d2681db1ebff9dac8c8104bc607b5af14045ab86dc55970ee1e6f4e473ac61892b13c4b1d9089f98d204e9e74f7321", 0xba}, {&(0x7f0000000180)="8d63348609da9e141e89ac73bcf04c17a396e22273939d7559a64d231a38e7df8edaff5301c9a5986d6332292f0d020b8a99483f3db39c1e79be7f1361a1334eb781d35d5a73f38f0caf5a3a129c230e2f9c5d2c0a50", 0x56}, {&(0x7f0000000240)="26539a3082205d13ec4790f6a5cb098faa8286db7643c914573f71f91b3470047baad97e386fdbcbd122fa40da760496a7ac02d619869686b37ab38dc3e5110744cd85181386fe35992daadfc42cea38", 0x50}, {&(0x7f0000000400)="e8adf64adc3abff34a20b335060ae6fe1527bcb4b470eb832eab7527eb8198c9164eae78f5b5976a5b2c509dbc27c49e429be951d66d94d0642d8a3878260b38d3337c1725e9ccc917f3da3aeb3b27c3ecb38992d9b6338a64cea12975bfd505005e24599938f4b3d66aa69d0a74bdeab9efda779277dfda2042bb7f4ecf5a2054df07a706ebb8f82be5195328bdc6cc71f65018fda8", 0x96}], 0x5, 0x8, 0x1, {0x0, r11}}, 0x9) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xffffffffffffa972}, 0x0, 0x7, 0xb24f, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0xbf4}, 0x0, 0x2, 0xffffffffffffffff, 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:33 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 23:37:33 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1462.129538] device veth0_vlan entered promiscuous mode [ 1462.133467] FAULT_INJECTION: forcing a failure. [ 1462.133467] name failslab, interval 1, probability 0, space 0, times 0 [ 1462.137341] CPU: 0 PID: 8768 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1462.138869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.140735] Call Trace: [ 1462.141332] dump_stack+0x107/0x167 [ 1462.142151] should_fail.cold+0x5/0xa [ 1462.143010] should_failslab+0x5/0x20 [ 1462.143856] kmem_cache_alloc_bulk+0x4b/0x320 [ 1462.144863] io_submit_sqes+0x707f/0x86a0 [ 1462.145826] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1462.146929] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1462.148025] ? lock_downgrade+0x6d0/0x6d0 [ 1462.148944] ? find_held_lock+0x2c/0x110 [ 1462.149855] ? io_submit_sqes+0x86a0/0x86a0 [ 1462.150823] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1462.151921] ? wait_for_completion_io+0x270/0x270 [ 1462.153000] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.154032] ? vfs_write+0x354/0xa30 [ 1462.154869] ? fput_many+0x2f/0x1a0 [ 1462.155680] ? ksys_write+0x1a9/0x260 [ 1462.156543] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1462.157708] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.158861] do_syscall_64+0x33/0x40 [ 1462.159694] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1462.160847] RIP: 0033:0x7fb90a2beb19 [ 1462.161671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.165729] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1462.167420] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1462.169031] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1462.170612] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1462.172206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 23:37:33 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) [ 1462.173786] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1462.247418] device veth0_vlan entered promiscuous mode 23:37:48 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:37:48 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 23:37:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 23:37:48 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:48 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 23:37:48 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) 23:37:48 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:37:48 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(0x0, 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1476.966265] FAULT_INJECTION: forcing a failure. [ 1476.966265] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.967685] FAULT_INJECTION: forcing a failure. [ 1476.967685] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.968804] CPU: 0 PID: 8787 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1476.972299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1476.973985] Call Trace: [ 1476.974536] dump_stack+0x107/0x167 [ 1476.975290] should_fail.cold+0x5/0xa [ 1476.976073] ? create_object.isra.0+0x3a/0xa20 [ 1476.977020] should_failslab+0x5/0x20 [ 1476.977798] kmem_cache_alloc+0x5b/0x360 [ 1476.978641] ? __memset+0x29/0x40 [ 1476.979364] create_object.isra.0+0x3a/0xa20 [ 1476.980286] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1476.981340] kmem_cache_alloc_bulk+0x168/0x320 [ 1476.982289] io_submit_sqes+0x707f/0x86a0 [ 1476.983179] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1476.984225] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1476.985238] ? io_submit_sqes+0x86a0/0x86a0 [ 1476.986137] ? recalibrate_cpu_khz+0x10/0x10 [ 1476.987044] ? ktime_get+0x158/0x1f0 [ 1476.987828] ? lapic_timer_set_periodic+0x60/0x60 [ 1476.988826] ? clockevents_program_event+0x131/0x360 [ 1476.989874] ? tick_program_event+0xa8/0x140 [ 1476.990781] ? hrtimer_interrupt+0x771/0x9b0 [ 1476.991709] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1476.992802] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1476.993871] do_syscall_64+0x33/0x40 [ 1476.994642] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1476.995697] RIP: 0033:0x7fb90a2beb19 [ 1476.996471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.000257] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.001830] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1477.003297] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.004781] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.006244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1477.007707] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1477.009217] CPU: 1 PID: 8789 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1477.010601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.012271] Call Trace: [ 1477.012806] dump_stack+0x107/0x167 [ 1477.013544] should_fail.cold+0x5/0xa [ 1477.014310] ? create_object.isra.0+0x3a/0xa20 [ 1477.015229] should_failslab+0x5/0x20 [ 1477.015992] kmem_cache_alloc+0x5b/0x360 [ 1477.016817] ? mark_held_locks+0x9e/0xe0 [ 1477.017642] create_object.isra.0+0x3a/0xa20 [ 1477.018524] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.019549] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.020508] io_submit_sqes+0x707f/0x86a0 [ 1477.021382] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.022378] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.023352] ? lock_downgrade+0x6d0/0x6d0 [ 1477.024184] ? find_held_lock+0x2c/0x110 [ 1477.025019] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.025908] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.026899] ? wait_for_completion_io+0x270/0x270 [ 1477.027869] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.028835] ? vfs_write+0x354/0xa30 [ 1477.029590] ? fput_many+0x2f/0x1a0 [ 1477.030325] ? ksys_write+0x1a9/0x260 [ 1477.031106] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.032157] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.033224] do_syscall_64+0x33/0x40 [ 1477.033983] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.035021] RIP: 0033:0x7fe0662fcb19 [ 1477.035772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.039480] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.041035] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1477.042476] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.043918] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.045390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.046833] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:37:48 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:37:48 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x40, 0x2, 0x6, 0x0, 0x4, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000040), 0x6}, 0x0, 0x7fffffff, 0x400, 0x1, 0xffffffffffffcb16, 0x1b, 0x3f, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xe, r3, 0xa) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:48 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:48 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) 23:37:48 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:37:48 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) 23:37:48 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1477.309459] device veth0_vlan entered promiscuous mode [ 1477.330246] FAULT_INJECTION: forcing a failure. [ 1477.330246] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.332269] CPU: 1 PID: 8813 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1477.333369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.334673] Call Trace: [ 1477.335115] dump_stack+0x107/0x167 [ 1477.335711] should_fail.cold+0x5/0xa [ 1477.336327] ? create_object.isra.0+0x3a/0xa20 [ 1477.337057] should_failslab+0x5/0x20 [ 1477.337664] kmem_cache_alloc+0x5b/0x360 [ 1477.338330] ? mark_held_locks+0x9e/0xe0 [ 1477.338971] create_object.isra.0+0x3a/0xa20 [ 1477.339655] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.340488] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.341186] io_submit_sqes+0x707f/0x86a0 [ 1477.341880] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.342641] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.343416] ? lock_downgrade+0x6d0/0x6d0 [ 1477.344083] ? find_held_lock+0x2c/0x110 [ 1477.344753] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.345445] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.346214] ? wait_for_completion_io+0x270/0x270 [ 1477.346953] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.347682] ? vfs_write+0x354/0xa30 [ 1477.348254] ? fput_many+0x2f/0x1a0 [ 1477.348847] ? ksys_write+0x1a9/0x260 [ 1477.349442] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.350265] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.351069] do_syscall_64+0x33/0x40 [ 1477.351656] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.352481] RIP: 0033:0x7fb90a2beb19 [ 1477.353064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.355978] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.357214] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1477.358318] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.359436] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.360517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1477.361599] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:37:48 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r7 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r10 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r8, r9, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r11, r9, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r10, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000c, 0x810, r7, 0x0) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd=r10, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r12}}, 0x400) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:37:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 1477.441854] FAULT_INJECTION: forcing a failure. [ 1477.441854] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.443223] CPU: 1 PID: 8823 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1477.444043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.445025] Call Trace: [ 1477.445341] dump_stack+0x107/0x167 [ 1477.445761] should_fail.cold+0x5/0xa [ 1477.446195] should_failslab+0x5/0x20 [ 1477.446624] kmem_cache_alloc_bulk+0x4b/0x320 [ 1477.447136] io_submit_sqes+0x707f/0x86a0 [ 1477.447625] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.448188] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.448744] ? lock_downgrade+0x6d0/0x6d0 [ 1477.449212] ? find_held_lock+0x2c/0x110 [ 1477.449667] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.450127] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.450668] ? wait_for_completion_io+0x270/0x270 [ 1477.451181] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.451655] ? vfs_write+0x354/0xa30 [ 1477.452048] ? fput_many+0x2f/0x1a0 [ 1477.452492] ? ksys_write+0x1a9/0x260 [ 1477.452939] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.453539] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.454141] do_syscall_64+0x33/0x40 [ 1477.454569] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.455176] RIP: 0033:0x7fe0662fcb19 [ 1477.455606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.457749] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.458626] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1477.459453] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.460295] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.461122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.461940] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:37:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:49 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) 23:37:49 executing program 0: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:37:49 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 23:37:49 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) [ 1477.598070] FAULT_INJECTION: forcing a failure. [ 1477.598070] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.599469] CPU: 1 PID: 8830 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1477.600253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.601110] Call Trace: [ 1477.601418] dump_stack+0x107/0x167 [ 1477.601838] should_fail.cold+0x5/0xa [ 1477.602272] ? create_object.isra.0+0x3a/0xa20 [ 1477.602798] should_failslab+0x5/0x20 [ 1477.603228] kmem_cache_alloc+0x5b/0x360 [ 1477.603706] create_object.isra.0+0x3a/0xa20 [ 1477.604199] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.604789] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.605321] io_submit_sqes+0x707f/0x86a0 [ 1477.605806] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.606365] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.606905] ? lock_downgrade+0x6d0/0x6d0 [ 1477.607372] ? find_held_lock+0x2c/0x110 [ 1477.607846] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.608360] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.608920] ? wait_for_completion_io+0x270/0x270 [ 1477.609478] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.610014] ? vfs_write+0x354/0xa30 [ 1477.610490] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1477.611006] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1477.611625] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.612228] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.612812] do_syscall_64+0x33/0x40 [ 1477.613232] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.613804] RIP: 0033:0x7fe0662fcb19 [ 1477.614224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.616316] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.617160] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1477.617877] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.618720] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.619557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.620389] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1477.625459] FAULT_INJECTION: forcing a failure. [ 1477.625459] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.627272] CPU: 1 PID: 8832 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1477.628069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.629063] Call Trace: [ 1477.629372] dump_stack+0x107/0x167 [ 1477.629784] should_fail.cold+0x5/0xa [ 1477.630221] ? create_object.isra.0+0x3a/0xa20 [ 1477.630735] should_failslab+0x5/0x20 [ 1477.631182] kmem_cache_alloc+0x5b/0x360 [ 1477.631646] create_object.isra.0+0x3a/0xa20 [ 1477.632146] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.632784] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.633300] io_submit_sqes+0x707f/0x86a0 [ 1477.633790] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.634346] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.634843] ? lock_downgrade+0x6d0/0x6d0 [ 1477.635311] ? find_held_lock+0x2c/0x110 [ 1477.635773] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.636282] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.636820] ? wait_for_completion_io+0x270/0x270 [ 1477.637362] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.637826] ? vfs_write+0x354/0xa30 [ 1477.638253] ? fput_many+0x2f/0x1a0 [ 1477.638660] ? ksys_write+0x1a9/0x260 [ 1477.639096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.639681] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.640286] do_syscall_64+0x33/0x40 [ 1477.640704] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.641294] RIP: 0033:0x7fb90a2beb19 [ 1477.641713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.643785] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.644655] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1477.645454] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.646260] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.647073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1477.647886] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:37:49 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:37:49 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 23:37:49 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 23:37:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:49 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 23:37:49 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(0x0, 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1477.830775] FAULT_INJECTION: forcing a failure. [ 1477.830775] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.831970] CPU: 1 PID: 8851 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1477.832659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.833544] Call Trace: [ 1477.833826] dump_stack+0x107/0x167 [ 1477.834211] should_fail.cold+0x5/0xa [ 1477.834590] ? create_object.isra.0+0x3a/0xa20 [ 1477.835040] should_failslab+0x5/0x20 [ 1477.835512] kmem_cache_alloc+0x5b/0x360 [ 1477.835916] ? mark_held_locks+0x9e/0xe0 [ 1477.836333] create_object.isra.0+0x3a/0xa20 [ 1477.836774] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.837292] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.837764] io_submit_sqes+0x707f/0x86a0 [ 1477.838247] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.838777] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.839299] ? lock_downgrade+0x6d0/0x6d0 [ 1477.839748] ? find_held_lock+0x2c/0x110 [ 1477.840196] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.840695] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.841229] ? wait_for_completion_io+0x270/0x270 [ 1477.841761] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.842275] ? vfs_write+0x354/0xa30 [ 1477.842692] ? fput_many+0x2f/0x1a0 [ 1477.843070] ? ksys_write+0x1a9/0x260 [ 1477.843494] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.844088] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.844670] do_syscall_64+0x33/0x40 [ 1477.845084] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.845655] RIP: 0033:0x7fe0662fcb19 [ 1477.846078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.848099] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.848943] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1477.849736] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.850449] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.851236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.852029] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1477.896497] FAULT_INJECTION: forcing a failure. [ 1477.896497] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.898297] CPU: 1 PID: 8857 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1477.899031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.899942] Call Trace: [ 1477.900239] dump_stack+0x107/0x167 [ 1477.900653] should_fail.cold+0x5/0xa [ 1477.901089] should_failslab+0x5/0x20 [ 1477.901527] kmem_cache_alloc_bulk+0x4b/0x320 [ 1477.902045] io_submit_sqes+0x707f/0x86a0 [ 1477.902539] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.903084] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.903616] ? lock_downgrade+0x6d0/0x6d0 [ 1477.904030] ? find_held_lock+0x2c/0x110 [ 1477.904489] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.904982] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.905519] ? wait_for_completion_io+0x270/0x270 [ 1477.906021] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.906533] ? vfs_write+0x354/0xa30 [ 1477.906951] ? fput_many+0x2f/0x1a0 [ 1477.907357] ? ksys_write+0x1a9/0x260 [ 1477.907794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.908399] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.908987] do_syscall_64+0x33/0x40 [ 1477.909409] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.909985] RIP: 0033:0x7faadcd8fb19 [ 1477.910407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.912485] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.913348] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1477.914156] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.914960] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.915755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1477.916566] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:37:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:37:49 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) [ 1477.957285] FAULT_INJECTION: forcing a failure. [ 1477.957285] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.959845] CPU: 0 PID: 8856 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1477.961245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.962927] Call Trace: [ 1477.963473] dump_stack+0x107/0x167 [ 1477.964251] should_fail.cold+0x5/0xa [ 1477.965040] ? create_object.isra.0+0x3a/0xa20 [ 1477.965973] should_failslab+0x5/0x20 [ 1477.966763] kmem_cache_alloc+0x5b/0x360 [ 1477.967616] create_object.isra.0+0x3a/0xa20 [ 1477.968545] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1477.969606] kmem_cache_alloc_bulk+0x168/0x320 [ 1477.970567] io_submit_sqes+0x707f/0x86a0 [ 1477.971476] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.972509] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1477.973527] ? lock_downgrade+0x6d0/0x6d0 [ 1477.974392] ? find_held_lock+0x2c/0x110 [ 1477.975243] ? io_submit_sqes+0x86a0/0x86a0 [ 1477.976159] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1477.977185] ? wait_for_completion_io+0x270/0x270 [ 1477.978189] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.979157] ? vfs_write+0x354/0xa30 [ 1477.979940] ? fput_many+0x2f/0x1a0 [ 1477.980709] ? ksys_write+0x1a9/0x260 [ 1477.981517] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1477.982606] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.983677] do_syscall_64+0x33/0x40 [ 1477.984468] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1477.985527] RIP: 0033:0x7fb90a2beb19 [ 1477.986303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.990104] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1477.991666] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1477.993135] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1477.994604] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.996067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1477.997547] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1478.015357] device veth0_vlan entered promiscuous mode 23:38:05 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) [ 1493.749325] FAULT_INJECTION: forcing a failure. [ 1493.749325] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.750936] CPU: 1 PID: 8879 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1493.751857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.752976] Call Trace: [ 1493.753343] dump_stack+0x107/0x167 [ 1493.753840] should_fail.cold+0x5/0xa [ 1493.754363] ? create_object.isra.0+0x3a/0xa20 [ 1493.754983] should_failslab+0x5/0x20 [ 1493.755501] kmem_cache_alloc+0x5b/0x360 [ 1493.756053] ? mark_held_locks+0x9e/0xe0 [ 1493.756626] create_object.isra.0+0x3a/0xa20 [ 1493.757215] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.758200] kmem_cache_alloc_bulk+0x168/0x320 23:38:05 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r0, 0xffffffffffffffff, 0x0) ioctl$PTP_SYS_OFFSET_PRECISE(r0, 0xc0403d08, &(0x7f00000000c0)) r1 = syz_io_uring_setup(0x6a6, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:38:05 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(0x0, 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 23:38:05 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:05 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) [ 1493.758857] io_submit_sqes+0x707f/0x86a0 [ 1493.759601] ? __do_sys_io_uring_enter+0xdaa/0x1c00 23:38:05 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1493.760267] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1493.761038] ? lock_downgrade+0x6d0/0x6d0 [ 1493.761600] ? find_held_lock+0x2c/0x110 [ 1493.762148] ? io_submit_sqes+0x86a0/0x86a0 [ 1493.762727] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1493.763370] ? wait_for_completion_io+0x270/0x270 [ 1493.764013] ? rcu_read_lock_any_held+0x75/0xa0 23:38:05 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) [ 1493.764647] ? vfs_write+0x354/0xa30 [ 1493.765260] ? fput_many+0x2f/0x1a0 [ 1493.765752] ? ksys_write+0x1a9/0x260 [ 1493.766267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.766976] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1493.767671] do_syscall_64+0x33/0x40 [ 1493.768173] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1493.768863] RIP: 0033:0x7fe0662fcb19 [ 1493.769362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.771822] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1493.772851] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1493.773804] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1493.774764] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1493.775719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1493.776661] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1493.812316] FAULT_INJECTION: forcing a failure. [ 1493.812316] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.814450] CPU: 1 PID: 8875 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1493.815335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.816391] Call Trace: [ 1493.816744] dump_stack+0x107/0x167 [ 1493.817220] should_fail.cold+0x5/0xa [ 1493.817716] ? create_object.isra.0+0x3a/0xa20 [ 1493.818312] should_failslab+0x5/0x20 [ 1493.818802] kmem_cache_alloc+0x5b/0x360 [ 1493.819325] ? mark_held_locks+0x9e/0xe0 [ 1493.819858] create_object.isra.0+0x3a/0xa20 [ 1493.820448] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.821126] kmem_cache_alloc_bulk+0x168/0x320 [ 1493.821749] io_submit_sqes+0x707f/0x86a0 [ 1493.822334] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1493.822970] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1493.823617] ? lock_downgrade+0x6d0/0x6d0 [ 1493.824173] ? find_held_lock+0x2c/0x110 [ 1493.824722] ? io_submit_sqes+0x86a0/0x86a0 [ 1493.825311] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1493.825960] ? wait_for_completion_io+0x270/0x270 [ 1493.826611] ? rcu_read_lock_any_held+0x75/0xa0 [ 1493.827237] ? vfs_write+0x354/0xa30 [ 1493.827740] ? fput_many+0x2f/0x1a0 [ 1493.828214] ? ksys_write+0x1a9/0x260 [ 1493.828721] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.829415] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1493.830103] do_syscall_64+0x33/0x40 [ 1493.830593] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1493.831268] RIP: 0033:0x7fb90a2beb19 [ 1493.831757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.834191] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1493.835188] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1493.835414] FAULT_INJECTION: forcing a failure. [ 1493.835414] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.836073] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1493.836080] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1493.836087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1493.836094] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1493.846482] CPU: 0 PID: 8883 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1493.848028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.849912] Call Trace: [ 1493.850514] dump_stack+0x107/0x167 [ 1493.851343] should_fail.cold+0x5/0xa [ 1493.852206] ? create_object.isra.0+0x3a/0xa20 [ 1493.853265] should_failslab+0x5/0x20 [ 1493.854125] kmem_cache_alloc+0x5b/0x360 [ 1493.855053] create_object.isra.0+0x3a/0xa20 [ 1493.856045] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.857203] kmem_cache_alloc_bulk+0x168/0x320 [ 1493.858240] io_submit_sqes+0x707f/0x86a0 [ 1493.859223] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1493.860341] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1493.861448] ? lock_downgrade+0x6d0/0x6d0 [ 1493.862374] ? find_held_lock+0x2c/0x110 [ 1493.863292] ? io_submit_sqes+0x86a0/0x86a0 [ 1493.864270] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1493.865358] ? wait_for_completion_io+0x270/0x270 [ 1493.866440] ? rcu_read_lock_any_held+0x75/0xa0 [ 1493.867478] ? vfs_write+0x354/0xa30 [ 1493.868320] ? fput_many+0x2f/0x1a0 [ 1493.869144] ? ksys_write+0x1a9/0x260 [ 1493.870010] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.871180] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1493.872344] do_syscall_64+0x33/0x40 [ 1493.873196] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1493.874345] RIP: 0033:0x7faadcd8fb19 [ 1493.875185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.879300] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1493.881002] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1493.882588] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1493.884177] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1493.885773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1493.887359] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:38:05 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) 23:38:05 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 23:38:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) [ 1493.995141] FAULT_INJECTION: forcing a failure. [ 1493.995141] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.996664] CPU: 1 PID: 8900 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1493.997470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.998631] Call Trace: [ 1493.999011] dump_stack+0x107/0x167 [ 1493.999518] should_fail.cold+0x5/0xa [ 1494.000050] ? create_object.isra.0+0x3a/0xa20 [ 1494.000705] should_failslab+0x5/0x20 [ 1494.001235] kmem_cache_alloc+0x5b/0x360 [ 1494.001802] ? mark_held_locks+0x9e/0xe0 [ 1494.002373] create_object.isra.0+0x3a/0xa20 [ 1494.002987] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1494.003695] kmem_cache_alloc_bulk+0x168/0x320 [ 1494.004334] io_submit_sqes+0x707f/0x86a0 [ 1494.004945] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1494.005636] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1494.006308] ? lock_downgrade+0x6d0/0x6d0 [ 1494.006877] ? find_held_lock+0x2c/0x110 [ 1494.007440] ? io_submit_sqes+0x86a0/0x86a0 [ 1494.008042] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1494.008734] ? wait_for_completion_io+0x270/0x270 [ 1494.009402] ? rcu_read_lock_any_held+0x75/0xa0 [ 1494.010044] ? vfs_write+0x354/0xa30 [ 1494.010560] ? fput_many+0x2f/0x1a0 [ 1494.011058] ? ksys_write+0x1a9/0x260 [ 1494.011588] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1494.012302] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1494.013027] do_syscall_64+0x33/0x40 [ 1494.013537] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1494.014243] RIP: 0033:0x7fe0662fcb19 [ 1494.014677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1494.017198] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1494.018236] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1494.019205] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1494.020180] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1494.021168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1494.022137] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1494.053287] device veth0_vlan entered promiscuous mode 23:38:20 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:20 executing program 1: r0 = syz_io_uring_setup(0x68c0, &(0x7f00000002c0)={0x0, 0x64fe}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) r4 = syz_io_uring_complete(r1) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000080)) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r7, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4, @fd_index=0x8, 0x0, 0x0, 0x0, 0x10, 0x0, {0x2, r10}}, 0x1) 23:38:20 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:20 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) 23:38:20 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 23:38:20 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 23:38:20 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) [ 1508.695496] FAULT_INJECTION: forcing a failure. [ 1508.695496] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.697150] CPU: 1 PID: 8919 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1508.698081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.699198] Call Trace: [ 1508.699559] dump_stack+0x107/0x167 [ 1508.700083] should_fail.cold+0x5/0xa [ 1508.700602] ? create_object.isra.0+0x3a/0xa20 [ 1508.701287] should_failslab+0x5/0x20 [ 1508.701804] kmem_cache_alloc+0x5b/0x360 [ 1508.702398] ? mark_held_locks+0x9e/0xe0 [ 1508.702984] create_object.isra.0+0x3a/0xa20 [ 1508.703617] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.704338] kmem_cache_alloc_bulk+0x168/0x320 [ 1508.704990] io_submit_sqes+0x707f/0x86a0 [ 1508.705594] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.706319] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.706993] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.707750] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1508.708317] FAULT_INJECTION: forcing a failure. [ 1508.708317] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.708404] ? trace_hardirqs_on+0x5b/0x180 [ 1508.708425] ? io_submit_sqes+0x86a0/0x86a0 [ 1508.712157] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1508.712814] ? finish_task_switch+0x126/0x5d0 [ 1508.713455] ? finish_task_switch+0xef/0x5d0 [ 1508.714086] ? __switch_to+0x572/0xff0 [ 1508.714651] ? __switch_to_asm+0x3a/0x60 [ 1508.715229] ? __switch_to_asm+0x34/0x60 [ 1508.715822] ? __schedule+0x850/0x1ed0 [ 1508.716387] ? io_schedule_timeout+0x140/0x140 [ 1508.717048] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1508.717697] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1508.718471] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.719213] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.719949] do_syscall_64+0x33/0x40 [ 1508.720476] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1508.721224] RIP: 0033:0x7fe0662fcb19 [ 1508.721754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.724356] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.725443] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1508.726452] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1508.727466] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.728471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1508.729497] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1508.730543] CPU: 0 PID: 8920 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1508.732059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.733894] Call Trace: [ 1508.734484] dump_stack+0x107/0x167 [ 1508.735292] should_fail.cold+0x5/0xa [ 1508.736133] ? create_object.isra.0+0x3a/0xa20 [ 1508.737148] should_failslab+0x5/0x20 [ 1508.737997] kmem_cache_alloc+0x5b/0x360 [ 1508.738907] create_object.isra.0+0x3a/0xa20 [ 1508.739882] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.741027] kmem_cache_alloc_bulk+0x168/0x320 [ 1508.742036] io_submit_sqes+0x707f/0x86a0 [ 1508.743004] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.744096] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.745180] ? lock_downgrade+0x6d0/0x6d0 [ 1508.746086] ? find_held_lock+0x2c/0x110 [ 1508.747003] ? io_submit_sqes+0x86a0/0x86a0 [ 1508.747979] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.749055] ? wait_for_completion_io+0x270/0x270 [ 1508.750127] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.751156] ? vfs_write+0x354/0xa30 [ 1508.751985] ? fput_many+0x2f/0x1a0 [ 1508.752820] ? ksys_write+0x1a9/0x260 [ 1508.753666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.754827] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.755979] do_syscall_64+0x33/0x40 [ 1508.756821] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1508.757967] RIP: 0033:0x7faadcd8fb19 [ 1508.758790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.762859] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.764555] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1508.766145] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1508.767726] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.769307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1508.770889] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1508.802524] FAULT_INJECTION: forcing a failure. [ 1508.802524] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.810476] CPU: 0 PID: 8915 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1508.812010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.813867] Call Trace: [ 1508.814467] dump_stack+0x107/0x167 [ 1508.815289] should_fail.cold+0x5/0xa [ 1508.816149] ? create_object.isra.0+0x3a/0xa20 [ 1508.817180] should_failslab+0x5/0x20 [ 1508.818030] kmem_cache_alloc+0x5b/0x360 [ 1508.818927] ? mark_held_locks+0x9e/0xe0 [ 1508.819823] create_object.isra.0+0x3a/0xa20 [ 1508.820827] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.821954] kmem_cache_alloc_bulk+0x168/0x320 [ 1508.822967] io_submit_sqes+0x707f/0x86a0 [ 1508.823931] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.825032] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.826110] ? lock_downgrade+0x6d0/0x6d0 [ 1508.827025] ? find_held_lock+0x2c/0x110 [ 1508.827925] ? io_submit_sqes+0x86a0/0x86a0 [ 1508.828916] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.829988] ? wait_for_completion_io+0x270/0x270 [ 1508.831067] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.832087] ? vfs_write+0x354/0xa30 [ 1508.832926] ? fput_many+0x2f/0x1a0 [ 1508.833734] ? ksys_write+0x1a9/0x260 [ 1508.834585] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.835751] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.836913] do_syscall_64+0x33/0x40 [ 1508.837750] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1508.838880] RIP: 0033:0x7fb90a2beb19 [ 1508.839703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.843747] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.845432] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1508.846998] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1508.848562] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.850130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1508.851689] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:38:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:20 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) 23:38:20 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) [ 1508.972259] FAULT_INJECTION: forcing a failure. [ 1508.972259] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.973932] CPU: 1 PID: 8935 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1508.974722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.975723] Call Trace: [ 1508.976040] dump_stack+0x107/0x167 [ 1508.976476] should_fail.cold+0x5/0xa [ 1508.976941] ? create_object.isra.0+0x3a/0xa20 [ 1508.977473] should_failslab+0x5/0x20 [ 1508.977913] kmem_cache_alloc+0x5b/0x360 [ 1508.978401] ? mark_held_locks+0x9e/0xe0 [ 1508.978873] create_object.isra.0+0x3a/0xa20 [ 1508.979382] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.979981] kmem_cache_alloc_bulk+0x168/0x320 [ 1508.980516] io_submit_sqes+0x707f/0x86a0 [ 1508.981024] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.981635] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1508.982267] ? lock_downgrade+0x6d0/0x6d0 [ 1508.982797] ? find_held_lock+0x2c/0x110 [ 1508.983331] ? io_submit_sqes+0x86a0/0x86a0 [ 1508.983888] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.984506] ? wait_for_completion_io+0x270/0x270 [ 1508.985133] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.985732] ? vfs_write+0x354/0xa30 [ 1508.986221] ? fput_many+0x2f/0x1a0 [ 1508.986692] ? ksys_write+0x1a9/0x260 [ 1508.987195] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.987870] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.988548] do_syscall_64+0x33/0x40 [ 1508.989045] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1508.989707] RIP: 0033:0x7faadcd8fb19 [ 1508.990174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.992540] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.993526] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1508.994439] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1508.995348] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.996251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1508.997177] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1509.069108] device veth0_vlan entered promiscuous mode 23:38:32 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 23:38:32 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:32 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:32 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:32 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x6) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = dup2(r5, 0xffffffffffffffff) io_uring_enter(r6, 0x2774, 0xa8a8, 0x0, &(0x7f0000000100), 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:38:32 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 23:38:32 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) 23:38:32 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x100000000000000, 0x0, 0x0) [ 1521.473192] FAULT_INJECTION: forcing a failure. [ 1521.473192] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.475774] CPU: 1 PID: 8943 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1521.477288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1521.479077] Call Trace: [ 1521.479653] dump_stack+0x107/0x167 [ 1521.480445] should_fail.cold+0x5/0xa [ 1521.481280] ? create_object.isra.0+0x3a/0xa20 [ 1521.482270] should_failslab+0x5/0x20 [ 1521.483095] kmem_cache_alloc+0x5b/0x360 [ 1521.483971] ? mark_held_locks+0x9e/0xe0 [ 1521.484871] create_object.isra.0+0x3a/0xa20 [ 1521.485817] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1521.486915] kmem_cache_alloc_bulk+0x168/0x320 [ 1521.487904] io_submit_sqes+0x707f/0x86a0 [ 1521.488843] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.489918] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.490966] ? lock_downgrade+0x6d0/0x6d0 [ 1521.491863] ? find_held_lock+0x2c/0x110 [ 1521.492487] FAULT_INJECTION: forcing a failure. [ 1521.492487] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.492747] ? io_submit_sqes+0x86a0/0x86a0 [ 1521.492778] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1521.492823] ? wait_for_completion_io+0x270/0x270 [ 1521.492846] ? rcu_read_lock_any_held+0x75/0xa0 [ 1521.492863] ? vfs_write+0x354/0xa30 [ 1521.492887] ? fput_many+0x2f/0x1a0 [ 1521.492907] ? ksys_write+0x1a9/0x260 [ 1521.492937] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.502630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1521.503758] do_syscall_64+0x33/0x40 [ 1521.504575] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1521.505710] RIP: 0033:0x7fe0662fcb19 [ 1521.506526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.510523] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1521.512179] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1521.513732] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1521.515288] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.516855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.518402] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1521.520005] CPU: 0 PID: 8946 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1521.521427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1521.523137] Call Trace: [ 1521.523688] dump_stack+0x107/0x167 [ 1521.524443] should_fail.cold+0x5/0xa [ 1521.525249] ? create_object.isra.0+0x3a/0xa20 [ 1521.526188] should_failslab+0x5/0x20 [ 1521.526972] kmem_cache_alloc+0x5b/0x360 [ 1521.527802] ? mark_held_locks+0x9e/0xe0 [ 1521.528636] create_object.isra.0+0x3a/0xa20 [ 1521.529541] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1521.530581] kmem_cache_alloc_bulk+0x168/0x320 [ 1521.531528] io_submit_sqes+0x707f/0x86a0 [ 1521.532421] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.533441] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.534431] ? lock_downgrade+0x6d0/0x6d0 [ 1521.535287] ? find_held_lock+0x2c/0x110 [ 1521.536135] ? io_submit_sqes+0x86a0/0x86a0 [ 1521.537053] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1521.538061] ? wait_for_completion_io+0x270/0x270 [ 1521.539070] ? rcu_read_lock_any_held+0x75/0xa0 [ 1521.540019] ? vfs_write+0x354/0xa30 [ 1521.540785] ? fput_many+0x2f/0x1a0 [ 1521.541538] ? ksys_write+0x1a9/0x260 [ 1521.542340] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.543422] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1521.544484] do_syscall_64+0x33/0x40 [ 1521.545263] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1521.546350] RIP: 0033:0x7fb90a2beb19 [ 1521.547129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.550928] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1521.552494] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1521.553957] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1521.555437] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.556937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1521.558401] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1521.559576] FAULT_INJECTION: forcing a failure. [ 1521.559576] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.563030] CPU: 1 PID: 8954 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1521.564515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1521.566314] Call Trace: [ 1521.566893] dump_stack+0x107/0x167 [ 1521.567690] should_fail.cold+0x5/0xa [ 1521.568517] ? create_object.isra.0+0x3a/0xa20 [ 1521.569529] should_failslab+0x5/0x20 [ 1521.570355] kmem_cache_alloc+0x5b/0x360 [ 1521.571232] ? mark_held_locks+0x9e/0xe0 [ 1521.572114] create_object.isra.0+0x3a/0xa20 [ 1521.573077] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1521.574177] kmem_cache_alloc_bulk+0x168/0x320 [ 1521.575171] io_submit_sqes+0x707f/0x86a0 [ 1521.576101] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.577191] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.578242] ? lock_downgrade+0x6d0/0x6d0 [ 1521.579137] ? find_held_lock+0x2c/0x110 [ 1521.580022] ? io_submit_sqes+0x86a0/0x86a0 [ 1521.580968] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1521.582020] ? wait_for_completion_io+0x270/0x270 [ 1521.583064] ? rcu_read_lock_any_held+0x75/0xa0 [ 1521.584066] ? vfs_write+0x354/0xa30 [ 1521.584889] ? fput_many+0x2f/0x1a0 [ 1521.585681] ? ksys_write+0x1a9/0x260 [ 1521.586518] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.587646] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1521.588766] do_syscall_64+0x33/0x40 [ 1521.589580] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1521.590694] RIP: 0033:0x7faadcd8fb19 [ 1521.591511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.595497] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1521.597161] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1521.598704] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1521.600246] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.601788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1521.603323] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:38:33 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:38:33 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:33 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) [ 1521.757226] device veth0_vlan entered promiscuous mode 23:38:33 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) [ 1521.844253] FAULT_INJECTION: forcing a failure. [ 1521.844253] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 1521.846755] CPU: 1 PID: 8973 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1521.848154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1521.849873] Call Trace: [ 1521.850421] dump_stack+0x107/0x167 [ 1521.851177] should_fail.cold+0x5/0xa [ 1521.851969] __alloc_pages_nodemask+0x182/0x680 [ 1521.852937] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 1521.854177] alloc_pages_current+0x187/0x280 [ 1521.855075] allocate_slab+0x26f/0x380 [ 1521.855871] ___slab_alloc+0x470/0x700 [ 1521.856663] ? io_submit_sqes+0x707f/0x86a0 [ 1521.857550] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.858615] ? trace_hardirqs_on+0x5b/0x180 [ 1521.859502] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 1521.860459] kmem_cache_alloc_bulk+0x1ec/0x320 [ 1521.861412] io_submit_sqes+0x707f/0x86a0 [ 1521.862295] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.863306] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1521.864290] ? lock_downgrade+0x6d0/0x6d0 [ 1521.865131] ? find_held_lock+0x2c/0x110 [ 1521.865964] ? io_submit_sqes+0x86a0/0x86a0 [ 1521.866850] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1521.867830] ? wait_for_completion_io+0x270/0x270 [ 1521.868824] ? rcu_read_lock_any_held+0x75/0xa0 [ 1521.869765] ? vfs_write+0x354/0xa30 [ 1521.870525] ? fput_many+0x2f/0x1a0 [ 1521.871263] ? ksys_write+0x1a9/0x260 [ 1521.872045] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.873110] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1521.874156] do_syscall_64+0x33/0x40 [ 1521.874916] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1521.875945] RIP: 0033:0x7fe0662fcb19 [ 1521.876696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.880408] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1521.881956] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1521.883387] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1521.884829] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.886266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.887707] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:38:33 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:33 executing program 1: r0 = syz_io_uring_setup(0x4d50, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5e, 0x184, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a5, 0x0, @perf_config_ext={0x401, 0x80000000}, 0x0, 0x3, 0x0, 0x9, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x100010, r0, 0x8000000) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/protocols\x00') syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000080)=@in={0x2, 0x4e24, @local}}, 0x500) io_uring_enter(r0, 0x327c, 0xfffffffd, 0x0, 0x0, 0xfffffffffffffe3c) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) 23:38:33 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) 23:38:33 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) [ 1522.078562] FAULT_INJECTION: forcing a failure. [ 1522.078562] name failslab, interval 1, probability 0, space 0, times 0 [ 1522.081223] CPU: 1 PID: 8983 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1522.082599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1522.084357] Call Trace: [ 1522.084948] dump_stack+0x107/0x167 [ 1522.085673] should_fail.cold+0x5/0xa [ 1522.086420] ? create_object.isra.0+0x3a/0xa20 [ 1522.087357] should_failslab+0x5/0x20 [ 1522.088123] kmem_cache_alloc+0x5b/0x360 [ 1522.088948] ? mark_held_locks+0x9e/0xe0 [ 1522.089774] create_object.isra.0+0x3a/0xa20 [ 1522.090631] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1522.091661] kmem_cache_alloc_bulk+0x168/0x320 [ 1522.092576] io_submit_sqes+0x707f/0x86a0 [ 1522.093465] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1522.094443] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1522.095438] ? lock_downgrade+0x6d0/0x6d0 [ 1522.096271] ? find_held_lock+0x2c/0x110 [ 1522.097118] ? io_submit_sqes+0x86a0/0x86a0 [ 1522.097999] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1522.098972] ? wait_for_completion_io+0x270/0x270 [ 1522.099945] ? rcu_read_lock_any_held+0x75/0xa0 [ 1522.100891] ? vfs_write+0x354/0xa30 [ 1522.101644] ? fput_many+0x2f/0x1a0 [ 1522.102380] ? ksys_write+0x1a9/0x260 [ 1522.103155] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1522.104206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1522.105252] do_syscall_64+0x33/0x40 [ 1522.106006] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1522.107043] RIP: 0033:0x7faadcd8fb19 [ 1522.107792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.111490] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1522.113014] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1522.114448] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1522.115882] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1522.117322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1522.118749] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1522.123388] FAULT_INJECTION: forcing a failure. [ 1522.123388] name failslab, interval 1, probability 0, space 0, times 0 [ 1522.126252] CPU: 0 PID: 8985 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1522.127801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1522.129677] Call Trace: [ 1522.130280] dump_stack+0x107/0x167 [ 1522.131117] should_fail.cold+0x5/0xa [ 1522.131984] ? create_object.isra.0+0x3a/0xa20 [ 1522.133028] should_failslab+0x5/0x20 [ 1522.133901] kmem_cache_alloc+0x5b/0x360 [ 1522.134825] ? mark_held_locks+0x9e/0xe0 [ 1522.135795] create_object.isra.0+0x3a/0xa20 [ 1522.136796] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1522.137978] kmem_cache_alloc_bulk+0x168/0x320 [ 1522.139022] io_submit_sqes+0x707f/0x86a0 [ 1522.140007] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1522.141147] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1522.142245] ? lock_downgrade+0x6d0/0x6d0 [ 1522.143191] ? find_held_lock+0x2c/0x110 [ 1522.144103] ? io_submit_sqes+0x86a0/0x86a0 [ 1522.145082] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1522.146158] ? wait_for_completion_io+0x270/0x270 [ 1522.147253] ? rcu_read_lock_any_held+0x75/0xa0 [ 1522.148286] ? vfs_write+0x354/0xa30 [ 1522.149145] ? fput_many+0x2f/0x1a0 [ 1522.149961] ? ksys_write+0x1a9/0x260 [ 1522.150820] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1522.151984] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1522.153150] do_syscall_64+0x33/0x40 [ 1522.153998] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1522.155139] RIP: 0033:0x7fb90a2beb19 [ 1522.155971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.160099] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1522.161810] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1522.163458] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1522.165098] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1522.166732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1522.168391] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:38:49 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 23:38:49 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 23:38:49 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 23:38:49 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:49 executing program 1: r0 = syz_io_uring_setup(0x4d50, &(0x7f0000000080)={0x0, 0x0, 0x10}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffc000/0x2000)=nil) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x271a, &(0x7f0000000100)={0x0, 0x393c, 0x0, 0x0, 0x373, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) syz_io_uring_setup(0x5f6f, &(0x7f0000000240)={0x0, 0x97a0, 0x20, 0x1, 0x1e9, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000002c0), &(0x7f0000000300)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r5}}, 0x7f) syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r5}}, 0x80000000) 23:38:49 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) 23:38:49 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:38:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(0x0, 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1537.765572] FAULT_INJECTION: forcing a failure. [ 1537.765572] name failslab, interval 1, probability 0, space 0, times 0 [ 1537.767989] CPU: 1 PID: 9004 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1537.769382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1537.771052] Call Trace: [ 1537.771598] dump_stack+0x107/0x167 [ 1537.772343] should_fail.cold+0x5/0xa [ 1537.773140] ? create_object.isra.0+0x3a/0xa20 [ 1537.774068] should_failslab+0x5/0x20 [ 1537.774839] kmem_cache_alloc+0x5b/0x360 [ 1537.775663] ? mark_held_locks+0x9e/0xe0 [ 1537.776489] create_object.isra.0+0x3a/0xa20 [ 1537.777389] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1537.778423] kmem_cache_alloc_bulk+0x168/0x320 [ 1537.779357] io_submit_sqes+0x707f/0x86a0 [ 1537.780241] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.781269] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.781500] FAULT_INJECTION: forcing a failure. [ 1537.781500] name failslab, interval 1, probability 0, space 0, times 0 [ 1537.782268] ? lock_downgrade+0x6d0/0x6d0 [ 1537.782284] ? find_held_lock+0x2c/0x110 [ 1537.782309] ? io_submit_sqes+0x86a0/0x86a0 [ 1537.782337] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1537.782360] ? wait_for_completion_io+0x270/0x270 [ 1537.789053] ? rcu_read_lock_any_held+0x75/0xa0 [ 1537.789993] ? vfs_write+0x354/0xa30 [ 1537.790752] ? fput_many+0x2f/0x1a0 [ 1537.791473] ? ksys_write+0x1a9/0x260 [ 1537.792243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1537.793276] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1537.794323] do_syscall_64+0x33/0x40 [ 1537.795120] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1537.796163] RIP: 0033:0x7fe0662fcb19 [ 1537.796890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.800648] RSP: 002b:00007fe063872188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1537.802196] RAX: ffffffffffffffda RBX: 00007fe06640ff60 RCX: 00007fe0662fcb19 [ 1537.803634] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1537.805085] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.806514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1537.807940] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 [ 1537.809430] CPU: 0 PID: 9006 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1537.810852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1537.812557] Call Trace: [ 1537.813112] dump_stack+0x107/0x167 [ 1537.813877] should_fail.cold+0x5/0xa [ 1537.814677] should_failslab+0x5/0x20 [ 1537.815463] kmem_cache_alloc_bulk+0x4b/0x320 [ 1537.816395] io_submit_sqes+0x707f/0x86a0 [ 1537.817314] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.818330] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.819309] ? lock_downgrade+0x6d0/0x6d0 [ 1537.820167] ? find_held_lock+0x2c/0x110 [ 1537.821003] ? io_submit_sqes+0x86a0/0x86a0 [ 1537.821903] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1537.822909] ? wait_for_completion_io+0x270/0x270 [ 1537.823897] ? rcu_read_lock_any_held+0x75/0xa0 [ 1537.824845] ? vfs_write+0x354/0xa30 [ 1537.825633] ? fput_many+0x2f/0x1a0 [ 1537.826403] ? ksys_write+0x1a9/0x260 [ 1537.827208] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1537.828235] FAULT_INJECTION: forcing a failure. [ 1537.828235] name failslab, interval 1, probability 0, space 0, times 0 [ 1537.828302] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1537.828329] do_syscall_64+0x33/0x40 [ 1537.832303] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1537.833362] RIP: 0033:0x7fb90a2beb19 [ 1537.834133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.837917] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1537.839478] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1537.840946] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1537.842422] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.843890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1537.845372] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1537.846895] CPU: 1 PID: 9003 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1537.848269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1537.849941] Call Trace: [ 1537.850475] dump_stack+0x107/0x167 [ 1537.851210] should_fail.cold+0x5/0xa [ 1537.851975] ? create_object.isra.0+0x3a/0xa20 [ 1537.852892] should_failslab+0x5/0x20 [ 1537.853665] kmem_cache_alloc+0x5b/0x360 [ 1537.854478] ? mark_held_locks+0x9e/0xe0 [ 1537.855297] create_object.isra.0+0x3a/0xa20 [ 1537.856183] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1537.857209] kmem_cache_alloc_bulk+0x168/0x320 [ 1537.858130] io_submit_sqes+0x707f/0x86a0 [ 1537.859002] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.859997] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1537.860968] ? lock_downgrade+0x6d0/0x6d0 [ 1537.861812] ? find_held_lock+0x2c/0x110 [ 1537.862633] ? io_submit_sqes+0x86a0/0x86a0 [ 1537.863507] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1537.864478] ? wait_for_completion_io+0x270/0x270 [ 1537.865455] ? rcu_read_lock_any_held+0x75/0xa0 [ 1537.866385] ? vfs_write+0x354/0xa30 [ 1537.867138] ? fput_many+0x2f/0x1a0 [ 1537.867876] ? ksys_write+0x1a9/0x260 [ 1537.868650] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1537.869705] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1537.870743] do_syscall_64+0x33/0x40 [ 1537.871497] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1537.872522] RIP: 0033:0x7faadcd8fb19 [ 1537.873288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.876976] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1537.878512] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1537.879939] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1537.881373] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.882797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1537.884222] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:38:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(0x0, 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1538.031782] device veth0_vlan entered promiscuous mode 23:38:49 executing program 1: r0 = syz_io_uring_setup(0x5e14, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:38:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(0x0, 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:38:49 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) 23:38:49 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) 23:38:49 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) 23:38:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1538.267098] FAULT_INJECTION: forcing a failure. [ 1538.267098] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1538.271369] CPU: 0 PID: 9022 Comm: syz-executor.7 Not tainted 5.10.172 #1 [ 1538.272801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1538.274557] Call Trace: [ 1538.275112] dump_stack+0x107/0x167 [ 1538.275880] should_fail.cold+0x5/0xa [ 1538.276682] _copy_to_user+0x2e/0x180 [ 1538.277491] simple_read_from_buffer+0xcc/0x160 [ 1538.278451] proc_fail_nth_read+0x198/0x230 [ 1538.279336] ? proc_sessionid_read+0x230/0x230 [ 1538.280283] ? proc_sessionid_read+0x230/0x230 [ 1538.281230] vfs_read+0x228/0x580 [ 1538.281950] ksys_read+0x12d/0x260 [ 1538.282677] ? vfs_write+0xa30/0xa30 [ 1538.283465] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1538.284530] do_syscall_64+0x33/0x40 [ 1538.285320] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1538.286370] RIP: 0033:0x7fe0662af69c [ 1538.287154] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1538.290922] RSP: 002b:00007fe063872170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1538.292526] RAX: ffffffffffffffda RBX: 000000000000030e RCX: 00007fe0662af69c [ 1538.294025] RDX: 000000000000000f RSI: 00007fe0638721e0 RDI: 0000000000000005 [ 1538.295526] RBP: 00007fe0638721d0 R08: 0000000000000000 R09: 0000000000000000 [ 1538.297045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1538.298535] R13: 00007ffcd64a976f R14: 00007fe063872300 R15: 0000000000022000 23:38:49 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) 23:38:49 executing program 1: r0 = syz_io_uring_setup(0x731f, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) r1 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r1, 0x76d3, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x5, 0x10, r0, 0x8000000) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1538.386020] FAULT_INJECTION: forcing a failure. [ 1538.386020] name failslab, interval 1, probability 0, space 0, times 0 [ 1538.389373] CPU: 0 PID: 9034 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1538.390749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1538.392409] Call Trace: [ 1538.392964] dump_stack+0x107/0x167 [ 1538.393729] should_fail.cold+0x5/0xa [ 1538.394503] ? create_object.isra.0+0x3a/0xa20 [ 1538.395438] should_failslab+0x5/0x20 [ 1538.396219] kmem_cache_alloc+0x5b/0x360 [ 1538.397054] ? mark_held_locks+0x9e/0xe0 [ 1538.397868] create_object.isra.0+0x3a/0xa20 [ 1538.398747] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1538.399792] kmem_cache_alloc_bulk+0x168/0x320 [ 1538.400733] io_submit_sqes+0x707f/0x86a0 [ 1538.401646] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1538.402639] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1538.403616] ? lock_downgrade+0x6d0/0x6d0 [ 1538.404444] ? find_held_lock+0x2c/0x110 [ 1538.405311] ? io_submit_sqes+0x86a0/0x86a0 [ 1538.406185] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1538.407181] ? wait_for_completion_io+0x270/0x270 [ 1538.408176] ? rcu_read_lock_any_held+0x75/0xa0 [ 1538.409138] ? vfs_write+0x354/0xa30 [ 1538.409913] ? fput_many+0x2f/0x1a0 [ 1538.410644] ? ksys_write+0x1a9/0x260 [ 1538.411466] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1538.412511] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1538.413577] do_syscall_64+0x33/0x40 [ 1538.414354] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1538.415439] RIP: 0033:0x7faadcd8fb19 [ 1538.416200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1538.419971] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1538.421567] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1538.423062] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1538.424576] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1538.426136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1538.427590] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1538.433505] FAULT_INJECTION: forcing a failure. [ 1538.433505] name failslab, interval 1, probability 0, space 0, times 0 [ 1538.436575] CPU: 0 PID: 9033 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1538.438005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1538.439700] Call Trace: [ 1538.440250] dump_stack+0x107/0x167 [ 1538.441007] should_fail.cold+0x5/0xa [ 1538.441818] ? create_object.isra.0+0x3a/0xa20 [ 1538.442780] should_failslab+0x5/0x20 [ 1538.443566] kmem_cache_alloc+0x5b/0x360 [ 1538.444405] create_object.isra.0+0x3a/0xa20 [ 1538.445321] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1538.446374] kmem_cache_alloc_bulk+0x168/0x320 [ 1538.447330] io_submit_sqes+0x707f/0x86a0 [ 1538.448236] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1538.449285] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1538.450300] ? lock_downgrade+0x6d0/0x6d0 [ 1538.451167] ? find_held_lock+0x2c/0x110 [ 1538.452026] ? io_submit_sqes+0x86a0/0x86a0 [ 1538.452946] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1538.453986] ? wait_for_completion_io+0x270/0x270 [ 1538.455008] ? rcu_read_lock_any_held+0x75/0xa0 [ 1538.455983] ? vfs_write+0x354/0xa30 [ 1538.456777] ? fput_many+0x2f/0x1a0 [ 1538.457552] ? ksys_write+0x1a9/0x260 [ 1538.458361] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1538.459466] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1538.460558] do_syscall_64+0x33/0x40 [ 1538.461357] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1538.462422] RIP: 0033:0x7fb90a2beb19 [ 1538.463206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1538.467066] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1538.468664] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1538.470171] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1538.471663] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1538.473169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1538.474650] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:38:49 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1000000) 23:38:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) socketpair(0x29, 0x80000, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_ACCEPT={0xd, 0x2, 0x0, r3, &(0x7f0000000080)=0x80, &(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x0, 0x80800, 0x1}, 0x200) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:38:50 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:07 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 23:39:07 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) 23:39:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:39:07 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:07 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 23:39:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x7b}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r3, 0xffffffffffffffff, 0x0) openat(r3, &(0x7f0000000080)='./file0\x00', 0x703, 0x141) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1556.290428] FAULT_INJECTION: forcing a failure. [ 1556.290428] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.292829] CPU: 0 PID: 9057 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1556.294226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1556.295914] Call Trace: [ 1556.296409] FAULT_INJECTION: forcing a failure. [ 1556.296409] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.296460] dump_stack+0x107/0x167 [ 1556.296485] should_fail.cold+0x5/0xa [ 1556.300268] ? create_object.isra.0+0x3a/0xa20 [ 1556.301211] should_failslab+0x5/0x20 [ 1556.302024] kmem_cache_alloc+0x5b/0x360 [ 1556.302863] ? mark_held_locks+0x9e/0xe0 [ 1556.303717] create_object.isra.0+0x3a/0xa20 [ 1556.304636] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1556.305699] kmem_cache_alloc_bulk+0x168/0x320 [ 1556.306657] io_submit_sqes+0x707f/0x86a0 [ 1556.307558] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1556.308580] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1556.309608] ? lock_downgrade+0x6d0/0x6d0 [ 1556.310463] ? find_held_lock+0x2c/0x110 [ 1556.311322] ? io_submit_sqes+0x86a0/0x86a0 [ 1556.312221] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1556.313232] ? wait_for_completion_io+0x270/0x270 [ 1556.314233] ? rcu_read_lock_any_held+0x75/0xa0 [ 1556.315189] ? vfs_write+0x354/0xa30 [ 1556.315966] ? fput_many+0x2f/0x1a0 [ 1556.316717] ? ksys_write+0x1a9/0x260 [ 1556.317528] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1556.318608] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.319695] do_syscall_64+0x33/0x40 [ 1556.320467] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1556.321549] RIP: 0033:0x7faadcd8fb19 [ 1556.322321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.326099] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1556.327686] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1556.329152] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1556.330626] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.332090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.333574] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1556.335126] CPU: 1 PID: 9069 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1556.336531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1556.338225] Call Trace: [ 1556.338777] dump_stack+0x107/0x167 [ 1556.339516] should_fail.cold+0x5/0xa [ 1556.340305] ? create_object.isra.0+0x3a/0xa20 [ 1556.341238] should_failslab+0x5/0x20 [ 1556.342036] kmem_cache_alloc+0x5b/0x360 [ 1556.342864] ? mark_held_locks+0x9e/0xe0 [ 1556.343724] create_object.isra.0+0x3a/0xa20 [ 1556.344612] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1556.345671] kmem_cache_alloc_bulk+0x168/0x320 [ 1556.346607] io_submit_sqes+0x707f/0x86a0 [ 1556.347487] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1556.348493] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1556.349512] ? lock_downgrade+0x6d0/0x6d0 [ 1556.350353] ? find_held_lock+0x2c/0x110 [ 1556.351188] ? io_submit_sqes+0x86a0/0x86a0 [ 1556.352075] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1556.353079] ? wait_for_completion_io+0x270/0x270 [ 1556.354078] ? rcu_read_lock_any_held+0x75/0xa0 [ 1556.355022] ? vfs_write+0x354/0xa30 [ 1556.355798] ? fput_many+0x2f/0x1a0 [ 1556.356534] ? ksys_write+0x1a9/0x260 [ 1556.357474] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1556.358584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.359834] do_syscall_64+0x33/0x40 [ 1556.360604] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1556.361677] RIP: 0033:0x7fb90a2beb19 [ 1556.362454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.366185] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1556.367760] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1556.369206] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1556.370677] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.372129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1556.373583] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1556.567113] device veth0_vlan entered promiscuous mode 23:39:22 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 23:39:22 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x500, 0x0) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:22 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:22 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x10000000000) 23:39:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 23:39:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 23:39:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1571.117546] FAULT_INJECTION: forcing a failure. [ 1571.117546] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.121248] CPU: 1 PID: 9091 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1571.122773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1571.124563] Call Trace: [ 1571.125152] dump_stack+0x107/0x167 [ 1571.125970] should_fail.cold+0x5/0xa [ 1571.126813] ? create_object.isra.0+0x3a/0xa20 [ 1571.127802] should_failslab+0x5/0x20 [ 1571.128643] kmem_cache_alloc+0x5b/0x360 [ 1571.129542] ? mark_held_locks+0x9e/0xe0 [ 1571.130432] create_object.isra.0+0x3a/0xa20 [ 1571.131371] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 23:39:22 executing program 1: r0 = syz_io_uring_setup(0x48e7, &(0x7f0000000040), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_evm(r3, &(0x7f0000000100), &(0x7f0000000140)=@v1={0x2, "495788b6429bb85f972091"}, 0xc, 0x2) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1571.132468] kmem_cache_alloc_bulk+0x168/0x320 [ 1571.133553] io_submit_sqes+0x707f/0x86a0 [ 1571.134489] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.135564] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.136614] ? lock_downgrade+0x6d0/0x6d0 [ 1571.137517] ? find_held_lock+0x2c/0x110 [ 1571.138404] ? io_submit_sqes+0x86a0/0x86a0 [ 1571.139353] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1571.140397] ? wait_for_completion_io+0x270/0x270 [ 1571.141443] ? rcu_read_lock_any_held+0x75/0xa0 [ 1571.142466] ? vfs_write+0x354/0xa30 [ 1571.143281] ? fput_many+0x2f/0x1a0 [ 1571.144069] ? ksys_write+0x1a9/0x260 [ 1571.144905] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1571.146048] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.147177] do_syscall_64+0x33/0x40 [ 1571.147981] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1571.149087] RIP: 0033:0x7faadcd8fb19 [ 1571.149899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.153846] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1571.155493] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1571.157040] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1571.158583] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.160124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1571.161682] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1571.189021] FAULT_INJECTION: forcing a failure. [ 1571.189021] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.192427] CPU: 1 PID: 9096 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1571.194137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1571.196207] Call Trace: [ 1571.196881] dump_stack+0x107/0x167 [ 1571.197818] should_fail.cold+0x5/0xa [ 1571.198776] ? create_object.isra.0+0x3a/0xa20 [ 1571.199969] should_failslab+0x5/0x20 [ 1571.200926] kmem_cache_alloc+0x5b/0x360 [ 1571.201978] ? mark_held_locks+0x9e/0xe0 [ 1571.203001] create_object.isra.0+0x3a/0xa20 [ 1571.204091] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1571.205353] kmem_cache_alloc_bulk+0x168/0x320 [ 1571.206507] io_submit_sqes+0x707f/0x86a0 [ 1571.207580] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.208805] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.210011] ? lock_downgrade+0x6d0/0x6d0 23:39:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x0) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1571.211026] ? find_held_lock+0x2c/0x110 [ 1571.212261] ? io_submit_sqes+0x86a0/0x86a0 [ 1571.213341] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1571.214547] ? wait_for_completion_io+0x270/0x270 [ 1571.215744] ? rcu_read_lock_any_held+0x75/0xa0 [ 1571.216901] ? vfs_write+0x354/0xa30 [ 1571.217841] ? fput_many+0x2f/0x1a0 [ 1571.218751] ? ksys_write+0x1a9/0x260 [ 1571.219701] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1571.220995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.222301] do_syscall_64+0x33/0x40 [ 1571.223233] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1571.224489] RIP: 0033:0x7fb90a2beb19 [ 1571.225415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.229967] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1571.231871] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1571.233641] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1571.235390] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.237132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1571.238898] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:22 executing program 1: r0 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, 0x6a, 0x878c5bf8df414e27, 0x0, 0x0, {0x0, 0x2}, [@nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x20}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000001340)=ANY=[@ANYBLOB="010000000140000018000000", @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYBLOB="000000bfc7b8afa39a233201569f08a0e92d7844dcfea803f0ffff686c6530000c94361192af574a9f188c9836c006f4d09f01752255709dee595013ab41d44292a1a3cdc76a728c9ac5fe5ef68676c1a2753c6678b276d2121f4b746e9980ae56ee89916d462d9768691af760cfa88ca2891eab9fc23ff746d3cc8f43fd"]) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000340)={{r2}, "2c4f98c911a83987d88d32f92285ffb27ef335dd3eaabe87fcf0b8dca40359d74c033b2ad4edfb99955d35a1f3f1a097298cc5f793c2b59b3d87a2cb99156442b10b3a12c137843d78522f7bffbf536a97ea662d2d4c7e7aa0c94c977b90670d2f2db91955264b9b954ee9a2c3630a8600ba3ea14b4779957fe9cde6976d6c14abc0979a08a5777a4ecf924d1b549233b0519c91abcdf7b02eb2f9da0736803b7e233aa22e2b8ae4d45608095aeede21c7f55ff4c402141ae6024543aa33ca2077e8489ad80a1876db8f21cd71e4dee003b0cf8c8c2f3d99f45160bc138103f30a0398b7ceb1bac1defa1c9e29357efcd1618611929a9c7692ed6a2b43cd2f36f4162e8a29c892e59b9d19e58d5e5a97289d359850d8ad1690d5883c327f1bed468d738e69a84d289acdfe9572f6123f3e8c0fe66566b8af3e699513a58cfd84b86d7f62bb163a351aba7750992d49a56bbc476877ad0817431f9cc3d66011dc26d3e1b8de83dbae238d2dde809f175c726ed0344c3847a56435acf71716fc7f07acfc76b58cbda47d44d9326452c9460273ea9755d91ccaebd45c5b1f906b785d5c38d0110bbc9c4a03b07a048c0a2dec767a1d160859f551656e9578047a498e5c184011439331658ed00f662c9b4e3c8c3c840483fadbae819a5b6c0628eeb9d0d0de17235056293334408ae7a98880af5f765f30647e1557e1ac93c7715aa9ac23a79cf7802a338bbe935473fd4081b9b70deedf369ef3c93f7e6d50a8ac52d45e93f055ded7ab57f172daa5eab536ff199827c9f522cd42c9010131fe77a5c4dd46b75255f6d632c47692e586ed5ce467aa0d0c9f4ed412e443155f2275f404855910b135e1a47518bf48d5138fd05bb020639d0ad79edc69d1e2d977645fae99a42247d1dd039ad6a0e8b7ae250bcca38f386a27fb2c20107347c9957b513d85abceda17941d1a4f5c1a73fb0363c389651d90865d65979a2c0b6c9a3a5aa58fcf4462a3ef433a0731f9838a7a04ccfe64878ad8131b3374677cd340460fd427452a7cfe48aa40ceb5b0fe39d84056617bab0ed37e09230e3c760a2327abba528ea2e91439d41e603c9b71e9384f08a0e8a9b012672d78cf69c61e937428ca538f170656112e1496b0624c30ab5d2161ebc22deed2280b1304f3dd99f5b8cfb6e849e18ad41de9e0f336802ed0d82bd570e154c8e8e3415e0744c11c7b038a6f9172a0f23bebeef871a170f64b13299dd531bdc8c5b72db24b3e64c35a1d43e919c8b0c5a5a59c72dcc8f419b5f16e95fe0bdaf7104698ad7b2ce53b66938b2f5fa573a042b6a470a9a1916e003799a5fd59d7f25ab4b9de25bc2b4f21d6457c68e9f93eaaea92751bcc23c80ca92adadc088c070824f0311e48f50392260043b3f0452f5657f565d9ba461943bafa6b7c1f4746e91c079cee461b7796347826738668aa1e81b99e12c881380f9d25d86896fbde659e43b4d94015bb77956849b22b3de277f5fe883595616dd001654f581312e20493c86f03b78b3aea7c2dff780e128418065d4c9eec9c6619a518461618ae60a02bff9674bba8dbd77cfcd37267617ffc73a2d4b27b41019e35ba975d71a83ee5042b6c65c24a1c481f72bc8e2b1095731da89f8df1291afa5a36dc10e2bdd393e76e9e740ec76cbe7aceb54d5061d1ce430a0f3f61b3d2984bfb353d6b44c174549ae78608c3066204bdf2b6ae8eb897d0cd7827fbd0bb1f7d8765df05f3d0dc86536457f5438827bb42cffc24da690aa2fb9019d6f61a0e5fca8f7c1e18405b776769ada250c16a803fa53a5737dc63046c64b661411fdb5abede44030dc510b51ce6a97e62bc92b52df51dcb3aeb229fa575ad5dcb90bf4493ccd03c0450feab6a660508d6a87da528ab79d4115a8d45627e1f02f0637b40dda8ab86e2908d3b1599c3a80fc411d4f7a7e8ff2ce735bf8c3b32e5a4e12be01de47c2379c8ad75420c9bd10eb62a68884aaf64c7ba6df99bdbcfb1f3f67a6a805d7fbb19e3be7f30ac936b8a1ed2c9111f25f26d91f07dc862d5f43c9744ea503e96a21949b50fa11153017e2ed622ba8da7dd5d80ac624c0c89f7ff0e198ca2932473765470c48318b68bbe2bd86366a12d8fcb997679f82f2d4c0ef979965140dad71cebafa35076bcff125cae9a8e2935efbe5af6ffe7110a3e1050f904263cff124991901de29221e2b162f520d726c73d41b7afa32b37b2cd476f65bd9009fda9d2420f12d1c4bda2605db6bf8847bd166b5ba8f41044204b2119627710a5cbc11bfb7795e150c43b798798f367512f1331011247d9276244e11f6137ad603de3de91857873657b47a01c769329cf10ba06f1beabfd78a2fd3fdfb790b7e15ec146cc4d35699e925aecde72a769f86c914031ea1bcbce9830d1a4c3eb0f2737d4520dbdef133c1d7dcf131340bdc2a6f82215bc58e4548c94031c6491ba17ff4f1c4284d7cfb2cfd313482e8c4930be3509e97118641109e0a5b8850f3f7784eb635e80e4176c3df4b8cd74474b9e913ca9eb2eb9b28fd86fd2aaa7a9cfcb947ab032ae91e66e1ace457255b6f7dceb8ecbe0625d95098df19dd1df7d85b62cbb0e1e3e0308832df6556e2ba78d8c2ed812dde50aa3eb9bb3bd6fbc804f0565d556c7d2105dbee6710d8c9aa21d4bfc029d7fffe4f997b1055a54e256d2ac543cd842b72f2d83a6c40173d48e2cca2b78cf01312bee21c347d860610a60fa0c150a059c2911028078a5bc84e03c31b5701cd411afb489a083be681f4f4f147f4e22ce6cffb58f77a7f4e379bb92f82764bb87cc492b4621c15ffaf331253ae61fc1d08aff647f259b4b2d85eddb6a7cc609893c20b39f64c3c98eb2aee9c8ecd718c769a2c4f87c94fe7882962e6569f17d54db4846ed61798bfdb8c486e241aa855ffbd0cb0591569ea8cd613676a8f2fa5d95fb9e70651add5ffef8491b4f61e23ba4e6754c954b1c7634461eb346f7548498373336d03bf0ce047ce868644bc3c18035815feaae106b094aaa85f4232f4dc7ba2168fcf6c20690c0df1d5d46942d9ce2761a7963685075ba7d99ea96f488e6e266e050ed34663164982a73febade1402f0acc424a48e1fe9521d107870b3f9ad6d324ea2920834958507f2d16b9469f3ff78c41a0b565b87a17e28b14f3416462717d458c6561a261cd0dc06f6410040afa68ec2ddd58e1d0136f4ec117f7b8777067c657b03be3cce3a2cc29356bfa5bf46fa51a13b351ca7555a2c0902e334715c284e38c26492be6539bcff3a44ef85646b308d9f3e76872cda63c041b7df24589a94730239887935c6c4347f3565ae6d4379630ceb48280751594a545308f77f2c3a04a28574bea39faa55d569afa4702a89096416501b7aa40e36f27b32c45acfbd59b715d9163effa556dedfad283c37426918bc879ccaab2926f68b31eb030b173448cdfa70a955f9b4328bef6694d6a65c5f0ebef1c70286db9fe9b7ee8c608194610f6feeb7f2663f43c3576b54a45b2f2cab52e081098f506b79628bb17e1f6feeac2e33f5bb01f4066343c9cedcd5cc9be447f14848ab07276dee6172ed66223ee0ee170d4bfff1aea98d8af87e2222ffe3fa6d84aa4896a506732e60cab8b9c08b843127a47cfa760298c4e8041d32b27ef68ae5caf543cc836f35a725ca2b81d163b06d4c9b334a411c5e4af4e6c2f8ef15f2f5fccf4e70a0e80413310d0715bad41014df6a20b3f6170074142ab38738b4d928941cfe311eb09d05eab686c2289d325c25296d31c2463856b16e6526194c4fbe30fa02ecd97d1e8e5614a1681005a3ec2b8e64cbdd017e804f288e688fecaeb7a0a97d4c69be2536cfc67461dbf7265612c6475bd56b17d83a70ed9eacb9f4e3db22b406fde4bf684b6661c0ed8a6f3ec79dbdec4def7c0515e66fe4a82ac81d8baf89dae9ca2419bb113cfd007d726446038a1c2a5e9a259792f54228320c2785bcb2eb5c16c0d89b112a56946801605516dd009806ecf37ad60e15472c0359d8f3b110bc29b09841ca734cd89ac766ebc037430d3216c46903a0b99ed299a45a5d1bafd2b822daaf6fe98134bd4f1eb890260d165f2ffe64d2493c32622a6b40e96c03e8677429c34ded1719f71a13e494564220a31408367856c438b0c90cc0e56b2510e79ed3ea24709fae938216836579375288eb6207b9208cb0380df44576e2b8d4d581aabb53ca13dc4d8f4d61f67fe7fc0e2f50c0d92b8bb1f672ca6548b9c28e99c5e79593280377c2f8f488320094b42620f7aab47e1d488a551b68ee94481e39f3881c492f3cdf19d31d1640e115c94f5efabf18704bbcf24575ea21a373d318eafaa72bf304b216eafe8ec5ff7542c86a6534ca3ed5a975ea0bf0a581566223b86a12eac4bb437b22be5bccfa155486f78d6e0d665894cae31011f3e7a5326fa5042a8c4280a8b5dfe5a34b0cc43d5cb1a1fdd16ecd7ba242fa674f352d8045bff9b71d93d5c16389cee73b606f9cac507846f5ff6b0ea4dce4082760d9b1564a3ad262fa2728e81d16a8f32fac416f3292b9ad1d60b4a0887fe6d1d61920579b1c6f0fcfdb61c14ced5e662ad9cfd44995d56eda03c8b675236960279d979a131a06479b5329e35297f4d27a7b09c7f07655fbba414fc78128ee8a1fda11d2b4770b4c1d8e23ec7681a9ccb9714a9cb942b0aab2be288ed174c7948d4bd3ef862ec134794b43e348573b327d78deebf1256b95c99fbea7fac62143cbfc5a0230b5cb958b2b6019b4b2a8ae92cf45de28cd5182ce6de50b98ae6de4a7e3df79a0b39eaa0b67d6062e29139b0f1204cd953c961fcf6ab3b4dd65a1563668dbfe354cb2272803357d039710444fce336c383ad0c533db02c4bd62c2994c1d984d459143ba42d806d50ac8a4406b6e0cc81ab33e721c98f9c28d7873c3a30265644ae202a32e521e04bf410f0ddeec794f56ffefb94c013e8c2c8dd6cb6a124143fe0de2c286f4fae2c959b8c0a24740aca24a925d0cd404f2f0127c5ff88b63a89adb9bc69a69d4d1dd048e68c27162fd34bc302cd9cec731e0bcf78c858d46cb4774967bbe8f0bb7db336b467b8a59033f4708ecc02a42b5adaea0f4f50b12a4d386b993984162b69c82f921d780237bf9db6a49b3d3b5b5341da13df7b0083966451680beae87b829afef4ff970333e7460cb0ff6c8591b7b194bb70fe32befc83c688a2481819eb36b2aa1cb793046636917f1fcd2792088f33d929bb1f2ebd74b24948076562482192ebcaea1a390dbb39fa912d6a2e9e51cbb8ce59eddb1cc444080f3c44ed9a731c37f88e15e160547b37070aaf460fe2691453a5f3238490d1d838e0d65c75a14c9373a06bf91bc4502e12e9498d7c6d281199a549e8ae675ac8c8434bc21089806ac0c39fa953b5488b8264f095d51c3d66482e2c8fd1aa4cbff083a8f131e3f222165546290601ce3717f864581db459392e313246d1d458ea440e90e954ca2801a70fed3021b288273d5e808e3df8a0d18fbe953d7f2052787d8d6bf2c36ddea5aae414dc17b17f0c83ee73c582df0447c9acd5fba6d3595455a39aba272b64cc82feece1c1433d2312ae3297b65d4aef69e267b61fc2effa21c5deb2ed331a2cf61e1901bb828cdf3026582efd3f0fdd5a08d1a4343795eab11e8dcd113f9b8ca9fea6b72ee63640feba7792c3e4987fae863df9463b86edc74a527f8f70e6ae1136dcc6b7319d2505e90d123291cad1654d3540523ffff44b9356aa39f6b13ed87a61d"}) r3 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x14b}, &(0x7f00000a0000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) 23:39:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000) 23:39:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) [ 1571.362331] FAULT_INJECTION: forcing a failure. [ 1571.362331] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.364312] CPU: 0 PID: 9119 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1571.365119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1571.366116] Call Trace: [ 1571.366445] dump_stack+0x107/0x167 [ 1571.366889] should_fail.cold+0x5/0xa [ 1571.367345] ? create_object.isra.0+0x3a/0xa20 [ 1571.367879] should_failslab+0x5/0x20 [ 1571.368319] kmem_cache_alloc+0x5b/0x360 [ 1571.368803] create_object.isra.0+0x3a/0xa20 [ 1571.369324] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1571.369929] kmem_cache_alloc_bulk+0x168/0x320 [ 1571.370471] io_submit_sqes+0x707f/0x86a0 [ 1571.370981] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.371561] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.372141] ? lock_downgrade+0x6d0/0x6d0 [ 1571.372625] ? find_held_lock+0x2c/0x110 [ 1571.373128] ? io_submit_sqes+0x86a0/0x86a0 [ 1571.373642] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1571.374240] ? wait_for_completion_io+0x270/0x270 [ 1571.374836] ? rcu_read_lock_any_held+0x75/0xa0 [ 1571.375412] ? vfs_write+0x354/0xa30 [ 1571.375864] ? fput_many+0x2f/0x1a0 [ 1571.376312] ? ksys_write+0x1a9/0x260 [ 1571.376782] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1571.377419] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.378070] do_syscall_64+0x33/0x40 [ 1571.378522] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1571.379145] RIP: 0033:0x7faadcd8fb19 [ 1571.379598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.381827] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1571.382751] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1571.383621] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1571.384487] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.385351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1571.386231] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1571.455413] device veth0_vlan entered promiscuous mode 23:39:23 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 23:39:23 executing program 1: fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x1) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1571.527412] FAULT_INJECTION: forcing a failure. [ 1571.527412] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.528909] CPU: 0 PID: 9129 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1571.529689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1571.530597] Call Trace: [ 1571.530890] dump_stack+0x107/0x167 [ 1571.531312] should_fail.cold+0x5/0xa [ 1571.531742] ? create_object.isra.0+0x3a/0xa20 [ 1571.532253] should_failslab+0x5/0x20 [ 1571.532677] kmem_cache_alloc+0x5b/0x360 [ 1571.533136] create_object.isra.0+0x3a/0xa20 [ 1571.533624] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1571.534186] kmem_cache_alloc_bulk+0x168/0x320 [ 1571.534696] io_submit_sqes+0x707f/0x86a0 [ 1571.535177] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.535719] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.536256] ? lock_downgrade+0x6d0/0x6d0 [ 1571.536709] ? find_held_lock+0x2c/0x110 [ 1571.537161] ? io_submit_sqes+0x86a0/0x86a0 [ 1571.537646] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1571.538176] ? wait_for_completion_io+0x270/0x270 [ 1571.538707] ? rcu_read_lock_any_held+0x75/0xa0 [ 1571.539224] ? vfs_write+0x354/0xa30 [ 1571.539628] ? fput_many+0x2f/0x1a0 [ 1571.540044] ? ksys_write+0x1a9/0x260 [ 1571.540472] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1571.541061] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.541638] do_syscall_64+0x33/0x40 [ 1571.542063] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1571.542633] RIP: 0033:0x7faadcd8fb19 [ 1571.543058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.545125] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1571.545990] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1571.546798] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1571.547602] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.548406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1571.549213] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:39:23 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 23:39:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) [ 1571.711628] FAULT_INJECTION: forcing a failure. [ 1571.711628] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.715013] CPU: 1 PID: 9137 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1571.716639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1571.719011] Call Trace: [ 1571.719656] dump_stack+0x107/0x167 [ 1571.720699] should_fail.cold+0x5/0xa [ 1571.721614] ? create_object.isra.0+0x3a/0xa20 [ 1571.722912] ? create_object.isra.0+0x3a/0xa20 [ 1571.724005] should_failslab+0x5/0x20 [ 1571.725084] kmem_cache_alloc+0x5b/0x360 [ 1571.726097] create_object.isra.0+0x3a/0xa20 [ 1571.727342] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1571.728583] kmem_cache_alloc_bulk+0x168/0x320 [ 1571.729899] io_submit_sqes+0x707f/0x86a0 [ 1571.730957] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.732361] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1571.733545] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1571.734816] ? _raw_spin_unlock_irq+0x27/0x30 [ 1571.735888] ? io_submit_sqes+0x86a0/0x86a0 [ 1571.737112] ? finish_task_switch+0x126/0x5d0 [ 1571.738190] ? finish_task_switch+0xef/0x5d0 [ 1571.739431] ? __switch_to+0x572/0xff0 [ 1571.740361] ? __switch_to_asm+0x3a/0x60 [ 1571.741517] ? __switch_to_asm+0x34/0x60 [ 1571.742505] ? __schedule+0x850/0x1ed0 [ 1571.743620] ? io_schedule_timeout+0x140/0x140 [ 1571.744722] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1571.746044] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1571.747365] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1571.748846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.750082] do_syscall_64+0x33/0x40 [ 1571.751130] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1571.752331] RIP: 0033:0x7fb90a2beb19 [ 1571.753374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.757705] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1571.759676] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1571.761329] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1571.763010] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.764664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1571.766331] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:36 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 23:39:36 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:36 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 23:39:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 23:39:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x0) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) 23:39:36 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:36 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x100000000000000) 23:39:36 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1585.396358] FAULT_INJECTION: forcing a failure. [ 1585.396358] name failslab, interval 1, probability 0, space 0, times 0 [ 1585.399466] CPU: 1 PID: 9147 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1585.400845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1585.402624] Call Trace: [ 1585.403168] dump_stack+0x107/0x167 [ 1585.403928] should_fail.cold+0x5/0xa [ 1585.404723] ? create_object.isra.0+0x3a/0xa20 [ 1585.405699] should_failslab+0x5/0x20 [ 1585.406506] kmem_cache_alloc+0x5b/0x360 [ 1585.407354] ? mark_held_locks+0x9e/0xe0 [ 1585.408229] create_object.isra.0+0x3a/0xa20 [ 1585.409161] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1585.410230] kmem_cache_alloc_bulk+0x168/0x320 [ 1585.411161] io_submit_sqes+0x707f/0x86a0 [ 1585.412068] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.413066] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.414088] ? lock_downgrade+0x6d0/0x6d0 [ 1585.414922] ? find_held_lock+0x2c/0x110 [ 1585.415778] ? io_submit_sqes+0x86a0/0x86a0 [ 1585.416691] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1585.417720] ? wait_for_completion_io+0x270/0x270 [ 1585.418718] ? rcu_read_lock_any_held+0x75/0xa0 [ 1585.419671] ? vfs_write+0x354/0xa30 [ 1585.420454] ? fput_many+0x2f/0x1a0 [ 1585.421210] ? ksys_write+0x1a9/0x260 [ 1585.422002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1585.422392] FAULT_INJECTION: forcing a failure. [ 1585.422392] name failslab, interval 1, probability 0, space 0, times 0 [ 1585.423069] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1585.423096] do_syscall_64+0x33/0x40 [ 1585.423116] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1585.423129] RIP: 0033:0x7fb90a2beb19 [ 1585.423149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1585.423159] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1585.434509] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1585.435981] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1585.437457] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1585.438950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1585.440424] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1585.441972] CPU: 0 PID: 9159 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1585.443397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1585.445145] Call Trace: [ 1585.445715] dump_stack+0x107/0x167 [ 1585.446491] should_fail.cold+0x5/0xa [ 1585.447288] ? create_object.isra.0+0x3a/0xa20 [ 1585.448248] should_failslab+0x5/0x20 [ 1585.449044] kmem_cache_alloc+0x5b/0x360 [ 1585.449901] ? mark_held_locks+0x9e/0xe0 [ 1585.450754] create_object.isra.0+0x3a/0xa20 [ 1585.451677] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1585.452742] kmem_cache_alloc_bulk+0x168/0x320 [ 1585.453729] io_submit_sqes+0x707f/0x86a0 [ 1585.454632] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.455678] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.456683] ? lock_downgrade+0x6d0/0x6d0 [ 1585.457540] ? find_held_lock+0x2c/0x110 [ 1585.458412] ? io_submit_sqes+0x86a0/0x86a0 [ 1585.459322] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1585.460325] ? wait_for_completion_io+0x270/0x270 [ 1585.461339] ? rcu_read_lock_any_held+0x75/0xa0 [ 1585.462320] ? vfs_write+0x354/0xa30 [ 1585.463098] ? fput_many+0x2f/0x1a0 [ 1585.463856] ? ksys_write+0x1a9/0x260 [ 1585.464675] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1585.465773] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1585.466853] do_syscall_64+0x33/0x40 [ 1585.467634] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1585.468702] RIP: 0033:0x7faadcd8fb19 [ 1585.469459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1585.473284] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1585.474874] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1585.476343] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1585.477828] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1585.479298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1585.480776] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:39:37 executing program 1: r0 = syz_io_uring_setup(0x4d4e, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x80010, r0, 0x0) r4 = dup2(r0, r0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x30, r0, 0x10000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000080), 0x1) 23:39:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 23:39:37 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 23:39:37 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000) [ 1585.689581] device veth0_vlan entered promiscuous mode 23:39:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 23:39:37 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1585.780596] FAULT_INJECTION: forcing a failure. [ 1585.780596] name failslab, interval 1, probability 0, space 0, times 0 [ 1585.783110] CPU: 0 PID: 9174 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1585.784519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1585.786236] Call Trace: [ 1585.786787] dump_stack+0x107/0x167 [ 1585.787545] should_fail.cold+0x5/0xa [ 1585.788341] ? create_object.isra.0+0x3a/0xa20 [ 1585.789291] should_failslab+0x5/0x20 [ 1585.790115] kmem_cache_alloc+0x5b/0x360 [ 1585.790963] ? mark_held_locks+0x9e/0xe0 [ 1585.791807] create_object.isra.0+0x3a/0xa20 [ 1585.792711] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1585.793773] kmem_cache_alloc_bulk+0x168/0x320 [ 1585.794730] io_submit_sqes+0x707f/0x86a0 [ 1585.795626] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.796654] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1585.797654] ? lock_downgrade+0x6d0/0x6d0 [ 1585.798526] ? find_held_lock+0x2c/0x110 [ 1585.799375] ? io_submit_sqes+0x86a0/0x86a0 [ 1585.800278] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1585.801279] ? wait_for_completion_io+0x270/0x270 [ 1585.802282] ? rcu_read_lock_any_held+0x75/0xa0 [ 1585.803240] ? vfs_write+0x354/0xa30 [ 1585.803998] ? fput_many+0x2f/0x1a0 [ 1585.804750] ? ksys_write+0x1a9/0x260 [ 1585.805545] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1585.806630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1585.807697] do_syscall_64+0x33/0x40 [ 1585.808469] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1585.809526] RIP: 0033:0x7fb90a2beb19 [ 1585.810333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1585.814125] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1585.815709] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1585.817171] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1585.818640] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1585.820113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1585.821572] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:37 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 23:39:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x0) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1585.993423] FAULT_INJECTION: forcing a failure. [ 1585.993423] name failslab, interval 1, probability 0, space 0, times 0 [ 1585.997339] CPU: 0 PID: 9187 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1585.998770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1586.000494] Call Trace: [ 1586.001041] dump_stack+0x107/0x167 [ 1586.001841] should_fail.cold+0x5/0xa [ 1586.002637] ? create_object.isra.0+0x3a/0xa20 [ 1586.003589] should_failslab+0x5/0x20 [ 1586.004383] kmem_cache_alloc+0x5b/0x360 [ 1586.005220] ? mark_held_locks+0x9e/0xe0 [ 1586.006076] create_object.isra.0+0x3a/0xa20 [ 1586.006987] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1586.008038] kmem_cache_alloc_bulk+0x168/0x320 [ 1586.008993] io_submit_sqes+0x707f/0x86a0 [ 1586.009906] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1586.010942] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1586.011950] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1586.012873] ? _raw_spin_unlock_irq+0x27/0x30 [ 1586.013804] ? io_submit_sqes+0x86a0/0x86a0 [ 1586.014694] ? finish_task_switch+0x126/0x5d0 [ 1586.015619] ? finish_task_switch+0xef/0x5d0 [ 1586.016519] ? __switch_to+0x572/0xff0 [ 1586.017318] ? __switch_to_asm+0x3a/0x60 [ 1586.018161] ? __switch_to_asm+0x34/0x60 [ 1586.019007] ? irqentry_enter+0x26/0x60 [ 1586.019829] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1586.020910] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1586.022040] ? trace_hardirqs_on+0x5b/0x180 [ 1586.022938] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1586.024060] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1586.025131] do_syscall_64+0x33/0x40 [ 1586.025914] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1586.026980] RIP: 0033:0x7faadcd8fb19 [ 1586.027743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1586.031555] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1586.033140] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1586.034634] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1586.036115] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1586.037590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1586.039066] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:39:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) 23:39:52 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 23:39:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r6 = syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r7, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x77359400}}, 0x3) r8 = pidfd_getfd(0xffffffffffffffff, r6, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000004c0)={{{@in=@initdev, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f00000005c0)=0xe8) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r8, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000700)={0xc8, 0x0, 0x300, 0x70bd28, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010102}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xda88470a60625bf1}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3f}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}]}]}, 0xc8}}, 0x4000040) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r10, r11, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r10, r11, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x2e76, &(0x7f0000000180)={0x0, 0x2cef, 0x10, 0x3, 0x1ee, 0x0, r6}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000340)=0x0) syz_io_uring_submit(r10, r12, &(0x7f0000000380)=@IORING_OP_NOP={0x0, 0x3}, 0x81) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) 23:39:52 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:39:52 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 23:39:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r4}}, 0x7f) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r4}}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:52 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1600.590421] FAULT_INJECTION: forcing a failure. [ 1600.590421] name failslab, interval 1, probability 0, space 0, times 0 [ 1600.592194] CPU: 1 PID: 9198 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1600.593067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1600.594111] Call Trace: [ 1600.594441] dump_stack+0x107/0x167 [ 1600.594889] should_fail.cold+0x5/0xa [ 1600.595353] ? create_object.isra.0+0x3a/0xa20 [ 1600.595909] should_failslab+0x5/0x20 [ 1600.596370] kmem_cache_alloc+0x5b/0x360 [ 1600.596882] ? mark_held_locks+0x9e/0xe0 [ 1600.597384] create_object.isra.0+0x3a/0xa20 [ 1600.597934] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1600.598565] kmem_cache_alloc_bulk+0x168/0x320 [ 1600.599138] io_submit_sqes+0x707f/0x86a0 [ 1600.599676] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.600290] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.600890] ? lock_downgrade+0x6d0/0x6d0 [ 1600.601413] ? find_held_lock+0x2c/0x110 [ 1600.601925] ? io_submit_sqes+0x86a0/0x86a0 [ 1600.602463] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1600.603081] ? wait_for_completion_io+0x270/0x270 [ 1600.603743] ? rcu_read_lock_any_held+0x75/0xa0 [ 1600.604373] ? vfs_write+0x354/0xa30 [ 1600.604854] ? fput_many+0x2f/0x1a0 [ 1600.605346] ? ksys_write+0x1a9/0x260 [ 1600.605855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1600.606575] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1600.607280] do_syscall_64+0x33/0x40 [ 1600.607443] FAULT_INJECTION: forcing a failure. [ 1600.607443] name failslab, interval 1, probability 0, space 0, times 0 [ 1600.607781] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1600.607790] RIP: 0033:0x7faadcd8fb19 [ 1600.607802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1600.607809] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1600.607823] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1600.607837] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1600.615724] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1600.616693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1600.617650] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1600.618655] CPU: 0 PID: 9204 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1600.619446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1600.620350] Call Trace: [ 1600.620648] dump_stack+0x107/0x167 [ 1600.621052] should_fail.cold+0x5/0xa [ 1600.621499] ? create_object.isra.0+0x3a/0xa20 [ 1600.622033] should_failslab+0x5/0x20 [ 1600.622463] kmem_cache_alloc+0x5b/0x360 [ 1600.622914] ? mark_held_locks+0x9e/0xe0 [ 1600.623408] create_object.isra.0+0x3a/0xa20 [ 1600.623892] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1600.624459] kmem_cache_alloc_bulk+0x168/0x320 [ 1600.624965] io_submit_sqes+0x707f/0x86a0 [ 1600.625449] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.626002] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.626532] ? lock_downgrade+0x6d0/0x6d0 [ 1600.626995] ? find_held_lock+0x2c/0x110 [ 1600.627452] ? io_submit_sqes+0x86a0/0x86a0 [ 1600.627938] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1600.628466] ? wait_for_completion_io+0x270/0x270 [ 1600.628999] ? rcu_read_lock_any_held+0x75/0xa0 [ 1600.629509] ? vfs_write+0x354/0xa30 [ 1600.629929] ? fput_many+0x2f/0x1a0 [ 1600.630330] ? ksys_write+0x1a9/0x260 [ 1600.630755] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1600.631330] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1600.631910] do_syscall_64+0x33/0x40 [ 1600.632331] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1600.632903] RIP: 0033:0x7fb90a2beb19 [ 1600.633315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1600.635331] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1600.636170] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1600.636957] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1600.637749] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1600.638555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1600.639338] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 23:39:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) 23:39:52 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 23:39:52 executing program 1: sysfs$1(0x1, &(0x7f0000000040)='\x00') r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) [ 1600.783318] FAULT_INJECTION: forcing a failure. [ 1600.783318] name failslab, interval 1, probability 0, space 0, times 0 [ 1600.785132] CPU: 1 PID: 9227 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1600.786105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1600.787268] Call Trace: [ 1600.787651] dump_stack+0x107/0x167 [ 1600.788166] should_fail.cold+0x5/0xa [ 1600.788704] ? create_object.isra.0+0x3a/0xa20 [ 1600.789343] should_failslab+0x5/0x20 [ 1600.789897] kmem_cache_alloc+0x5b/0x360 [ 1600.790467] ? mark_held_locks+0x9e/0xe0 [ 1600.791040] create_object.isra.0+0x3a/0xa20 [ 1600.791655] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1600.792372] kmem_cache_alloc_bulk+0x168/0x320 [ 1600.792997] io_submit_sqes+0x707f/0x86a0 [ 1600.793504] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.794052] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.794571] ? lock_downgrade+0x6d0/0x6d0 [ 1600.795013] ? find_held_lock+0x2c/0x110 [ 1600.795461] ? io_submit_sqes+0x86a0/0x86a0 [ 1600.795937] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1600.796459] ? wait_for_completion_io+0x270/0x270 [ 1600.796981] ? rcu_read_lock_any_held+0x75/0xa0 [ 1600.797472] ? vfs_write+0x354/0xa30 [ 1600.797885] ? fput_many+0x2f/0x1a0 [ 1600.798308] ? ksys_write+0x1a9/0x260 [ 1600.798723] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1600.799277] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1600.799828] do_syscall_64+0x33/0x40 [ 1600.800231] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1600.800778] RIP: 0033:0x7fb90a2beb19 [ 1600.801177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1600.803284] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1600.804102] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1600.804916] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1600.805714] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1600.806526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1600.807364] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:39:52 executing program 6: r0 = syz_io_uring_setup(0x520b, &(0x7f0000000080)={0x0, 0x5aeb, 0x10, 0x0, 0x2fa}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) r2 = syz_io_uring_setup(0x305c, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0xfffffffd, 0x1ec, 0x0, r0}, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000480)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r5}}, 0x7f) syz_io_uring_submit(r1, 0x0, &(0x7f0000000440)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x9, &(0x7f0000000400), 0x1, 0x1, 0x1, {0x0, r5}}, 0x682) r7 = perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x80, 0x5, 0x3, 0x1, 0x1f, 0x0, 0x100000001, 0x1000, 0x6, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x8, 0x100000001}, 0x49942, 0x86f, 0x4, 0x5, 0x79b, 0x2, 0x1ff, 0x0, 0x3, 0x0, 0x5}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8) mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8, 0x20010, r7, 0x4) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x1e) epoll_create1(0x80000) syz_io_uring_submit(r8, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r9 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r9, 0x76d3, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_ima(r9, &(0x7f0000000340), &(0x7f0000000380)=@v2={0x5, 0x2, 0x12, 0x40}, 0x9, 0x1) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:39:52 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 23:39:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) [ 1600.873855] device veth0_vlan entered promiscuous mode [ 1600.894333] FAULT_INJECTION: forcing a failure. [ 1600.894333] name failslab, interval 1, probability 0, space 0, times 0 [ 1600.895633] CPU: 1 PID: 9237 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1600.896335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1600.897186] Call Trace: [ 1600.897470] dump_stack+0x107/0x167 [ 1600.897858] should_fail.cold+0x5/0xa [ 1600.898263] ? create_object.isra.0+0x3a/0xa20 [ 1600.898734] should_failslab+0x5/0x20 [ 1600.899133] kmem_cache_alloc+0x5b/0x360 [ 1600.899547] ? mark_held_locks+0x9e/0xe0 [ 1600.899970] create_object.isra.0+0x3a/0xa20 [ 1600.900418] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1600.900946] kmem_cache_alloc_bulk+0x168/0x320 [ 1600.901414] io_submit_sqes+0x707f/0x86a0 [ 1600.901893] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.902404] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1600.902929] ? lock_downgrade+0x6d0/0x6d0 [ 1600.903350] ? find_held_lock+0x2c/0x110 [ 1600.903776] ? io_submit_sqes+0x86a0/0x86a0 [ 1600.904232] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1600.904725] ? wait_for_completion_io+0x270/0x270 [ 1600.905215] ? rcu_read_lock_any_held+0x75/0xa0 [ 1600.905689] ? vfs_write+0x354/0xa30 [ 1600.906113] ? fput_many+0x2f/0x1a0 [ 1600.906487] ? ksys_write+0x1a9/0x260 [ 1600.906879] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1600.907409] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1600.907943] do_syscall_64+0x33/0x40 [ 1600.908325] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1600.908847] RIP: 0033:0x7faadcd8fb19 [ 1600.909229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1600.911086] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1600.911862] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1600.912657] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1600.913372] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1600.914107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1600.914824] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:40:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, 0x0, 0x86) 23:40:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 23:40:08 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:08 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:08 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 23:40:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)=0x0) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) write$binfmt_misc(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="73797a30f8415a214dbea268a9b77b4c9d4dc085ff02b77a79dd7b753e3532d9f7fb4ae36caeaf0acfea54f36d2e0f8fba7859fcf2d63c75951689ba5699b5cf82bfb6b0278932f1e09a64ba30b2a6167213462960839a98521ebc6b9c20178724080286880f14aa28cf3dd43162f8724686fbc50db793c2cd9e86f753855c094039a447a1c203dd2f089372292dd688c32d5c87a121fe49e6fa3f46dae495d46c0c1d6594b1f263923b0ee3d9d3300da97fb0441fb179db74669fb9cf478ba445a51c1703b4373063df70e6c99992e3c37e9c10cc740bfe637d5ec1701c705735fc8f76709d4853bd5b31a9"], 0xec) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000000, 0x1010, r0, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r7}}, 0x7f) syz_io_uring_submit(r6, r5, &(0x7f0000000180)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r0, 0x0, 0x0, 0xfffffff8, 0x8, 0x1, {0x0, r7, r3}}, 0x4) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000380)={0x0, 0x2, 0x8b, 0x26}) r9 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r10, r5, &(0x7f0000000340)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index, 0x100000000, 0x0, 0x3, 0x0, 0x0, {0x0, r7}}, 0x800) io_uring_enter(r9, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0) 23:40:08 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 23:40:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x954, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1616.535291] FAULT_INJECTION: forcing a failure. [ 1616.535291] name failslab, interval 1, probability 0, space 0, times 0 [ 1616.537211] CPU: 1 PID: 9247 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1616.538005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1616.538973] Call Trace: [ 1616.539295] dump_stack+0x107/0x167 [ 1616.539728] should_fail.cold+0x5/0xa [ 1616.540179] should_failslab+0x5/0x20 [ 1616.540623] kmem_cache_alloc_bulk+0x4b/0x320 [ 1616.541151] io_submit_sqes+0x707f/0x86a0 [ 1616.541664] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.542250] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.542820] ? lock_downgrade+0x6d0/0x6d0 [ 1616.543302] ? find_held_lock+0x2c/0x110 [ 1616.543785] ? io_submit_sqes+0x86a0/0x86a0 [ 1616.544299] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1616.544863] ? wait_for_completion_io+0x270/0x270 [ 1616.545430] ? rcu_read_lock_any_held+0x75/0xa0 [ 1616.545971] ? vfs_write+0x354/0xa30 [ 1616.546429] ? fput_many+0x2f/0x1a0 [ 1616.546855] ? ksys_write+0x1a9/0x260 [ 1616.547305] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1616.547917] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1616.548521] do_syscall_64+0x33/0x40 [ 1616.548955] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1616.549558] RIP: 0033:0x7fb90a2beb19 [ 1616.549999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1616.552130] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1616.553018] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1616.553843] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1616.554691] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1616.555519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1616.556359] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:40:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x100000000000000, 0x0, 0x0) 23:40:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, 0x0, 0x86) [ 1616.659479] FAULT_INJECTION: forcing a failure. [ 1616.659479] name failslab, interval 1, probability 0, space 0, times 0 [ 1616.662598] CPU: 0 PID: 9250 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1616.664008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1616.665708] Call Trace: [ 1616.666272] dump_stack+0x107/0x167 [ 1616.667028] should_fail.cold+0x5/0xa [ 1616.667814] ? create_object.isra.0+0x3a/0xa20 [ 1616.668751] should_failslab+0x5/0x20 [ 1616.669538] kmem_cache_alloc+0x5b/0x360 [ 1616.670386] ? mark_held_locks+0x9e/0xe0 [ 1616.671228] create_object.isra.0+0x3a/0xa20 23:40:08 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) [ 1616.672135] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1616.673295] kmem_cache_alloc_bulk+0x168/0x320 [ 1616.674264] io_submit_sqes+0x707f/0x86a0 [ 1616.675146] ? __mutex_lock+0x1f/0x12a0 [ 1616.675978] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.677004] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.678014] ? io_submit_sqes+0x86a0/0x86a0 [ 1616.678914] ? recalibrate_cpu_khz+0x10/0x10 [ 1616.679813] ? ktime_get+0x158/0x1f0 [ 1616.680587] ? lapic_timer_set_periodic+0x60/0x60 [ 1616.681577] ? clockevents_program_event+0x131/0x360 [ 1616.682641] ? tick_program_event+0xa8/0x140 [ 1616.683546] ? hrtimer_interrupt+0x771/0x9b0 [ 1616.684463] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1616.685543] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1616.686601] do_syscall_64+0x33/0x40 [ 1616.687362] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1616.688405] RIP: 0033:0x7faadcd8fb19 [ 1616.689162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1616.692915] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1616.694469] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1616.695935] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1616.697383] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1616.698837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1616.700303] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:40:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 23:40:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10240, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, 0x0, 0x86) [ 1616.758727] FAULT_INJECTION: forcing a failure. [ 1616.758727] name failslab, interval 1, probability 0, space 0, times 0 [ 1616.760514] CPU: 1 PID: 9274 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1616.761295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1616.762174] Call Trace: [ 1616.762474] dump_stack+0x107/0x167 [ 1616.762862] should_fail.cold+0x5/0xa [ 1616.763295] ? create_object.isra.0+0x3a/0xa20 [ 1616.763784] ? create_object.isra.0+0x3a/0xa20 [ 1616.764298] should_failslab+0x5/0x20 [ 1616.764703] kmem_cache_alloc+0x5b/0x360 [ 1616.765164] ? mark_held_locks+0x9e/0xe0 [ 1616.765604] create_object.isra.0+0x3a/0xa20 [ 1616.766111] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1616.766663] kmem_cache_alloc_bulk+0x168/0x320 [ 1616.767184] io_submit_sqes+0x707f/0x86a0 [ 1616.767652] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.768217] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1616.768736] ? lock_downgrade+0x6d0/0x6d0 [ 1616.769207] ? find_held_lock+0x2c/0x110 [ 1616.769649] ? io_submit_sqes+0x86a0/0x86a0 [ 1616.770159] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1616.770680] ? wait_for_completion_io+0x270/0x270 [ 1616.771226] ? rcu_read_lock_any_held+0x75/0xa0 [ 1616.771716] ? vfs_write+0x354/0xa30 [ 1616.772136] ? fput_many+0x2f/0x1a0 [ 1616.772525] ? ksys_write+0x1a9/0x260 [ 1616.772958] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1616.773517] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1616.774112] do_syscall_64+0x33/0x40 [ 1616.774512] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1616.775088] RIP: 0033:0x7fb90a2beb19 [ 1616.775484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1616.777581] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1616.778410] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1616.779221] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1616.780028] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1616.780847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1616.781598] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:40:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000240)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, r5, 0x0, &(0x7f00000001c0)='./file0\x00', 0x84, 0xa8400, 0x12345}, 0x4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x4b9b, &(0x7f0000000040)={0x0, 0xb68, 0x10, 0x3, 0x392, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) 23:40:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 23:40:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x0) [ 1616.866821] device veth0_vlan entered promiscuous mode 23:40:08 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) 23:40:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000340)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x0) 23:40:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x13, r0, 0x10000000) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r5}}, 0x7f) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x8, 0xb92e, 0x0, 0x7, 0x0, 0x0, {0x0, r5}}, 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:23 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:23 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 23:40:23 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:23 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) [ 1632.408433] FAULT_INJECTION: forcing a failure. [ 1632.408433] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.410879] CPU: 1 PID: 9313 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1632.412304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1632.414045] Call Trace: [ 1632.414619] dump_stack+0x107/0x167 [ 1632.415385] should_fail.cold+0x5/0xa [ 1632.416186] ? create_object.isra.0+0x3a/0xa20 [ 1632.417132] should_failslab+0x5/0x20 [ 1632.417933] kmem_cache_alloc+0x5b/0x360 [ 1632.418791] ? mark_held_locks+0x9e/0xe0 [ 1632.419627] create_object.isra.0+0x3a/0xa20 [ 1632.420527] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1632.421566] kmem_cache_alloc_bulk+0x168/0x320 [ 1632.422513] io_submit_sqes+0x707f/0x86a0 [ 1632.423396] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.424408] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.425398] ? lock_downgrade+0x6d0/0x6d0 [ 1632.426239] ? find_held_lock+0x2c/0x110 [ 1632.427081] ? io_submit_sqes+0x86a0/0x86a0 [ 1632.427970] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1632.428965] ? wait_for_completion_io+0x270/0x270 [ 1632.429946] ? rcu_read_lock_any_held+0x75/0xa0 [ 1632.430914] ? vfs_write+0x354/0xa30 [ 1632.431684] ? fput_many+0x2f/0x1a0 [ 1632.432435] ? ksys_write+0x1a9/0x260 [ 1632.433215] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1632.434305] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1632.435355] do_syscall_64+0x33/0x40 [ 1632.436134] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1632.437195] RIP: 0033:0x7fb90a2beb19 [ 1632.437971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1632.441746] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1632.443316] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1632.444758] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1632.446197] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1632.447652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1632.449089] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1632.488364] FAULT_INJECTION: forcing a failure. [ 1632.488364] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.490822] CPU: 1 PID: 9318 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1632.492210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1632.493900] Call Trace: [ 1632.494445] dump_stack+0x107/0x167 [ 1632.495186] should_fail.cold+0x5/0xa [ 1632.495965] ? create_object.isra.0+0x3a/0xa20 [ 1632.496909] should_failslab+0x5/0x20 [ 1632.497690] kmem_cache_alloc+0x5b/0x360 [ 1632.498549] ? mark_held_locks+0x9e/0xe0 [ 1632.499379] create_object.isra.0+0x3a/0xa20 [ 1632.500284] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1632.501327] kmem_cache_alloc_bulk+0x168/0x320 [ 1632.502269] io_submit_sqes+0x707f/0x86a0 [ 1632.503159] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.504175] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.505164] ? lock_downgrade+0x6d0/0x6d0 [ 1632.506002] ? find_held_lock+0x2c/0x110 [ 1632.506842] ? io_submit_sqes+0x86a0/0x86a0 [ 1632.507732] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1632.508716] ? wait_for_completion_io+0x270/0x270 [ 1632.509709] ? rcu_read_lock_any_held+0x75/0xa0 [ 1632.510669] ? vfs_write+0x354/0xa30 [ 1632.511431] ? fput_many+0x2f/0x1a0 [ 1632.512177] ? ksys_write+0x1a9/0x260 [ 1632.512963] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1632.514024] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1632.515093] do_syscall_64+0x33/0x40 [ 1632.515851] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1632.516897] RIP: 0033:0x7faadcd8fb19 [ 1632.517661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1632.521417] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1632.522977] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1632.524431] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1632.525878] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1632.527330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1632.528788] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:40:24 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = io_uring_setup(0x64e2, &(0x7f0000000040)={0x0, 0xf8f3, 0x2, 0x3, 0x3bf}) io_uring_enter(r4, 0x291e, 0x0, 0x0, 0x0, 0x0) 23:40:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1000000) 23:40:24 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) [ 1632.641004] device veth0_vlan entered promiscuous mode 23:40:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 23:40:24 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x0) 23:40:24 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:24 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 23:40:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x10000000000) 23:40:24 executing program 1: r0 = syz_io_uring_setup(0xd4f, &(0x7f00000002c0)={0x0, 0x9559, 0xe}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000240)=0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r5 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r9, 0xffffffffffffffff, 0x0) r10 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r10, 0x76d3, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc0189379, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r10, @ANYBLOB="0000ff0300000000000066696c653000a818e478f8b1deb5c68eba1a21cf28cf120a890400000700875de4c951174fa6f900644fd8c6743ea515a40a2e0f9c06dd19397fd966cbcb19cd6bdb8ac65f1de0925ee7c38994ba094fbb68d57d73c56ff15b2efef34015952415a3d77e351577556052267ff857f50efb98122fa28df6726c7db9daf07440c5f7fc591898469cd1d311287e8adfc8db22499cedbbc4ec2509f53a8b8431ce6d169dcff9ed9b185b11da4446c6ef0bbb0000080000000000003920fb969674ac3443bcf4b865a4c21cae113a265d7105f15b94d28bf425e943bb913125ebbe23590ef379f56bbda23edbacb1a2c531944d720100d4c63d0b0de53e6b24f6f1a91dcec140b7e5613a3cfce7af12120db93559e44a573842de79da9368ce9138ce6d086802d4f991841678356428987571061d1a5011e60c353d258d00"/337]) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r11, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r3, r7, &(0x7f0000000080)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1, 0x0, &(0x7f0000000040)="80656e381616861935437cb696dcc05e1526919cad57545202aee0065702af58ffa28f2ff831d6", 0x7aa, 0x0, 0x0, {0x2}}, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000180)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1632.889411] FAULT_INJECTION: forcing a failure. [ 1632.889411] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.892397] CPU: 1 PID: 9344 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1632.893801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1632.895517] Call Trace: [ 1632.896068] dump_stack+0x107/0x167 [ 1632.896814] should_fail.cold+0x5/0xa [ 1632.897576] ? create_object.isra.0+0x3a/0xa20 [ 1632.898532] should_failslab+0x5/0x20 [ 1632.899309] kmem_cache_alloc+0x5b/0x360 [ 1632.900141] ? mark_held_locks+0x9e/0xe0 [ 1632.900973] create_object.isra.0+0x3a/0xa20 [ 1632.901866] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1632.902913] kmem_cache_alloc_bulk+0x168/0x320 [ 1632.903852] io_submit_sqes+0x707f/0x86a0 [ 1632.904764] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.905780] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.906774] ? lock_downgrade+0x6d0/0x6d0 [ 1632.907617] ? find_held_lock+0x2c/0x110 [ 1632.908456] ? io_submit_sqes+0x86a0/0x86a0 [ 1632.909343] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1632.910333] ? wait_for_completion_io+0x270/0x270 [ 1632.911310] ? rcu_read_lock_any_held+0x75/0xa0 [ 1632.912248] ? vfs_write+0x354/0xa30 [ 1632.913012] ? fput_many+0x2f/0x1a0 [ 1632.913748] ? ksys_write+0x1a9/0x260 [ 1632.914552] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1632.915604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1632.916652] do_syscall_64+0x33/0x40 [ 1632.917405] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1632.918450] RIP: 0033:0x7fb90a2beb19 [ 1632.919206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1632.922956] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1632.924492] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1632.925945] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1632.927391] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1632.928835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1632.930274] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1632.968637] FAULT_INJECTION: forcing a failure. [ 1632.968637] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.971466] CPU: 0 PID: 9346 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1632.972529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1632.973803] Call Trace: [ 1632.974213] dump_stack+0x107/0x167 [ 1632.974786] should_fail.cold+0x5/0xa [ 1632.975378] should_failslab+0x5/0x20 [ 1632.975955] kmem_cache_alloc_bulk+0x4b/0x320 [ 1632.976652] io_submit_sqes+0x707f/0x86a0 [ 1632.977306] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.978068] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1632.978819] ? lock_downgrade+0x6d0/0x6d0 [ 1632.979453] ? find_held_lock+0x2c/0x110 [ 1632.980066] ? io_submit_sqes+0x86a0/0x86a0 [ 1632.980736] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1632.981465] ? wait_for_completion_io+0x270/0x270 [ 1632.982206] ? rcu_read_lock_any_held+0x75/0xa0 [ 1632.982925] ? vfs_write+0x354/0xa30 [ 1632.983503] ? fput_many+0x2f/0x1a0 [ 1632.984051] ? ksys_write+0x1a9/0x260 [ 1632.984639] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1632.985422] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1632.986222] do_syscall_64+0x33/0x40 [ 1632.986805] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1632.987576] RIP: 0033:0x7faadcd8fb19 [ 1632.988127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1632.990896] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1632.992021] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1632.993105] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1632.994181] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1632.995260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1632.996330] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:40:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000) 23:40:24 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r0, 0xffffffffffffffff, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x969) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3, 0x100010, r1, 0x8000000) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x10010, r1, 0x10000000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x4, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r8}}, 0x1f) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:24 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:24 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r2, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:24 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 23:40:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x100000000000000) [ 1633.211286] FAULT_INJECTION: forcing a failure. [ 1633.211286] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.214115] CPU: 1 PID: 9370 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1633.215452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1633.217020] Call Trace: [ 1633.217603] dump_stack+0x107/0x167 [ 1633.218294] should_fail.cold+0x5/0xa [ 1633.219075] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1633.220088] should_failslab+0x5/0x20 [ 1633.220816] __kmalloc_node+0x76/0x4b0 [ 1633.221553] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1633.222549] memcg_slab_post_alloc_hook+0x1f9/0x3f0 [ 1633.223518] kmem_cache_alloc_bulk+0x182/0x320 [ 1633.224388] io_submit_sqes+0x707f/0x86a0 [ 1633.225210] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1633.226152] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1633.227093] ? lock_downgrade+0x6d0/0x6d0 [ 1633.227882] ? find_held_lock+0x2c/0x110 [ 1633.228666] ? io_submit_sqes+0x86a0/0x86a0 [ 1633.229471] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1633.230401] ? wait_for_completion_io+0x270/0x270 [ 1633.231300] ? rcu_read_lock_any_held+0x75/0xa0 [ 1633.232164] ? vfs_write+0x354/0xa30 [ 1633.232857] ? fput_many+0x2f/0x1a0 [ 1633.233551] ? ksys_write+0x1a9/0x260 [ 1633.234271] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1633.235255] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1633.236230] do_syscall_64+0x33/0x40 [ 1633.236947] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1633.237898] RIP: 0033:0x7faadcd8fb19 [ 1633.238624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1633.242059] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1633.243512] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1633.244842] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1633.246168] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1633.247012] device veth0_vlan entered promiscuous mode [ 1633.247504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1633.247522] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:40:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r4 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r4, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7ffc) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r6, 0xffffffffffffffff, 0x0) accept4$packet(r6, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:38 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 23:40:38 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 23:40:38 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r2, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:38 executing program 4: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000) 23:40:38 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1647.231166] FAULT_INJECTION: forcing a failure. [ 1647.231166] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.232745] CPU: 1 PID: 9382 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1647.233542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.234521] Call Trace: [ 1647.234843] dump_stack+0x107/0x167 [ 1647.235277] should_fail.cold+0x5/0xa [ 1647.235737] ? create_object.isra.0+0x3a/0xa20 [ 1647.236276] should_failslab+0x5/0x20 [ 1647.236737] kmem_cache_alloc+0x5b/0x360 [ 1647.237223] ? mark_held_locks+0x9e/0xe0 [ 1647.237717] create_object.isra.0+0x3a/0xa20 [ 1647.238242] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1647.238853] kmem_cache_alloc_bulk+0x168/0x320 [ 1647.239403] io_submit_sqes+0x707f/0x86a0 [ 1647.239938] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.240534] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.241121] ? lock_downgrade+0x6d0/0x6d0 [ 1647.241614] ? find_held_lock+0x2c/0x110 [ 1647.242093] ? io_submit_sqes+0x86a0/0x86a0 [ 1647.242610] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1647.243177] ? wait_for_completion_io+0x270/0x270 [ 1647.243747] ? rcu_read_lock_any_held+0x75/0xa0 [ 1647.244288] ? vfs_write+0x354/0xa30 [ 1647.244725] ? fput_many+0x2f/0x1a0 [ 1647.245147] ? ksys_write+0x1a9/0x260 [ 1647.245597] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1647.246214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.246843] do_syscall_64+0x33/0x40 [ 1647.247277] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1647.247872] RIP: 0033:0x7fb90a2beb19 [ 1647.248303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.250456] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1647.251361] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1647.252203] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1647.253027] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.253857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.254695] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:40:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x2f4a, &(0x7f0000000180)={0x0, 0xfa2a, 0x1, 0x2, 0x227}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000240)) syz_memcpy_off$IO_URING_METADATA_FLAGS(r3, 0x114, &(0x7f0000000280)=0x1, 0x0, 0x4) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file06']) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={0x0, 0x7, r0, 0xffffffff, 0x80000}) syz_io_uring_setup(0x5ea6, &(0x7f0000000340)={0x0, 0xa1c9, 0x2, 0x3, 0x292, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00000003c0)=0x0, &(0x7f0000000400)) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r10 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r8, r9, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000480)={r5}) syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r11, r9, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r10, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r7, r9, &(0x7f0000000440)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xb, 0x1}, 0x0) 23:40:38 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) [ 1647.345482] FAULT_INJECTION: forcing a failure. [ 1647.345482] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.348818] CPU: 0 PID: 9384 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1647.350522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.352377] Call Trace: [ 1647.352980] dump_stack+0x107/0x167 [ 1647.353804] should_fail.cold+0x5/0xa [ 1647.354682] ? create_object.isra.0+0x3a/0xa20 [ 1647.355705] should_failslab+0x5/0x20 [ 1647.356555] kmem_cache_alloc+0x5b/0x360 [ 1647.357462] ? mark_held_locks+0x9e/0xe0 [ 1647.358376] create_object.isra.0+0x3a/0xa20 [ 1647.359360] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1647.360489] kmem_cache_alloc_bulk+0x168/0x320 [ 1647.361518] io_submit_sqes+0x707f/0x86a0 [ 1647.362471] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.363595] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.364671] ? lock_downgrade+0x6d0/0x6d0 [ 1647.365594] ? find_held_lock+0x2c/0x110 [ 1647.366270] FAULT_INJECTION: forcing a failure. [ 1647.366270] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.366513] ? io_submit_sqes+0x86a0/0x86a0 [ 1647.366545] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1647.366572] ? wait_for_completion_io+0x270/0x270 [ 1647.370885] ? rcu_read_lock_any_held+0x75/0xa0 [ 1647.371916] ? vfs_write+0x354/0xa30 [ 1647.372750] ? fput_many+0x2f/0x1a0 [ 1647.373553] ? ksys_write+0x1a9/0x260 [ 1647.374406] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1647.375579] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.376721] do_syscall_64+0x33/0x40 [ 1647.377549] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1647.378693] RIP: 0033:0x7faadcd8fb19 [ 1647.379516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.383582] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1647.385261] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1647.386835] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1647.388392] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.389945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.391507] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1647.393095] CPU: 1 PID: 9405 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1647.393880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.394820] Call Trace: [ 1647.395134] dump_stack+0x107/0x167 [ 1647.395540] should_fail.cold+0x5/0xa [ 1647.395972] ? create_object.isra.0+0x3a/0xa20 [ 1647.396490] should_failslab+0x5/0x20 [ 1647.396913] kmem_cache_alloc+0x5b/0x360 [ 1647.397376] ? mark_held_locks+0x9e/0xe0 [ 1647.397828] create_object.isra.0+0x3a/0xa20 [ 1647.398311] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1647.398904] kmem_cache_alloc_bulk+0x168/0x320 [ 1647.399426] io_submit_sqes+0x707f/0x86a0 [ 1647.399906] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.400462] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.400997] ? lock_downgrade+0x6d0/0x6d0 [ 1647.401468] ? find_held_lock+0x2c/0x110 [ 1647.401927] ? io_submit_sqes+0x86a0/0x86a0 [ 1647.402416] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1647.402963] ? wait_for_completion_io+0x270/0x270 [ 1647.403504] ? rcu_read_lock_any_held+0x75/0xa0 [ 1647.404023] ? vfs_write+0x354/0xa30 [ 1647.404454] ? fput_many+0x2f/0x1a0 [ 1647.404870] ? ksys_write+0x1a9/0x260 [ 1647.405314] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1647.405892] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.406468] do_syscall_64+0x33/0x40 [ 1647.406896] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1647.407477] RIP: 0033:0x7fb90a2beb19 [ 1647.407882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.409891] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1647.410755] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1647.411538] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1647.412295] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.413101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.413903] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:40:39 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7f54, &(0x7f0000000040)={0x0, 0x2739, 0x4, 0x3, 0x22c, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)) r4 = open_tree(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0x1010, r4, 0x0) syz_io_uring_setup(0x3e9f, &(0x7f0000000180)={0x0, 0x7a8c, 0xa, 0x0, 0x395, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000340)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x3d2c3c568a33d9d7, 0x0, 0x0, 0x1}, 0x40) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:39 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2, 0x0, @fd_index=0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x1, {0x1, r4}}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000080)='./file0\x00', 0x2, 0x110) perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x9, 0x40, 0x0, 0x6, 0x0, 0x5f4, 0x4008, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x581, 0x2, @perf_config_ext={0x80, 0x8}, 0x1000, 0x2, 0x1a73ffcf, 0x9, 0x9, 0x4, 0x5, 0x0, 0x3f2, 0x0, 0x5}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r5, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="000425bd7000ffdbdf255a00000008000300", @ANYRES32=r7, @ANYBLOB="8e3229edf4e207f0a9574087277445bf66c305dafa42bc600e8790c35ed64f8c16c215fbfe753840882b85db2204e4f1c47c3061c5164b464c777f26f3bb7be8630082"], 0x1c}}, 0x880) 23:40:39 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 23:40:39 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_setup(0x3ece, &(0x7f0000000040)={0x0, 0x1539, 0x10, 0x0, 0x259, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000180)) syz_io_uring_setup(0x4f93, &(0x7f0000000240)={0x0, 0x863b, 0x1, 0x3, 0x126, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000340)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) r8 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r8, 0x76d3, 0x0, 0x0, 0x0, 0x0) fcntl$setstatus(r8, 0x4, 0x6a00) syz_io_uring_submit(r7, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r6}}, 0x7f) syz_io_uring_submit(r4, r5, &(0x7f0000000380)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x3, 0x0, @fd_index=0x3, 0x9, 0x0, 0x0, 0x18, 0x0, {0x2, r6}}, 0x4) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1647.605996] device veth0_vlan entered promiscuous mode [ 1647.684566] FAULT_INJECTION: forcing a failure. [ 1647.684566] name failslab, interval 1, probability 0, space 0, times 0 23:40:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x0) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) [ 1647.688312] CPU: 0 PID: 9420 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1647.689832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.691861] Call Trace: [ 1647.692424] dump_stack+0x107/0x167 [ 1647.693313] should_fail.cold+0x5/0xa [ 1647.694157] ? create_object.isra.0+0x3a/0xa20 [ 1647.695262] should_failslab+0x5/0x20 [ 1647.696318] kmem_cache_alloc+0x5b/0x360 [ 1647.697270] ? mark_held_locks+0x9e/0xe0 [ 1647.698225] create_object.isra.0+0x3a/0xa20 [ 1647.699279] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1647.700476] kmem_cache_alloc_bulk+0x168/0x320 [ 1647.701553] io_submit_sqes+0x707f/0x86a0 [ 1647.702584] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.703759] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1647.704902] ? lock_downgrade+0x6d0/0x6d0 [ 1647.705866] ? find_held_lock+0x2c/0x110 [ 1647.706847] ? io_submit_sqes+0x86a0/0x86a0 [ 1647.707866] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1647.708989] ? wait_for_completion_io+0x270/0x270 [ 1647.710116] ? rcu_read_lock_any_held+0x75/0xa0 [ 1647.711200] ? vfs_write+0x354/0xa30 [ 1647.712078] ? fput_many+0x2f/0x1a0 [ 1647.712926] ? ksys_write+0x1a9/0x260 [ 1647.713822] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1647.715045] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.716248] do_syscall_64+0x33/0x40 [ 1647.717113] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1647.718301] RIP: 0033:0x7fb90a2beb19 [ 1647.719184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.723398] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1647.725155] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1647.726796] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1647.728420] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.730046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.731679] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:40:39 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, 0x0) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:39 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:39 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r2, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:39 executing program 1: stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = getegid() setgid(r2) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {}, [{0x2, 0x4, r0}, {0x2, 0x6, r1}], {0x4, 0x4}, [{0x8, 0x4, r2}, {0x8, 0x2}, {0x8, 0x5bedda0795d7216b}, {0x8, 0x5, 0xffffffffffffffff}], {0x10, 0x1}, {0x20, 0x7}}, 0x54, 0x3) r3 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1647.972092] device veth0_vlan entered promiscuous mode 23:40:53 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 23:40:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ae, 0x0, 0x0, 0x0, 0x0) 23:40:53 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:53 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, 0x0) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:40:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 1) 23:40:53 executing program 1: r0 = syz_io_uring_setup(0x4081, &(0x7f0000000040)={0x0, 0xd6fc, 0x0, 0x3, 0x400002d5}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:40:53 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 23:40:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x2) fcntl$dupfd(r5, 0x406, r7) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000440)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000400), 0x0, 0x0, 0x80800, 0x1}, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80020, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc, 0x810, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x2, 0x0, @fd_index=0x8, 0x1f, 0x0, 0x9, 0x1, 0x1}, 0x1) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)={0x11e0, 0x33, 0x100, 0x70bd28, 0x6, {0x5}, [@typed={0x8, 0x37, 0x0, 0x0, @uid}, @typed={0x8, 0x88, 0x0, 0x0, @u32}, @generic="7b483417c338d1f3c44e2c0336cb15b03b38053397293bca1f6c751900104e0d1b2403ef222014e43db875007571b531b3f4684ef170c6bdd16413e1eb9b3e71251c463b7aff401667d143f2f5f906afdcb2271951484a79e8d452b8967a9b38df7f1aff80ff265f1997d93275e62ebcae5d1a50b4a49947984f5b4a411dcc4ac908fd9153af1700387bb1da63edd82c0a03edfbe13981fd8749a601341b7160647b8009ecde412f949a01cc973949c3e3d5168c541d62ac77d67e3e82ea74d596b1b327791751941bb0402f7450238896d2a33d6caaf8082868e496b52fefe7dc4fe82819ea0f6d98c8d11b1a26184e6e02dd39f4a5b171bfad83085270789fba260098d7c1f15f1bc2e9a2e97265035163fa8dc7fc139f11859aa6c80c0df2d9f7e09603d4a6fb4ffda3cdde910ffb457c04e8b9a448822779623ed20e57471f549d536ccff4ac2adeeaf2b7cffc9f9069aafa248befafd2c90af60142f399087d0378458090b3fbaae62a22a7aa2968fe72c58fe1de93198db908020c10bf22a6fa7ad34965cf93e31c6f55a8cc31781436b9e06372d08ee1d39c08d9ce45dfb01ce4b4c95e35704b6645ea8425064fe2619070df0f3d5516d8a16d681f25dbe83d3644cab551e555d68a7842233bab7667cabd2ae8fe955085fd067f9b4c4c564b60eaec85648985d440a2e4e0ff38866b1a9b0cd351a49bf534b7e06c15f5081f0e4d95c2ae26226a1e617d11374c68df18a49ae5bb2bfd4e2e09570c76f94a15afef74c63d8bb7add37e94ba1158a2195a8e7191c8acad59b54899561a3a3831313602ae8c3e4a3b0e7543d3d92d05f065b006fe24c2d29630d359f477e7c4806d32f67fb4fdfecc41c116f32ed20db19ba1814aaf2071c4e73a71b4c64e6cee95e5a4c51c4b8f8d2e7ab83dc3b48bf4ebeb99063734a7c5070a941af14dbf50b0b8217ad9a2d1d3c9950e88abf706ca6e2cff434609c304fcc085bc04866ae1e18f963e28d52f484e879c25ce82f539f2dbde114ea140a017a7448ded44a907ba79d42a2179462be9eadeaba64f3a512c996cea0cae3086085c1445447ab99058f9dc3c67eca6688c6e00a350eb0c94732bb0423a84a461ed08d552a7e9ff905930f52f016b6c2dc37f2de0a2489d878259e77defa6704d63036e7b966141cb33449ddf29917dc974dc60e7c51c187225d6e8746d39c1528d7eeee28d002e9dc827a16619e6ab757fa3395d46dae251486a4695913998a5954dce09cc26b2a4b46f477d9aacc43fa2784a6cfa425254a7392e27ed95aece5f3cd1ff5d1851df61bae04631151e997cd60634aa5bf7b9753ca8d04ca2acc7d40b88a89129fb7e0feebdb33ef1f0ed26a46aaf2503f93071c26e2958b68e384b5a975b48757d700c3b41aea531bdb0f5c0747606017a62e81eeca5b8024de233c2b9248a566c1e06f6f8a15a581575718d811b9526dc490037081a927ec547d6f48e267e382943d93de101278f5b2fd92f2c11fd1e50c94d8318f4c551f16934421a792cf894fd726edf4c07747bb1ef48e36db41dcd5b664017ef84c586b280544876ddcd3b26c0bb99969a90a4e0b40a90262ef6e04641630d5d921735d97ed7afb05690f09141bd30832148e76b232907e0616f400c3225011029480679873bcf64a63274838ba9e7ba6537d0bc44a210ab2d6209b78f68b8040804ab4e6dd6cb7d1c6fdc65ec6bbb5cce4b6fed89eafeb77a9eda962091396cd3b0b5d728985831fd92f18e1516888a75e844bcb203975b0fd369685ca54278e24cf7c4ba8ada66c3c5512a1b0999c5478ad51677414a651b9120db4b06393eaa1e5d1136f74a86a1ff07bdd9967631efc1c613cf72195ca974721b1eb84f2fa2682f73d71ebd1955a6250b4322ae3a6e0b7cda5412edc1c9664ac197de58ebfb37fb830d038d28e86dad2554427c7fdc2a2d122081f79861e962af5270fed31a3ff291e9895d380f2e87397637920ec8fe45f859acb752f9f41772eb293a202a92954a6f92a59e41a23a7351d0052aa1a7117a55e7239480bfa59a5a731d55f4268a5d3b32859eab5b00d1df31ced2eab4792bf2a7341158fec125cf32014c9666f0053b58f3cbdd2c438e06670ed31997ef58507204527450e698c8443d751f24b7a4f98403f57461b3cb233cec748e00e6739bc1be84c2bb7fc667c3dae568f452aa2200e9dc8e171030ca08b9782f9b0c84b6a1a670899b2f788047c0cfe87df9126e66ce62d126e57e576066f5615f1825334b94c31bd0080d292fc7673cbbeeb09c0e367818368551b88f7fb34410ad6d118e1e224ec4b7ad5d5d5c0efda1720407aea776d18b2d3bed34722663766fccc1159b5b5660f8d5bd8f2b5760ba68793b7425e44a8ef189e1ca754195a543859253ff59bb0ffea1b369c089ef285992ce9e5e0061bce56556f409b8e698073e68cb59b4948ca24234ec8e61ea208df803a1578ba1499002e200b623957dd2142f4238553a1e3975b40778381c1f1177941fd6ab85e8d47242b0ffa2acf0e0fb460a2f30587d194233dc40f478394f534a663fdaf49e206c322220a830d7e1dc9420b8647b68ad30c103758d29e572341c0ed2a4027b2a458f08d236b72c3aac1605c1dd353b8f412499d848425824d3af0eb158896dfb2317c2f50ff212d266f1e77452093811d157f2ce2ad1a122e3645c14c02256819044d38f4cd0c4b54176210a50eb43a74cf33c63148e93e946ea7e2ff1017c6b3bf76bc99963dd94bd8c2835ef4a954f88673ab6717990295088207be8c7693553e330e89cb41d3b7914c636c0eac36b38d654c724f8d82af0c7c60469e21cc51979c7fb575f2f18e7a4baf4517fb9bb7c2b1c20e0b52ac841a6d4e17af775918b46b9321ae02e9a665fb7b3576a2a832ee55f05f3c8364d1c2ecca8db8c584ff87402af2ba9f26542fb7f7797d8b5c3f09e336fb70e21dd1c3488eb9691bef7b498d0d78e25193dc2a6206146f4e914f28acc7df25a6ed034301afa363fe806b27d100d664928ccbf946e937313093462e7f1a85d0344bdf467dbc3026a1969dbd9116bfdc5de25d8840acc9e5b52cf02d805a378c9c9d623a84583dc77d0c2feac5932c574a7b81d917f414ac10a8a946bbfd30655518d31ccc3a14d25d0e60817e7edfb8126fd3adea742c9ac7e1792b1403ee53e26224227bb3d084b17ff586c487a2a9a67a4eb0663215ac9daf182a8a51e5b11c8a8535bc99f3fdf71429d47a15eb585f8af5a94a62e9d8af61645f4064322423ac06904bdb715145090d922ef18ec8cd075b6e787803d672e9a84e50363994b36ea68e4520b19e068b7a6f054570435e1350c5f6ddd26b4cb34acbb1009f3ae3690d1e17dcbe62ec85b56a28a6e2ae23b6a173e604b52b3582b3a8fbe0586a0997c1726d348871234756685079ad935e4215115203f3e6b184a2bdf4f9e94e3381241e756afcf1985985e0aab3b5aa40475ed296a22b9170611e69885a2741e997a682b43d8cbb7bd2da25760cec51928b87e184016ab8636a13efbe512bf9ca30a6197f368651f2e0f5b66408c0eaaf3689964320c284cf363f295d05d09bd84ad8f69355422d73416e8ee723f8238a685357c90b9e9d42ff9aad8fd12d846ae49387a0f8ef507bf49fa75dda2f73f7db3d42f3b7da1d88088672dea1310c4b6c03d7cecf163592d47144be05bc3c9641e8e23d8a38ad29ce4e2c311340c2ffd22dbe141e8d59b46567a65ed2ae921499def8895d53511b2f740b6a87e3761305798e3e73bd7ab0351a03d3eeaae7806db77969e6b203cd624139af5bfa9fa120155da01b6d0fd63cce2fbb6dec3ad20fab962489ca4b92d78232a879d96c97539a60724a062a21eb98ff7a5ebec9dea590fd6bfb7ebd4eb1f1594ffbdd10ad61c1f59dc4280c5ef127b4f66e3d79dc27c8f6c6491c3b8ef30e76109b856d8811710dee80e83f80ef2104cc896d2b076a13e0fab7f162d62c982a7c17994d4c5d751f81ededebabb371192c6f893ff44e928e0bdd93a731e52fa3bb4c3e01d62c0db906d43c9b9d7d9f5afa815ae7769a2c6a09d46ba3e4ab0f0b96a3b6c8b72b87958c21783fc153a2b8321c6ba05de57b7810fde73cbb28c4a80a90f6c23e2b2a2ac40aae986a28b1a30ce950a07d6e63f206425a305468736a4a0d736e5626ebfcaa2b74c89f47c1568f1f9f48a2f1f60c3b8276b9b310f87f204aa8cf93ef2dc372d2fcb6c14831aad99b27fd1338c7806527753bbce58484dfd2b8c8519027fe21f47ca204952a51d2ed8f3b62b28323f991bae980f1bf1caedfbc610b00463e61c33ab49504d3b939d645d5b4e6e407a01a1268a09f58a95ef3cb46b2bdfcd82e77637d35a0421e3768693bc8c44f0910ec964155bf932f7a485953709a5801b4823f969827ab83bc7c26dd486fb240e9d958fbc1dca6fc60db1d33324f90bfbf4c01eef54339e63f8ec741310a7340a11acebb2f6c0122996fa0c684e17d2c70f04e53215ac012723a04fead7b7e2dd2ae283690e09b90544de5ac1c813632b11c77ed04d5ad316ff63a19a04f192976e2c8ae96ed63f269cfe29f1ad0b00a1ac8ec3b1f2ab75751deecbd5972d7b710d63417e64553ac32bd013af29cb705f412a22570c6f958738aca4926091991d4e4083a0455ced9adcd7d305b7800233f669181164f116a8a8b1a8e70a6a66ab83c0ecd8c17377c230332dd294f476641a6344444399ed3081dbd99fc53ab68d39d34a23f3709820a0489069d9ac9eccd48e8e5427d64899db7c2357b39912e4ad0bdbe8996adbc2f41e9aeeeb96d90c1d218d9eae2d17375ce06149d46308b77b0aed80b9d7db60dc8dc13aea619f53e8ef66a7ea0853d82229f9505276f78fa14a7704840fe7b5eb04beb1aab3484f21f39b5a4204b9611af256c3638eb30072cc05c9803d143d526cef13527d4954aef129a0239a5a61ed57030849658d0f801f59763e3c2c1e858a11ae8839dabb1cf6e9e4097e85085935d8e99669ecd484e53069de4313365f6e9206011f5b3bd59ac9771d5ac4de94d06203241844bb5b61054920ece41b5235abe7d9e7a193db4f2c015cdc211175b005615f0cfac9db6e1e139c8be7eb5c0d60f3a2441dd5d404f39376988dc6f993ffbb920bec38e882269d6f18a03694a28cd45b177f2e1858552b36d4fd78265179e95d2b11daae43ab979339c30774104c8c29a2e6f02db3dd4884daba51e66f494d7fdaf3ad1c4d05c1a01c00f75eb86102f6d2913fb39ab3fa7e3d4baf7858d844adcfc2e5e4b1afb825b1cac712ed257bbd6f8aa7c091bb5afd1fa10d2ac77fffba87875b019aa41f6136c3f05bf9c0511f1b2d9d1466516f233f644fbed574e9656a16049d9f60f8eec384c9e7b3f7a0fcf995fd9c03b67dc3b15a139a000896f793b6ca685f83374e5d8161dcbdc1100e25baf0491f13f7f5956101091e0a42145459aef71ccd915797a04ce188602e2dcf6c3cf3fec52b8232121f9700a0c1843b616b1558a439f06333699ecc99b63c943fe2a200938b8e86c049e73d8a973ec2c202ee0531169fae972dac54240eddd4902b3ef287ee30816944e24db011c7df301fc377d7d0b81cfb5b9a77d923fa1da7c73caaa22c98e9b5db748210159b09b73f4b8e834d645aff3fce1347c3db86dbdf0672505ee63de926a77437fadfc62605b2ad117432d87f7d9aeb016a6159da6f4b67418e27b40ee61a544a12c816abcee78c6ad67f0bf54f537c861f9cadb938f739faa3", @generic="9ebc3e765a2eaff907caa2cd36bbd8efac7f89135b1341e865bb9100a6d1a8be6eb8e0c5", @nested={0x198, 0x94, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="f982b971f69819a3f0212367a46e9568728d2a07a1e0e0763605dfcfc294b442c73a01d0becf80509b44a74ab47773a1137e9324637edf569e511b068ef2c0bf0ddeb1b5831ad89d6c9a5c06247a176cc55143415255e4b40423b70b4d6945e3f4ef99336b2fe6558f4963481244381f4a7e00566c2c1b38cf97a0bab92261d3269048fca4efec618a22b209e497a9445d37f301609dc5b653b98ff6954fec", @generic="e43980455407f7bd5029e2ab27ac6d9e7c5741e55a565e699b86e913caba6ea82bc134ee5e939deaa7f21f55c76f378ce2b934cab857ba9985fcca565ce61a73ff89cde39b9ce9005fb061dd95991a687931e426a33949a06112b991997072bc000432fd92f3ae1406daef9a94a787ac795a6ef02d1740f4d7a12b56c8a8037295c0fe3597aadf9689171e1f15161f84fc11dee3897199bb589f3f49d974ab3189d538b8d78e4dbb1ead5e25930da0953edfe2528614916a608788568d3704c5f204c58db74fca5cc8f0fbb09caf82c1885070006fc9f78fddeed798058107870897942eef1d26d5c8b75a67ba"]}]}, 0x11e0}}, 0x20000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1661.923599] FAULT_INJECTION: forcing a failure. [ 1661.923599] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.925354] CPU: 1 PID: 9451 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1661.926100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1661.927008] Call Trace: [ 1661.927307] dump_stack+0x107/0x167 [ 1661.927708] should_fail.cold+0x5/0xa [ 1661.928119] ? create_object.isra.0+0x3a/0xa20 [ 1661.928618] should_failslab+0x5/0x20 [ 1661.929027] kmem_cache_alloc+0x5b/0x360 [ 1661.929464] ? mark_held_locks+0x9e/0xe0 [ 1661.929912] create_object.isra.0+0x3a/0xa20 [ 1661.930374] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1661.930942] kmem_cache_alloc_bulk+0x168/0x320 [ 1661.931431] io_submit_sqes+0x707f/0x86a0 [ 1661.931892] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1661.932417] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1661.932934] ? lock_downgrade+0x6d0/0x6d0 [ 1661.933374] ? find_held_lock+0x2c/0x110 [ 1661.933813] ? io_submit_sqes+0x86a0/0x86a0 [ 1661.934279] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1661.934811] ? wait_for_completion_io+0x270/0x270 [ 1661.935324] ? rcu_read_lock_any_held+0x75/0xa0 [ 1661.935812] ? vfs_write+0x354/0xa30 [ 1661.936209] ? fput_many+0x2f/0x1a0 [ 1661.936596] ? ksys_write+0x1a9/0x260 [ 1661.937002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1661.937551] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1661.938110] do_syscall_64+0x33/0x40 [ 1661.938503] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1661.939065] RIP: 0033:0x7faadcd8fb19 [ 1661.939461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1661.941386] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1661.942202] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1661.942974] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1661.943727] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1661.944722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1661.945719] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1661.966422] FAULT_INJECTION: forcing a failure. [ 1661.966422] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.968537] CPU: 1 PID: 9459 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1661.969473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1661.970595] Call Trace: [ 1661.970978] dump_stack+0x107/0x167 [ 1661.971478] should_fail.cold+0x5/0xa [ 1661.972008] ? create_object.isra.0+0x3a/0xa20 [ 1661.972646] should_failslab+0x5/0x20 [ 1661.973180] kmem_cache_alloc+0x5b/0x360 [ 1661.973746] ? mark_held_locks+0x9e/0xe0 [ 1661.974308] create_object.isra.0+0x3a/0xa20 [ 1661.974886] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1661.975434] kmem_cache_alloc_bulk+0x168/0x320 [ 1661.975934] io_submit_sqes+0x707f/0x86a0 [ 1661.976422] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1661.976958] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1661.977474] ? lock_downgrade+0x6d0/0x6d0 [ 1661.977910] ? find_held_lock+0x2c/0x110 [ 1661.978347] ? io_submit_sqes+0x86a0/0x86a0 [ 1661.978823] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1661.979340] ? wait_for_completion_io+0x270/0x270 [ 1661.979856] ? rcu_read_lock_any_held+0x75/0xa0 [ 1661.980348] ? vfs_write+0x354/0xa30 [ 1661.980756] ? fput_many+0x2f/0x1a0 [ 1661.981149] ? ksys_write+0x1a9/0x260 [ 1661.981571] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1661.982127] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1661.982682] do_syscall_64+0x33/0x40 [ 1661.983090] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1661.983644] RIP: 0033:0x7fb90a2beb19 [ 1661.984046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1661.986008] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1661.986835] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1661.987585] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1661.988341] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1661.989097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1661.989845] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1661.997465] FAULT_INJECTION: forcing a failure. [ 1661.997465] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.998753] CPU: 1 PID: 9453 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1661.999471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.000355] Call Trace: [ 1662.000637] dump_stack+0x107/0x167 [ 1662.001033] should_fail.cold+0x5/0xa [ 1662.001443] ? getname_flags.part.0+0x50/0x4f0 [ 1662.001927] should_failslab+0x5/0x20 [ 1662.002339] kmem_cache_alloc+0x5b/0x360 [ 1662.002797] getname_flags.part.0+0x50/0x4f0 [ 1662.003273] ? wait_for_completion_io+0x270/0x270 [ 1662.003790] getname_flags+0x9a/0xe0 [ 1662.004185] do_mkdirat+0x8d/0x2a0 [ 1662.004565] ? user_path_create+0xf0/0xf0 [ 1662.005005] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.005562] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.006121] do_syscall_64+0x33/0x40 [ 1662.006515] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1662.007086] RIP: 0033:0x7f5ff7acbb19 [ 1662.007480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.009476] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1662.010283] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1662.011058] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1662.011818] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1662.012593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1662.013353] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1662.015287] option changes via remount are deprecated (pid=9460 comm=syz-executor.6) [ 1662.041493] option changes via remount are deprecated (pid=9460 comm=syz-executor.6) [ 1662.064651] device veth0_vlan entered promiscuous mode 23:41:06 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r3, r2, &(0x7f0000000180)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, {0x6140}, 0x1}, 0x80000000) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r4, 0xffffffffffffffff, 0x0) connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e20, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, 0x1c) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r7 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r7, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4007, @fd_index=0x7, 0x7f, 0xc6, 0x1, 0x8, 0x1, {0x0, r9}}, 0x6) r10 = mmap$IORING_OFF_SQES(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x1000000, 0x11, r0, 0x10000000) syz_io_uring_submit(r3, r10, &(0x7f0000000040)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x2007, @fd_index, 0x7, 0x200, 0xfffffe01, 0x4, 0x1}, 0x2) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:06 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 2) 23:41:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1}, 0x6) io_uring_enter(r0, 0x4cce, 0x4995, 0x6, &(0x7f0000000100)={[0x8]}, 0x8) 23:41:06 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 23:41:06 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 23:41:06 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index=0x9, 0x4, 0x0, 0x81}, 0x7f) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffff9c, 0xc0406619, &(0x7f0000000040)={@desc={0x1, 0x0, @auto="c4ddc608339eec1c"}}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:06 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, 0x0) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1674.950777] FAULT_INJECTION: forcing a failure. [ 1674.950777] name failslab, interval 1, probability 0, space 0, times 0 [ 1674.953085] CPU: 1 PID: 9478 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1674.953898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1674.954888] Call Trace: [ 1674.955227] dump_stack+0x107/0x167 [ 1674.955660] should_fail.cold+0x5/0xa [ 1674.956113] ? create_object.isra.0+0x3a/0xa20 [ 1674.956662] ? create_object.isra.0+0x3a/0xa20 [ 1674.957211] should_failslab+0x5/0x20 [ 1674.957665] kmem_cache_alloc+0x5b/0x360 [ 1674.958153] ? ksys_write+0x21a/0x260 [ 1674.958616] create_object.isra.0+0x3a/0xa20 [ 1674.959185] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1674.959790] kmem_cache_alloc+0x159/0x360 [ 1674.960301] getname_flags.part.0+0x50/0x4f0 [ 1674.960833] ? wait_for_completion_io+0x270/0x270 [ 1674.961401] getname_flags+0x9a/0xe0 [ 1674.961852] do_mkdirat+0x8d/0x2a0 [ 1674.962276] ? user_path_create+0xf0/0xf0 [ 1674.962776] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1674.963421] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1674.964035] do_syscall_64+0x33/0x40 [ 1674.964480] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1674.965096] RIP: 0033:0x7f5ff7acbb19 [ 1674.965547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1674.967738] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1674.968649] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1674.969477] FAULT_INJECTION: forcing a failure. [ 1674.969477] name failslab, interval 1, probability 0, space 0, times 0 [ 1674.970778] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1674.971620] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1674.972458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1674.973303] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1674.974195] CPU: 0 PID: 9486 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1674.975685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1674.977548] Call Trace: [ 1674.978096] dump_stack+0x107/0x167 [ 1674.978855] should_fail.cold+0x5/0xa [ 1674.979664] ? create_object.isra.0+0x3a/0xa20 [ 1674.980612] should_failslab+0x5/0x20 [ 1674.981388] kmem_cache_alloc+0x5b/0x360 [ 1674.982221] ? mark_held_locks+0x9e/0xe0 [ 1674.983071] create_object.isra.0+0x3a/0xa20 [ 1674.983979] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1674.985025] kmem_cache_alloc_bulk+0x168/0x320 [ 1674.985985] io_submit_sqes+0x707f/0x86a0 [ 1674.986875] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1674.987899] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1674.988881] ? lock_downgrade+0x6d0/0x6d0 [ 1674.989721] ? find_held_lock+0x2c/0x110 [ 1674.990557] ? io_submit_sqes+0x86a0/0x86a0 [ 1674.991456] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1674.992432] ? wait_for_completion_io+0x270/0x270 [ 1674.993413] ? rcu_read_lock_any_held+0x75/0xa0 [ 1674.994358] ? vfs_write+0x354/0xa30 [ 1674.995137] ? fput_many+0x2f/0x1a0 [ 1674.995885] ? ksys_write+0x1a9/0x260 [ 1674.996681] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1674.997779] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1674.998845] do_syscall_64+0x33/0x40 [ 1674.999629] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1675.000688] RIP: 0033:0x7fb90a2beb19 [ 1675.001459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.005288] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1675.006876] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1675.008348] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1675.009827] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.011321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1675.012808] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1675.043448] FAULT_INJECTION: forcing a failure. [ 1675.043448] name failslab, interval 1, probability 0, space 0, times 0 23:41:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x7}, 0x1, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r3 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.log\x00', 0x400, 0x140) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x101403, 0x0) [ 1675.045319] CPU: 1 PID: 9488 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1675.046306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1675.047266] Call Trace: [ 1675.047573] dump_stack+0x107/0x167 23:41:06 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040)=0x3) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r0, 0xffffffff, 0xff, 0x1ff}) sendto$packet(r1, &(0x7f00000000c0)="e9c6dd83cfff4a07877a19c3813c51aad360fdc100c6fe1b5027c94d332fbcf5bd3bc48c8f5a073578fcf67736b4d104", 0x30, 0x20000000, &(0x7f0000000180)={0x11, 0x1c, 0x0, 0x1, 0x40, 0x6, @random="0a0d9fd99166"}, 0x14) r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r6, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', 0x0}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r8, 0x0) sendmsg$nl_xfrm(r6, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="fc0100001b00010026bd7000ffdbdf25e0000002000000000000000000000000200100000000000000000000000000024e230dc84e220085020080902b000000", @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="06000000000000000104000000000000ff0f0000000000000200000000000000119b000000000000040000000000000009000000000000000700000000000000e1ffffffffffffff040078920000000003000000000000000900000000000000f8fcffffbb6b6e00010002030000000008000000000000000a001000000000000000000014000d0000000000000000000000000000000000050019003c00000014000e00640101000000000000000000000000009c00110000000000000000000000000000000000ff010000000000000000000000000001000000000000000000000000000000007f0000010000000000000000000000003c080000000000000a000a00fc000000000000000000000000000001fe880000000000000000000000000001fc000000000000000000000000000000ac14141100000000000000000000000032030000023500000200020008001800060000000c000f0000000000000000005000110020010000000000000000000000000000ac1414bb000000000000000000000000fe8000000000000000000000000000aaff01000000000000000000000000000132040000000000000a000200"], 0x1fc}, 0x1, 0x0, 0x0, 0x40}, 0x20000841) [ 1675.048147] should_fail.cold+0x5/0xa [ 1675.048683] ? create_object.isra.0+0x3a/0xa20 [ 1675.049196] should_failslab+0x5/0x20 [ 1675.049630] kmem_cache_alloc+0x5b/0x360 [ 1675.050094] ? mark_held_locks+0x9e/0xe0 [ 1675.050554] create_object.isra.0+0x3a/0xa20 [ 1675.051057] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1675.051629] kmem_cache_alloc_bulk+0x168/0x320 [ 1675.052151] io_submit_sqes+0x707f/0x86a0 [ 1675.052647] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1675.053205] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1675.053755] ? lock_downgrade+0x6d0/0x6d0 [ 1675.054221] ? find_held_lock+0x2c/0x110 [ 1675.054684] ? io_submit_sqes+0x86a0/0x86a0 [ 1675.055187] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1675.055739] ? wait_for_completion_io+0x270/0x270 [ 1675.056287] ? rcu_read_lock_any_held+0x75/0xa0 [ 1675.056811] ? vfs_write+0x354/0xa30 [ 1675.057235] ? fput_many+0x2f/0x1a0 [ 1675.057649] ? ksys_write+0x1a9/0x260 [ 1675.058083] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1675.058676] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1675.059277] do_syscall_64+0x33/0x40 [ 1675.059702] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1675.060273] RIP: 0033:0x7faadcd8fb19 [ 1675.060713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.062764] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1675.063636] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1675.064436] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1675.065244] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.066045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1675.066854] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:41:06 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 3) [ 1675.152590] FAULT_INJECTION: forcing a failure. [ 1675.152590] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.154066] CPU: 1 PID: 9501 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1675.154807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1675.155718] Call Trace: [ 1675.156010] dump_stack+0x107/0x167 [ 1675.156411] should_fail.cold+0x5/0xa [ 1675.156827] ? create_object.isra.0+0x3a/0xa20 [ 1675.157321] should_failslab+0x5/0x20 [ 1675.157737] kmem_cache_alloc+0x5b/0x360 [ 1675.158173] ? ksys_write+0x21a/0x260 [ 1675.158590] create_object.isra.0+0x3a/0xa20 [ 1675.159077] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1675.159629] kmem_cache_alloc+0x159/0x360 [ 1675.160089] getname_flags.part.0+0x50/0x4f0 [ 1675.160573] ? wait_for_completion_io+0x270/0x270 [ 1675.161105] getname_flags+0x9a/0xe0 [ 1675.161513] do_mkdirat+0x8d/0x2a0 [ 1675.161901] ? user_path_create+0xf0/0xf0 [ 1675.162357] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1675.162944] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1675.163507] do_syscall_64+0x33/0x40 [ 1675.163920] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1675.164476] RIP: 0033:0x7f5ff7acbb19 [ 1675.164890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.166873] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1675.167709] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1675.168484] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1675.169262] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.170028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1675.170834] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:41:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7464, &(0x7f0000000040)={0x0, 0xbc94, 0x4, 0x1, 0x118, 0x0, r3}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000180)) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) clock_gettime(0x0, &(0x7f0000001d40)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001e00)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000340)=""/150, 0x96}, {&(0x7f0000000400)=""/199, 0xc7}, {&(0x7f00000001c0)=""/48, 0x30}, {&(0x7f0000000500)=""/213, 0xd5}, {&(0x7f0000000240)=""/52, 0x34}], 0x5, &(0x7f0000000680)=""/125, 0x7d}, 0x4}, {{&(0x7f0000000700)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, &(0x7f0000001c40)=[{&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000001780)=""/230, 0xe6}, {&(0x7f0000001880)=""/234, 0xea}, {&(0x7f0000001980)=""/137, 0x89}, {&(0x7f0000001a40)=""/175, 0xaf}, {&(0x7f0000001b00)=""/233, 0xe9}, {&(0x7f0000000280)=""/36, 0x24}, {&(0x7f0000001c00)=""/33, 0x21}, {&(0x7f0000002a80)=""/4096, 0x1000}], 0x9, &(0x7f0000001d00)}, 0x80000001}], 0x2, 0x2000, &(0x7f0000001e80)={r5, r6+10000000}) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x6, &(0x7f0000001ec0)={0x0, 0x70a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000001d00)=0x0, 0x0) syz_io_uring_submit(r10, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r10, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r9}}, 0x7f) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001f80)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r7, 0x8, 0x0, 0x8d, 0x0, 0x0, {0x0, r9}}, 0x2) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:06 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xa141, 0x0, 0x2, 0x100}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000fed000/0x10000)=nil, 0x10000, 0x1000000, 0x80010, r0, 0x10000000) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r4, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x1, 0x1f, 0xe9, 0x0, 0x7, 0x80002, 0x7, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3955e7ee, 0x1, @perf_config_ext={0x401}, 0x420, 0x7, 0x9, 0x6, 0x7fff, 0x8, 0x81, 0x0, 0x101, 0x0, 0xa6aa}, 0x0, 0x7, 0xffffffffffffffff, 0xa) syz_io_uring_submit(r1, r3, &(0x7f0000000100)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4, 0x0, r4, &(0x7f0000000040)={0x40000000}, r5}, 0x7fffffff) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:06 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 4) 23:41:06 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) [ 1675.336766] FAULT_INJECTION: forcing a failure. [ 1675.336766] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.338421] CPU: 1 PID: 9512 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1675.339193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1675.340099] Call Trace: [ 1675.340394] dump_stack+0x107/0x167 [ 1675.340800] should_fail.cold+0x5/0xa [ 1675.341224] ? __d_alloc+0x2a/0x990 [ 1675.341628] should_failslab+0x5/0x20 [ 1675.342043] kmem_cache_alloc+0x5b/0x360 [ 1675.342490] __d_alloc+0x2a/0x990 [ 1675.342884] ? dput+0x1ae/0xc40 [ 1675.343241] d_alloc+0x46/0x1c0 [ 1675.343597] __lookup_hash+0xcc/0x190 [ 1675.344012] filename_create+0x186/0x4a0 [ 1675.344452] ? filename_parentat+0x570/0x570 [ 1675.344939] ? getname_flags+0xa2/0xe0 [ 1675.345370] do_mkdirat+0xa0/0x2a0 [ 1675.345764] ? user_path_create+0xf0/0xf0 [ 1675.346222] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1675.346796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1675.347369] do_syscall_64+0x33/0x40 [ 1675.347779] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1675.348336] RIP: 0033:0x7f5ff7acbb19 [ 1675.348752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.350734] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1675.351580] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1675.352353] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1675.353138] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.353906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1675.354692] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1675.401483] FAULT_INJECTION: forcing a failure. [ 1675.401483] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.403283] CPU: 1 PID: 9516 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1675.404027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1675.404929] Call Trace: [ 1675.405228] dump_stack+0x107/0x167 [ 1675.405630] should_fail.cold+0x5/0xa [ 1675.406048] ? create_object.isra.0+0x3a/0xa20 [ 1675.406566] should_failslab+0x5/0x20 [ 1675.406996] kmem_cache_alloc+0x5b/0x360 [ 1675.407443] create_object.isra.0+0x3a/0xa20 [ 1675.407924] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1675.408481] kmem_cache_alloc_bulk+0x168/0x320 [ 1675.408991] io_submit_sqes+0x707f/0x86a0 [ 1675.409476] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1675.410021] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1675.410560] ? lock_downgrade+0x6d0/0x6d0 [ 1675.411013] ? find_held_lock+0x2c/0x110 [ 1675.411457] ? io_submit_sqes+0x86a0/0x86a0 [ 1675.411938] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1675.412465] ? wait_for_completion_io+0x270/0x270 [ 1675.413002] ? rcu_read_lock_any_held+0x75/0xa0 [ 1675.413507] ? vfs_write+0x354/0xa30 [ 1675.413922] ? fput_many+0x2f/0x1a0 [ 1675.414316] ? ksys_write+0x1a9/0x260 [ 1675.414737] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1675.415329] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1675.415894] do_syscall_64+0x33/0x40 [ 1675.416309] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1675.416872] RIP: 0033:0x7faadcd8fb19 [ 1675.417288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.419300] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1675.420132] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1675.420915] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1675.421693] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.422461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1675.423247] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1675.510601] device veth0_vlan entered promiscuous mode 23:41:20 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:20 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 23:41:20 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 23:41:20 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:20 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:20 executing program 6: fork() r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x78a8, 0x0, 0xfffffffd, 0x1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000a40)=0x0, &(0x7f0000000a80)=0x0) r7 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000a00)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x80, &(0x7f00000008c0)=[{&(0x7f00000001c0)=""/54, 0x36}, {&(0x7f0000000540)=""/165, 0xa5}, {&(0x7f0000000600)=""/160, 0xa0}, {&(0x7f0000000700)=""/187, 0xbb}, {&(0x7f00000007c0)=""/94, 0x5e}, {&(0x7f0000000840)=""/107, 0x6b}], 0x6, &(0x7f0000000940)=""/190, 0xbe}, 0x0, 0x10041, 0x1, {0x2, r9}}, 0xffffffff) syz_io_uring_submit(r5, r6, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r10, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r7, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r10, r2, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd_index=0x6, 0x7fffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="47e928202f7ff5891f183d06001ce66b77184b68e35c9f656d5648f7327626110bdc90b7ed246848a3408a0e0fbb09965d18bc9ac91bccf0efa54003c17bf97fd886df3783f5ee86490093da8b587c8b4dd4f47f8b09194c20b56631917c258cb65c4814b7fd", 0x66}, {&(0x7f0000000340)="c088650f0c52f42dbc207dcd2c0cdf8c80435a293b1388eebd1eb27739ac5426d0a81f0f3cb00b0dab92de89b83e73f11a58be277660f0d36160105a395f5a554b6d5038c95bf017914b7307400b71183c4297b89de6329ae5a14f9393d97048ddb9ace3a69f8429679d5419203d0b2897e0c252e12ec10bb761308fc80c8a93d68c0943f6a3a4f6d0234633985a7e85fb79061f5b4f93", 0x97}, {&(0x7f0000000400)="3cd9142f1f03644c298a86c429c8f3288f13bc3437efd7d59470ec37405be061426f7bde590f6ba4dd89ec1d0fde0aff9070aab94f87fc44abbb1189dd83bb98a4ce9dec7f6c7efaf6574e452ab617e3f7431c8148f7997376da775a4a3d3298f3aa7c4d8e149c1f0f3ed0f8ef4ad25d23e5b4a0e65b48880e24ee738eff28204748c814c77b4569ef9c695f734fac8cdb95d46509bee84760996466", 0x9c}], 0x3, 0x11, 0x1, {0x3}}, 0x6) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:20 executing program 1: openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x800, 0x12a, 0x8}, 0x18) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:20 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 5) [ 1689.346412] FAULT_INJECTION: forcing a failure. [ 1689.346412] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.348422] CPU: 1 PID: 9532 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1689.349243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.350233] Call Trace: [ 1689.350553] dump_stack+0x107/0x167 [ 1689.350990] should_fail.cold+0x5/0xa [ 1689.351472] ? create_object.isra.0+0x3a/0xa20 [ 1689.352017] should_failslab+0x5/0x20 [ 1689.352466] kmem_cache_alloc+0x5b/0x360 [ 1689.352951] ? __d_alloc+0x2a/0x990 [ 1689.353397] create_object.isra.0+0x3a/0xa20 [ 1689.353943] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1689.354553] kmem_cache_alloc+0x159/0x360 [ 1689.355065] __d_alloc+0x2a/0x990 [ 1689.355488] d_alloc+0x46/0x1c0 [ 1689.355895] __lookup_hash+0xcc/0x190 [ 1689.356350] filename_create+0x186/0x4a0 [ 1689.356898] ? filename_parentat+0x570/0x570 [ 1689.357488] ? getname_flags.part.0+0x1dd/0x4f0 [ 1689.358101] do_mkdirat+0xa0/0x2a0 [ 1689.358547] FAULT_INJECTION: forcing a failure. [ 1689.358547] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.358582] ? user_path_create+0xf0/0xf0 [ 1689.361482] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.362111] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.362762] do_syscall_64+0x33/0x40 [ 1689.363219] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.363850] RIP: 0033:0x7f5ff7acbb19 [ 1689.364302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.366581] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1689.367479] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1689.368372] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1689.369296] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.370199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1689.371078] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1689.372036] CPU: 0 PID: 9533 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1689.373489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.375222] Call Trace: [ 1689.375779] dump_stack+0x107/0x167 [ 1689.376542] should_fail.cold+0x5/0xa [ 1689.377337] ? create_object.isra.0+0x3a/0xa20 [ 1689.378291] should_failslab+0x5/0x20 [ 1689.379092] kmem_cache_alloc+0x5b/0x360 [ 1689.379939] ? mark_held_locks+0x9e/0xe0 [ 1689.380788] create_object.isra.0+0x3a/0xa20 [ 1689.381706] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1689.382764] kmem_cache_alloc_bulk+0x168/0x320 [ 1689.383748] io_submit_sqes+0x707f/0x86a0 [ 1689.384645] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.385681] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.386687] ? lock_downgrade+0x6d0/0x6d0 [ 1689.387549] ? find_held_lock+0x2c/0x110 [ 1689.388394] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.389299] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.390299] ? wait_for_completion_io+0x270/0x270 [ 1689.391334] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.392320] ? vfs_write+0x354/0xa30 [ 1689.393117] ? fput_many+0x2f/0x1a0 [ 1689.393916] ? ksys_write+0x1a9/0x260 [ 1689.394754] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.395883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.396984] do_syscall_64+0x33/0x40 [ 1689.397767] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.398834] RIP: 0033:0x7faadcd8fb19 [ 1689.399621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.403485] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.405083] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1689.406582] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.408091] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.409601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.411104] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1689.455981] device veth0_vlan entered promiscuous mode [ 1689.459510] FAULT_INJECTION: forcing a failure. [ 1689.459510] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.463464] CPU: 0 PID: 9537 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1689.464886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.466624] Call Trace: [ 1689.467224] dump_stack+0x107/0x167 [ 1689.467999] should_fail.cold+0x5/0xa [ 1689.468803] should_failslab+0x5/0x20 [ 1689.469590] kmem_cache_alloc_bulk+0x4b/0x320 [ 1689.470573] io_submit_sqes+0x707f/0x86a0 [ 1689.471482] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.472524] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.473546] ? lock_downgrade+0x6d0/0x6d0 [ 1689.474417] ? find_held_lock+0x2c/0x110 [ 1689.475281] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.476205] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.477211] ? wait_for_completion_io+0x270/0x270 [ 1689.478220] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.479212] ? vfs_write+0x354/0xa30 [ 1689.480001] ? fput_many+0x2f/0x1a0 [ 1689.480768] ? ksys_write+0x1a9/0x260 [ 1689.481582] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.482671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.483755] do_syscall_64+0x33/0x40 [ 1689.484537] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.485612] RIP: 0033:0x7fb90a2beb19 [ 1689.486388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.490250] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.491867] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1689.493365] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.494862] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.496363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.497879] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:41:20 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x20010, r0, 0x10000000) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000900)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x100}, 0x0, {0x0, r4}}, 0x2) syz_io_uring_setup(0x3e67, &(0x7f0000000040)={0x0, 0xb26c, 0x8, 0x2, 0xa8, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000100)) r6 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, 0x7, &(0x7f0000000740)=[{&(0x7f0000000340)="e49bf760274aa9d7b369b6980475952816977efefde7115fb8d1d2ef0c5b035d39e79233e5295f0cfa11e0ef0d83690092972d8d1a4ccb44621609c8176d749bc52e890ccbe6edeedc317ffe5b03f298c30a71f2708fce0604e1ccdcb1a1b8284d4ddd7a4422ed1af18a84da9009be471a30d81163925069209e498be9dd9fe01f53ab9eb2efa425c88c93c4a52b649d8d299b7fd61d6cb94e77a4797ce1aba1355c565bbc0a04ad3289955c2b0a7ad185c340ef20f4186f81db9581b4e6c4f425b47692d3f8e6d3990a75da6d155bed1215f5e6d28bb3849243228eedb3a2c6d050923b7818e1f9af3fe3b65efdc5dd", 0xf0, 0x81}, {&(0x7f0000000240)="242ed8a1ba7d1553ec740056b066dd58afaed23d56828415e73a720e939d5d0f3736785b1ad0ddaae734c4c4de041ea464f0db302b189e6db2ca65218ac1a425d5e09752c0753e0314d806bc6dfafc523283ba6cd080792c31c32f3a0f95820ad5cbe4879c501c70b27089a747cdd7c97e20821d257466dff4", 0x79, 0x100}, {&(0x7f0000000440)="5932b7831e5ae8c34841e7c05661d5b429c98928c518b0008b06ea06588ec1216dfa0104d6cbeb084c86b4cd5c4d85196edbe3ab5f384651905fbba821012d092fffc40c8ace42b3d1b0f7072af749dcbaa669d481f9a7f1551954299a7c89c3c5f648ac16c7380ccb845864a3b4cc3d7588a009b6a5cbd792ee0c5e9496c33a8ade", 0x82, 0x7}, {&(0x7f0000000500)="0f7bf0d0f26a995d9e589bd544cb72aabfb856d5d9d54a8614fc56c41eef1d22a57acade7535925f68f15dc03e1041d19c260d97545f2b174f0ab9acb8dd5cd1340e547ed734c04edbbf762cad45428baf6677592fb5fb575832c165", 0x5c, 0x3f}, {&(0x7f0000000580)="c16dcf591dc566b3efb16e70b9a785a99b6e2dde2183ad4e722852245c55700564128fdc9bb715b58876de940c2b226c6b9dcc973d24eef4a2bccb72f3d9e3890ec07d71ec9ac7e13ddd78dc55bbd13e1961ca10940cf8ac16c195b24cd69aab86079938be0b27bba6541763006027c840d5c698454af3d5a446a445bd79f226104e68f05be53a3f63b7e2e8f011b31b5845ba5633413e12fb27939cf3b9901e2c20669558a3716dbfcf515128ea71ac88ec4e44634cc08aba5d46a3a58bf0df4fafb79c6fea69da13d5efae58fe5c2298c480130bb72e11d04cbae97e1fbdd73716891514e82cd47fc7b224", 0xec, 0x1f}, {&(0x7f0000000680)="d5ca182245983c1544d008dd8839aedbb6d74c50969f7d1741f57f2339c9ea29fa704ee7b3754d75d74bea99769e58f7bff06018d84adce6017b46e6fc655052dabb2a8e8f324b8f087e55ef250a9d18b7501fb7d2f6db07", 0x58, 0x80000000}, {&(0x7f0000000700)="0a7a52c685bfa92d84", 0x9, 0x6}], 0xd3b51084a1a43786, &(0x7f0000000800)={[{@dots}, {@fat=@gid={'gid', 0x3d, 0xffffffffffffffff}}, {@nodots}, {@dots}], [{@audit}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@measure}, {@uid_eq}, {@subj_user={'subj_user', 0x3d, '\x00'}}, {@fsname={'fsname', 0x3d, '\x00'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@hash}, {@euid_eq={'euid', 0x3d, 0xee00}}]}) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r2, &(0x7f00000008c0)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd=r0, 0x8, {0x0, r6}, 0x5, 0x4, 0x1, {0x0, r7}}, 0x5) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:20 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x8000, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) signalfd4(r0, &(0x7f00000000c0)={[0x1]}, 0x8, 0x800) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r4, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x4, 0x80, 0x0, 0x8, 0x2, 0x3f, 0x0, 0x7, 0x84406, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000180), 0x5}, 0x400, 0xffffffff, 0x5, 0x3, 0x3, 0x9, 0xd530, 0x0, 0x8}, 0xffffffffffffffff, 0x8, r4, 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000040), &(0x7f0000000080)=0x8) 23:41:21 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 23:41:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x258200, 0x0) r4 = open_tree(r3, &(0x7f0000000080)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x589f, &(0x7f00000000c0)={0x0, 0x474, 0x2, 0x3, 0x3a}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x5, 0x8010, r4, 0x10000000) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r7}}, 0x7f) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_STATX={0x15, 0x5, 0x0, 0xffffffffffffff9c, &(0x7f0000000340), &(0x7f0000000240)='./file0\x00', 0x100, 0x100, 0x0, {0x0, r7}}, 0x2) [ 1689.604882] FAULT_INJECTION: forcing a failure. [ 1689.604882] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.606956] CPU: 1 PID: 9555 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1689.607759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.608635] Call Trace: [ 1689.608935] dump_stack+0x107/0x167 [ 1689.609329] should_fail.cold+0x5/0xa [ 1689.609759] ? create_object.isra.0+0x3a/0xa20 [ 1689.610261] should_failslab+0x5/0x20 [ 1689.610686] kmem_cache_alloc+0x5b/0x360 [ 1689.611161] create_object.isra.0+0x3a/0xa20 [ 1689.611657] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1689.612196] kmem_cache_alloc_bulk+0x168/0x320 [ 1689.612712] io_submit_sqes+0x707f/0x86a0 [ 1689.613203] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.613767] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.614294] ? lock_downgrade+0x6d0/0x6d0 [ 1689.614753] ? find_held_lock+0x2c/0x110 [ 1689.615193] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.615677] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.616195] ? wait_for_completion_io+0x270/0x270 [ 1689.616742] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.617251] ? vfs_write+0x354/0xa30 [ 1689.617679] ? fput_many+0x2f/0x1a0 [ 1689.618080] ? ksys_write+0x1a9/0x260 [ 1689.618512] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.619087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.619671] do_syscall_64+0x33/0x40 [ 1689.620080] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.620647] RIP: 0033:0x7faadcd8fb19 [ 1689.621040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.623114] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.623920] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1689.624713] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.625496] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.626266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.627078] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:41:21 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 6) 23:41:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000000c0)={0x400, 0x80, 0x19}, &(0x7f0000000100)='./file0\x00', 0x18, 0x0, 0x23456}, 0x3d8a) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x101) r5 = eventfd(0x4) io_uring_register$IORING_REGISTER_EVENTFD(r4, 0x4, &(0x7f0000000080)=r5, 0x1) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000340)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) 23:41:21 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xd514}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:21 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) [ 1689.767444] FAULT_INJECTION: forcing a failure. [ 1689.767444] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.768939] CPU: 1 PID: 9568 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1689.769698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.770605] Call Trace: [ 1689.770902] dump_stack+0x107/0x167 [ 1689.771333] should_fail.cold+0x5/0xa [ 1689.771753] ? create_object.isra.0+0x3a/0xa20 [ 1689.772279] should_failslab+0x5/0x20 [ 1689.772704] kmem_cache_alloc+0x5b/0x360 [ 1689.773167] create_object.isra.0+0x3a/0xa20 [ 1689.773657] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1689.774238] kmem_cache_alloc_bulk+0x168/0x320 [ 1689.774744] io_submit_sqes+0x707f/0x86a0 [ 1689.775234] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.775786] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.776328] ? lock_downgrade+0x6d0/0x6d0 [ 1689.776784] ? find_held_lock+0x2c/0x110 [ 1689.777255] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.777742] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.778274] ? wait_for_completion_io+0x270/0x270 [ 1689.778810] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.779331] ? vfs_write+0x354/0xa30 [ 1689.779744] ? fput_many+0x2f/0x1a0 [ 1689.780144] ? ksys_write+0x1a9/0x260 [ 1689.780578] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.781161] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.781744] do_syscall_64+0x33/0x40 [ 1689.782160] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.782738] RIP: 0033:0x7faadcd8fb19 [ 1689.783169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.785215] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.786060] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1689.786840] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.787643] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.788433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.789226] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1689.824647] FAULT_INJECTION: forcing a failure. [ 1689.824647] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.827655] CPU: 0 PID: 9570 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1689.829064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.830774] Call Trace: [ 1689.831343] dump_stack+0x107/0x167 [ 1689.832104] should_fail.cold+0x5/0xa [ 1689.832896] ? cgroup_mkdir+0x254/0xfc0 [ 1689.833720] should_failslab+0x5/0x20 [ 1689.834503] __kmalloc+0x72/0x3f0 [ 1689.835238] cgroup_mkdir+0x254/0xfc0 [ 1689.836053] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1689.837037] kernfs_iop_mkdir+0x14d/0x1e0 [ 1689.837915] vfs_mkdir+0x41f/0x660 [ 1689.838662] do_mkdirat+0x145/0x2a0 [ 1689.839444] ? user_path_create+0xf0/0xf0 [ 1689.840317] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.841405] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.842472] do_syscall_64+0x33/0x40 [ 1689.843249] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.844318] RIP: 0033:0x7f5ff7acbb19 [ 1689.845088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.848884] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1689.850449] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1689.851921] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1689.853371] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.854821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1689.856279] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:41:21 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:21 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 23:41:21 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 23:41:21 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:21 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x966}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1689.940587] FAULT_INJECTION: forcing a failure. [ 1689.940587] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.942488] CPU: 1 PID: 9578 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1689.943257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.944197] Call Trace: [ 1689.944485] dump_stack+0x107/0x167 [ 1689.944898] should_fail.cold+0x5/0xa [ 1689.945342] should_failslab+0x5/0x20 [ 1689.945554] FAULT_INJECTION: forcing a failure. [ 1689.945554] name failslab, interval 1, probability 0, space 0, times 0 [ 1689.945759] kmem_cache_alloc_bulk+0x4b/0x320 [ 1689.945777] io_submit_sqes+0x707f/0x86a0 [ 1689.945811] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.949088] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.949631] ? lock_downgrade+0x6d0/0x6d0 [ 1689.950109] ? find_held_lock+0x2c/0x110 [ 1689.950558] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.951089] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.951617] ? wait_for_completion_io+0x270/0x270 [ 1689.952161] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.952670] ? vfs_write+0x354/0xa30 [ 1689.953088] ? fput_many+0x2f/0x1a0 [ 1689.953494] ? ksys_write+0x1a9/0x260 [ 1689.953923] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.954501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.955105] do_syscall_64+0x33/0x40 [ 1689.955530] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.956102] RIP: 0033:0x7faadcd8fb19 [ 1689.956524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.958578] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.959451] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1689.960268] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.961077] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.961871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.962668] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1689.963527] CPU: 0 PID: 9581 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1689.964650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1689.965993] Call Trace: [ 1689.966424] dump_stack+0x107/0x167 [ 1689.967015] should_fail.cold+0x5/0xa [ 1689.967635] ? create_object.isra.0+0x3a/0xa20 [ 1689.968378] should_failslab+0x5/0x20 [ 1689.968992] kmem_cache_alloc+0x5b/0x360 [ 1689.969652] create_object.isra.0+0x3a/0xa20 [ 1689.970356] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1689.971200] kmem_cache_alloc_bulk+0x168/0x320 [ 1689.971938] io_submit_sqes+0x707f/0x86a0 [ 1689.972628] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.973428] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1689.974207] ? lock_downgrade+0x6d0/0x6d0 [ 1689.974868] ? find_held_lock+0x2c/0x110 [ 1689.975526] ? io_submit_sqes+0x86a0/0x86a0 [ 1689.976224] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1689.976982] ? wait_for_completion_io+0x270/0x270 [ 1689.977746] ? rcu_read_lock_any_held+0x75/0xa0 [ 1689.978476] ? vfs_write+0x354/0xa30 [ 1689.979055] ? fput_many+0x2f/0x1a0 [ 1689.979658] ? ksys_write+0x1a9/0x260 [ 1689.980260] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1689.981090] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1689.981906] do_syscall_64+0x33/0x40 [ 1689.982500] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1689.983334] RIP: 0033:0x7fb90a2beb19 [ 1689.983932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1689.986811] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1689.988034] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1689.989167] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1689.990300] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.991444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1689.992587] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:41:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x4, 0x2, 0x0, 0x1ad}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) io_uring_enter(r0, 0x3072, 0x175b, 0x0, &(0x7f0000000040), 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1690.164001] device veth0_vlan entered promiscuous mode 23:41:36 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x4}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x80, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4c}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r3, r2, &(0x7f00000000c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000001, 0x0, {0x3}}, 0x6) ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:36 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:36 executing program 1: r0 = syz_io_uring_setup(0x3bb4, &(0x7f00000002c0)={0x0, 0xa031, 0x0, 0x0, 0x200}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_mount_image$nfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x4, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="caf09941e24d33d7a36448b26b350fcd70b8fe4f158706c49cf31328d24a83f7c3d9c1ba0110ed4c979aefb53f9eff898b6a7a00add1d32a0afdf315613b431711c77de11d7da8f27c43cfaae659f3ba233641747e9b1365b6b89f4955c51348a184416d3083e83703b4cf90f8287973e5967c7630449e4a086f3d8f6eaf2356227c41b7833dac1f662c81992a9cf6417524143121528dd90708d8bd6f65173a82081627e9e43bed8f10d8cbcfc90c040a6a53f27452886eadffc2be4b368d9e629aa82ac5", 0xc5, 0x8d05}], 0x402000, &(0x7f0000000340)={[{'\x00'}], [{@euid_gt={'euid>', 0xee01}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@dont_appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fowner_gt={'fowner>', 0xee00}}, {@dont_appraise}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@subj_type={'subj_type', 0x3d, '&'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}]}) syz_io_uring_submit(r1, r2, &(0x7f0000001780)=@IORING_OP_WRITEV={0x2, 0x5, 0x4004, @fd=r3, 0x0, &(0x7f0000001700)=[{&(0x7f0000000400)="9c54f72c5731d77734431192cf1aab9458e5d3d81a94dbdc4cf5151f293ba2db093120e0adff79de952f02e1615dcbe21a4f716ff7925cb51de64163a23e70bafdcbc3403f48bd1ab78f4ee61b52d4abcc98648463c7bb10c8bbae3b9366621596bd4fd39d3ac3d0997602db0fb4d4787b8628905673064fb5a480174da992b5aee5a832e12b25b7de458ad7ebd998", 0x8f}, {&(0x7f00000004c0)="e429275708b91cac19c3ecbbd20a5916986c310647551244aa818ede6875be860049ee3f5e93d6cdff0def6efb51087b8eac6fde2ef203b25fa2519c20eecd35929a55f995169151f6196f49879e2853da2ac76e63f1ededafaa72917f0ad3b85eac0d8d8e3a0720791c6993f3659777134cfa8521a248f2debb90b2221f19473aff9c920ac6889bfc79bc3f5824035de41a3e", 0x93}, {&(0x7f0000000580)="03eacda641563645cfa4ab1c36bda25b418e265f9a10000f5499143c5f91d43e0250bee5c7eaf1dcef0c9933f83e97d2a1be54ebd92e7aa6f64f8f285e2581bc21b60845d5831ba1b39647db3d173a70a26ca10cd903ca35b4bf9d3958d35524cd5d97fc5a1c54780fa19fcb68229fa453f1aa418f8a22edebafdc85ad68c4393d04e31d77bc4b", 0x87}, {&(0x7f0000000640)="8a7e02ae7d789ab18fb3f1cc6ed624e2dd22c52ff7e1d182ec653a700826eefebc03d1830f4f44918c67aa2a5a9054e56f14a36b217efbcd3f852a481556673458e4941a61d844755b5daa3550cb406157c146b6b7539f3d91e5ba661fc462686b1e6093638b69c8ab8a64e32ac3c8c6856bba5b35f4273a598513de4063d2e41c7a889bc2b0c3abe49ca867295c7ae6bbf344987ec4fdb159770f725d9d9f4b5eafa8b080e7cad2eacbc5b47a8d31e639f064d0b5cc16b250240685c2d38cca28aabc3a02cdb136d53181785e25d3d376f4dab7f5cf9fa44e026aa5e6e485262e94cbb488720b0fc0393bcbd75143d2e1df13253c5734a2d7c6936436ee864f34404d69798df4eb407783dad1e28882a627b8c57f16ef9c8d9f68c544e95c4d723496cb7fac8651993a0ecc26b60c96309e2ef63bed94cf697740434ff624380e976cab253d2b15902b41fd526e6d00a089ebdb6f741deef7ea3b13ab0f5141aa4500a5498e219e4b8054b6b82840f015dafc8e85663dc96afc2684d1f8f95a60db655071c7461d54c8cf9a7c68b6ac0ee3e9eb8db09d7356572e2771fc15d992c980d2d385e477cdc30a02d8f514b2985934c953c9d9a98e7b7ee7d394d56be6d6826f963e67132b0d635fa9c63170e5666a5ec206b87edd1788b7bd2eca7ff0adb27d13375ec604e9136bb43a7e9a628e25a0f38bc2c9f487242ca7c75edd06da1eabf8de15888eb1f40e0b2d3e16779265ce259a43fc3115fa9f7c8478cf5de33ef236218390a967a232fbf9a9f986ca08ebef4c0a1d4ef45762453658ac6299c1cd9b8fde3f10f90262303aa500bebc0031e562420f3207e88dc88541f87ea33869540a25aca1e8b6aae9cff12f646f74f7861b100d0486f15cdda726fcf3e65e0bdecaf8c9301526811425dd686f034786cf6d9485a37e10e5f1e49d0e91a3fd4ac4d126f9d1018d7ff2b25e6c9ad87f382672c3765c882a2ac73a5d80d1f8ed9754bd918533f25ea9ab9c5a5bd7a131b864bd78c0983feba4c27baa4deb6d022c0e86b29c1b857eb113381485723545304110e9b83d135b70085385dd490a3fa687be5dad95ba3b9ebad9ae97cd6baad4770f9066ac9436b7e197f766c034cd689bd6d1192db28d59c44f58efc3389b34c2d6c6d292140c8817801fd88e527f915efa5bca5689bf2eb489093a8c76bffd24cf31b605a35d3851b78ada400b2579bed94e8286b5e1ba6f5008e71f3769b77f43a7b34b0aaefb93461d6363fa3bf4a40d6caa4812521813e93e569b21dd99f87299624171587677385eec00dcaf6cc4fa8224b1e47c63535fe53e987d7f6dbee1c01ee30c14388f44f308b19b7dc9c648110ef7b13fe252072a725bcd8672fe9286fb825a7730a1a4f6ba363cf1a27faadacc8967da680c7928b930d5588fddacf908f44aacf0ae2912a64ef30818b62687b77b481634651d061d367dd492706167eb2913a10f328f44956d50db4012de22bc7310f4e07d1308dccd2a928f6e5455ae31b5694b878fcf499c76b5ae6b209ccabba57fc0c2951a8266b4f2721c21c450527ab667f512660f14aa21b8dc3a57c067fab1696690cd026da6da4a1302d6809880545e3fe71f65cb5e299fd803d3501aee3ca9f43d3fa32e6ce62a41ae2abb9e9f75984f6c95a0f05cef7829d7b2aa5b43d388b11d391da8000d94ce0709b42b9a7144e9955764e1d0e6d377e48d62069ab7fe0880745778269304e4d6551594e80e1c8979041d58b9d9643df75cb710a9db8c557f0d66be7dc3c01013307d4b994ccb4daa87ba5c2d1f1c6103a5ca0a81ca9fa20c95ac7fce2b2f8b799de33fa572dd6ec39dd7162414295001e79bde88bc4cab8cea1c369e093ffd8a9fbbfb5fb4b65b2860f34ad057a11520f07133b0677d849b14417fe1a7f7be54d8d9de171687144872648da55a79317ace590b8e197140a3a9347bbe7e98c76ca104559eb293005ef68d363a0e7621e41c043226da19ad98d6e39d6692ec759ed566642776532a1415cef5adfd44259d7881455ecd292158a62117af5a13485b8db84eb97c253f3bf77929ce79cc6e1d8a8f6a0d54e095f17c779b4b8866161e97d96cb5954b4425e4d851b31b371151819d28e7012106c7d09f3f3553d1d7d7599d28682053c5b46b0d426eea88ba9238e162c7fda02b32e81f37dc9bdefe212189d71fb959e495144748fd98f1779c8894957f88c5e59936f8a59d9713bbd6fd69f655b85ef1a2472159274188ead8562822d5c7c12f84e191c8a260354d0f29e5bbe0a015a69642633487fa5d1e460b5421f44b7ca41a66a9e16138cadb9966f86cac9e4b008539168556ff9077ea281414497e2fa7083ac4b8c8c97dca77934eb99c7161a87de173595215fe0c1269910ce3e739e945967b82e8201965e9eecbfbfbc5c33c8868bacc3867364ea01bf5b20022e2b50d3d642003198dce459d2210bf6b93c8b45647d6c5eb616aea6eb2c8a85e898884c8134438dd5ce53c0c1f3d9e80508d9c68c0fb2eae7ca98981b5e0fcf1d170fed1140e4f03b990c447637bd40ce6358396caf01eaf12c38b8428238e1dc1da59ed8c6edb027cc8cdb21d7da39c113fe9b78fb17e02d40a188d0e13d2e20eddfe08069e1ce7519c1a56a2c26fa1146bb73e3ebfe8bfc138f3d93466868042223c43c13260b785d6bb2a4bfa94d1ba4041f17dcdf68b88ccc234448029f949d8eba16fb48e95fd1b17a52473c800da5808fb8494106adf9ebbe8c6fe201af6fdbdbe6155004ad453e5eb47a8236bfb825ba92420dd6151933442f959156c0667e5bde3794ad12fa3efa4709464932340ac9a749f2f7a3b71eb49d048ead9192b9f98f4ae69b161ff3f51d3d93ffc899e9d52bec0417c03fa5ebd527d0bc8a2a933be7f6f5542f6d73741cf6e5d21310d6778fbe3871b72d61a54b271d0b5a1d8b2fb31167884c6305b65f0ddb8d961e6bf313e40891214ce496bdb047ec4a2d90f88f6c50450daab63b5b6773425a7c2480c4a7488a5a2e3d4fcb969c010cd4653d7761a5ac7bee35a7cb15320df65d836848cbfca512e225e4fbfcb825ab653763a971a6409465eca2c2b9a3987eaeb200dfb96f6167fd57240c7f93b89305e3a99c427f445b7eec7a0a4a79e36c18d3f21f3e94f5d681a5f3a0d3bf49f0f16e9058a8659a83deafa2dafa5f7606d8ba0fb423978db4819cc03b8ba12943b2b7b70533c68ac44b20539026cba4c81960d12f147c367be7369d15db7c179e5ce3519d5a6e15be2ede82ab94e43ce042a11ee8ab8d78c9097f22cf4cf913fd73e4bcc99fefc14eab7733c6571dd637d562ef9d1f601d9eeb19f0d2d993c4262e5afd276771de6f850db69a87984cf523f41cf84257481f9632d1896b2690595a6945d1a9a784135672b38778d75a64650dc1ec894ca6d8a4967839f4071e2babec5c3f267c1461afbd57bcc62679399a00a06ec151d39145fecd840fd7c4764e9f427ab177e47b3992c1403379b4ff4e79d7959ade7b67eaac8fc072b27e158fed1015353a0d5342344ab34a10daee0510867d38111e175ff1f3eadd89f4139592d10b0d0ce75f660bef07781baedec4327000564a7484aff9bcb372387b1493f556e67f29197bba45fb07a8022bdfb4077593ab20833ef1730e184ceba4936e9e7f467d589062f7f3b63c15963b58083d9bf6bc8783886d5004385504af78f1dee23a83aa862d92e0273e76c95c5e1ff386e93b8f421e0570d2de7b342277886fdc13fda676a5830a5fd87f3d49b13fd1e8f40a2b5ea1850bbddaa4842167ef84c0e344018919de5af5861581ad3c979f004037c7ad5156366b0804b270a6da82801cbf065f7e57814a3507423240aadf63e9c34bd212b8795e57dc347689648bf1393b474a599d9267a50270a8cba8f825dc01da4cef892730376b6fcc302568b9f81388b58403f2b4bd9e75f8a2d5a6628a6a7e74e4b68a086eab20aea4c26ddec28f9aa5e3612a04072d65a483e89604857b650f9b11bde6cec6e2032d3e54602df935b451ee944df877c2e28d5d7e5292de0b0d21ffb83f41ed4ed9ee0fbf42dfcd475bdeb8b0f03b0409ccc8e9d2fe06a6ba266d64300602aa8e67a9416190d147413d60ec881c67b2b8246518a7488791666f8024b5d9acd1933abda5ecab78e3db7a0a18b8d204f88abc06cadf21e05351a07423df3ddf19d9a7cb8784b667b21627326f0cd0f2a051b7949ae78ad263f715e5a1290ab55b97ab9ca9f0a10d91476f38956c00d72f3698db9736787a75e21ffef015cc6bac10ac54b805375c48264bfcacd0e3f65de4a95640c5d77b49e719fb72d176c49562fc4732181124025ee9ae7777ca3bd8502ffd2e99f369910b02909fe0fa86b9ab8b2460f8bb39bf88c841df5c6120ef91d0083db4c1983f174d0443e28f2b826bd688203e796f9fc55a632ddebfb75d8c1d9e108fcf992a31cbfbd8657472738f1e60be40b96d2fb035e0b35f37ae14d66e1bb0b7053c01ca803ed3eaa05943675b930397edc5d021c95783dae1ef330ceb32eb41e368007753d76a1cf12709a7f3bdd5ad09a59ad98f43645b0db4a86637b7cf1e6de1f704343ca331db5c26c2c94ff4770b7878daaca8e0010189e29548db7e92f4bb28efe8f4344346a55b509e88605819bc8c0f0bee59f5abd1ed594d33e3b8457f13f587923317d8e8b8ce8b73e8c0d286819965617cbd068e06c7b3a7169601d47fe4719227d5cf96605ee984891fd33ea0db64a022f795fcf76277342c96d4cd040c7841790f93dc90abd1f570f7ace510e49b50f708902d918b1ebc3e82c8e3de14aa10ed363d6ae80c30d00bff524f33c0253d25ec7ca1e81802f706c2c634d23f5b579e9a2e0e8017f39c7010d4fe61c62c6ed311e3181c35e4b901662acbc0dd53c90fc31cdf2e0cfafae23e11a0af5c560c985a480520d660ed80d3b3a06fb146f3736a5db843001f79296fefb533346510b4cfa99e044b27e1e74cfe9cded86ac15ec9add31d1d52feb81a1be88692fa01bd06583f201767696782487d1e3c832fcd87d4b5bb9524d4c89a2007954b27e6af040a894a7063266b63a3368da78f169a87726215a2645d97c7a3931bef1d070e28bcfecd093a80cb019a4920b0da64b5ff63321da3b72f3953e31ce34ff915126d05e1b13a0212cb4872e6dc3ad00e227dcd25808dc250d44fb6db42c7b32188b76215cb08096f7a0f58e35a3650b52e2063364d734c73ffb1fc85cd9a812ab40fcb0d905020315141b90415beca7041524d6583f2ce14e78ac5ca811b407197cf7a7a5b3bab1b7ab1d73be27b582e721cdcbb843f372f2e4a30d36095a1fa42bb08629ea12bc0302e9bf18fb363490b6528fcf55fee2b79c502decea83feeac40a8e0d008504e30ab821c5fea7a542eae2d61d723d54d167127d346ad7fe78adb4c7d2bf35ce3e3268c170bc977cb287a60214c03b057ad66dc1c113a406f179c0155076e7dd2f09c72dc8304d3415a44de185f6b919ae8e4be16582caf245a51c1409b6ad79ae77ed307026ae22c3cfb45beb04cbdeae3addef480319c5ccb290bc3fd3424e8e6d62426bfb469daf7585dd274a49c828f4d4e09cebed673bcb41d6a98c4a7690ac47f009235dbfa2a47dc5bb97255a138fe26d9f8a10fc178e17fdef092aefca7b06ea3df2b3c3db7d52a52769c1bb70accf10b0c07a88e0aeebeb4d397364de1f47f0312bbed309460c9988a923d9be1052d0db7ac22366aee8d4532ea08ef91a490c3b", 0x1000}, {&(0x7f0000000280)="fa1c91fc6fddaf3427c524c3168b5e712be76b", 0x13}, {&(0x7f0000001e00)="8115610ca2187949d90f351d8838f8d4b7c7653d2ebcf4b70da3c9ac218647c73e597a4ac03aaf48bfbaf28c56f2e725a6d35fd0c75096f8d068047a2840e3fb6d4f92d2151dc42db5c6cbc2f178ce5b03f9035078668423a4181303774902f1373294e86e46cac0f4836d43d8b21765191cca09a794015cccb7803b4472aebaf35678419966eba99139c631ff63b0e5ff3d0ccfde162509b4afe5720399d95bb8510e9abe4f304d8bf224f4607006cc2e3734c5e8ba17b925cb4e529fae56a7ffb95b663b05b415cbcc6ae7e250c28101b25ffee8a4c9d93e6a1405f7e59f8bad39eedaa1932bc821c7398a8540137f0fef06a577f11eefc94090f2c437b0298e67df4439e3eacc0d4592f9b32479d7f673fa041ad822d3687e3be6a4b1220a91baca4efc46b82bec9e591b3cf0dc46aaf5f6ca77ac253246aa7efd1b64f26c2989dd17f28d4e3e9e1353e75046b320503fb7a44f4a889c2c2d747f8ac437032a422c6c11e9221ca057a0b9068c0a3df7b10901aa30596fc7e6fc2e592828fe434826923670c44e91e15ccd1cc96867d4a1e4c422ffe8b69bd7dfe34508195d5fadb5f9ff4f3dd32c787f9aceee9da539678cec8a06534a1257a5b4b1a044491abda5960854b65d56d541d32fc6f9a07027ae2f46d7f0a27d0697acbd8bdc0df8915fa7eef2c72799e00e91cbb27cc4e5c0c8d048401d3cc439555188744a3e6fd96a0d90b4e4d1b2a4bee298eba072e5ff14af55e9a36554eef47de5005dec3bd59342f54b04e1a772c4477f2d5b46e450ca1c1fd7c07b4e534c42f08f1f7dd4a3103fd7b26d4b4641c70ffa8a41a1a0504e02da0918adafcafabf1d34ca3436b14c59bdc89361ac624bfcb78298eecb8f7f5a2906a030c06903c1404e53489771fbc93c59781929ba735221404ecfd2a219ede3cd6895b7965c840e00c5d6b76673f9e2e72d9e7d669ad15c14631c5663fd2d5f8472e2ec407bf7e3d0e0d4d7ce4ffa3255c748cd809a7e66c8055e65e5c74d2a09b18214d7108545de81ecf6e9694896328182dc4437960f6d71db4a04613dbe13fb7cd77e53112ba40d3516f45b8720798da82ee92db6c28e407976a49f53c8a76e099d01f65d91ee93a02b40654fb409ff6f31bed5d6cea7825e9f9bd37ce6bf25434bbb77bb2d1eb8087fd22a6caf4aa0e24288ddd182040f2f6cdb498730f5a2378cd6348b46aab3d0097f9588e5c5d526f341c3ade3960bc1a830b66631e09bfcdfe848efaed98d29a895de7ba1e1318dce1a8540b21c94fd3e8d3c7276618bbfc3a7b78eb714ad7758b0ba0b7b320b07a80b7eadcac12015156e0bc3436a8359cbf1e6259593178e5e83d00f1681a112398cf98283ee0ed786e0d0f92a8bc48e2ecaaff3a68fc749a78b78fdbeef58426470a52d4fae45558edaae8c477fe81d5abb287d9f28cad089fffe618cfbe628f456192100c949479ca2e0e68e73c3a000d49edf5706d75b371c3aa8a77e05c5deded426248b8e04c8d970ab27a5ac7c76c96a9262aab57af0fe43c16eade7be235a4d426eaae39dc848a373adcd87641b98d96546cd427f09d7e8d93c15c755db4ab9cc76e71c98cf1d2fea71892a2915e7bfa8ad418347963c72acb236c2426ea430c71d0920727973b2fd53615c80e01a5c75cfd29a69a14ecc1325e4add1018bb6b118f8b54dc8a7b2951493dfbbd1a2ca9be194f657c762c8c98bd7cc30bc16ee9da82e82e31dddddf916b7b1617b3d4e3ad0d736a54981aa0c53a2a5ed48a11dd034f55e9aebc0795bca278410d8c0f5b32d1585fdbc01d49073751d6684f48d849203452134862d5de6feddd368704dfdf2e09d2116ec9d133b55bb91209b5205a85c653c40fe6965b158011a9cef641a04a57885ee312107dea82789c1ae607900d486ff7f523c02d46929be3c776c78e77cdff99123cfc3ec3a76b54e494f9bf38647b923a82ab081aa1e6456d2a84aba0a8848d9346ce3f470f95ce7eabe8d5030a022e369b8586bd7790dfee6605de5d5119f44a4e06247f3449f08bdecdf79df010744ead5fd09c81b3aa73516fd5cccc8bfcd5e2f985be9bad2fc9450ad31ed559e877dc8faa927d4ab1804069c7735572b78fb597edb4744807b007d015764d4753385f4206ede626995002fd4e4e16db74aa6ccf48dd62e2d1b566dbf754e2a9b6cc8c517fbf7cfe8576a192218a991a3a4049644df8711176062f2d0eb01b82402e6e6c79fffe4ea5bcf8ff99570a50cc8b9fc27540a9a658b411db3c94afb065f9cbd6986c6c68145e92cffa2caa40fff7db3c9fdbb911d1456996c4131c37c9c71095e37afdb778aed29a6a2cae27fd55e50d22f876ffd422bf9ccd6490f50214adf9488a1ed6f25527d213805aa9021262b260552959d684b29ce08c872dae7e7188d2fce586037e22333acbc5e0bde2dc41112d01df78460018de4786597dcfc48a1228513cfbabc3dfeefb434ecdbfa297b306b6a425048cb23a697a7d19f2af8ade037c8259bd7764dd4f1cd75c400991a041caf63f44cb148cd9a2e355efd3ce1886d91ffd0e6f14f546ba6f1fd349150efc7278bff4507c1509a8dae8182fdacfb91e98c54af9cc2a722a702a5acf2396a44ed2c8c78a0c3eef40a91cd4214c74ed91b732680f44bc84e48b807332d31dea42d4a76d26dbe02e7ecd9962cda99c8db8ffa8d62538b4ddf52da68398545b3f341fc12dcf2d1030707227d3fc3022a30a20beda646fd724ecefd824351be3daf2aae1e86cc7df5be0529e25e29008f2f10d215d4c3104be8c204feb7ab04c8a684a7aa877e17baf47582b409de46bc313474ca2dabbc976cc03fcc49df3c111be2fbba79498d2e8fd7175693529553aa796829b1a6b1f9b836ec767f8c40a125d7d1e287b7ef2dd6f812609afda2e2205657980a490d149559fc938e9697cb433f8e942094233caa0a2e6fc62e3a78c373408f06e27ff7a8c505aadb01d8f44011648dd2b0f4277c97da8799cd6118ccad832dbc4d84a45bab54389937a29d7c0636ca94406a9af3e9b480cd4b2828ad8c85b48ff48568938b90dd2c70ba20d9f3ef5c80323f8c060355c04f01244598de9dcca1d58741a914d0db7a67170dc5962d4c0a5a0f486e542e9a40add88403316f974a856e489ace04a6962727bc214d2528ae4105420f645f760815e2b4a31d0f94d32d20e29c734be005dc0dcd2b2f77a0c3fa8206a7bde289acdd68ddff8b084e379a8193d820f83e81b958e7e848e1b45280ae7a6c921ed38e0cbc0ffa850fb306ba63ac8be1d73f24ac1072ff17dab89a972d86792d36f8dc2fb81dde12fa4ad11f83d87197e52899415fa6e206c3895a2989169e7a6430a388e110bc65ac3c031f85e5f5f25cda21b3d27dc72fa1cfde041a1fd3910a52747ac0102f7cd71cbce395d540e5e6e9111d3bef50388ccbbc514520f5420c13dbd96c4c0965479ef942da613308a901b3896b6832c56a156c64c37c4b3ae113f041b5f12839bdae4155235d90265c61c7728c7cb24da7410508875634736530812fef024b1bda877c398fe595e9cd99fb4dc9d6f59f2feb86a43028eabff18ba308073e6f361c1de6c16cd0d4a44026db6a1a1807ada98e1ab58f409802035667824987f8bb5db57863cb973c7091d67f92d46394a12f96321d7558220e96e11e6a6842a774e10864562f9a47b9f97fd81941d4ffd9cd73945f4d12af88ed797b2e94091f4b2f752f0c22414d8af0e3bde32a06e88e4834f3f34c5bde0753f6d8c496f2d31fc8ac18ec19b078d02499e80c45034fbe10f8b1df1f40e06e55ac174c96fe6391c892ad3b49eee6fbece814b4cdac5d6ef3194fed6a57f90e9042cf14a13716b5f22663f1091f27a0737b4b93df32f75f0351efacef164645a729adf09b3909370237368b711be1c55191a13c50c8f63a775ababbc696e8eaa91d9a209261b4926bd0c00ee6d93dbb9a6bf2bb15ccd59d832778f609db24023e80d4b4ef1e497745f41389fd2a0f9ca9997e8f3e6bd41ee30bf77da5dafb9ce699eb61477880a33503c4530011cb6eee9bbd2b3893711e14a402e65cd6572a43a55c40f740600827050d16f22532a8c76f33d4167d5201ff82f5de868fd46c5e7ff07af3248cf7424fef579fd83cb64777a3e9379509aed76243467393ddaec801c8a02a24164a09e21734b890d7c697eeee77f37805261a23bc3752e8684b2c8f71f6c58a120aabf739d4d25f4a55e9b2f6a1916967b885d12a7d10ddb032f2e8f60ba30fafcf7cbf35848130fc2d2eb947e8e0eb729602be897bac665eeed82c6b0d885a2e3ed8709d951dfa9e92ec5ca60589c5261ea8d835848b31141fce8bada8ac3e06924bc57d9b539a02816406f36030a16cf1b84bfc9be0329d74cd2ac96e918986afa5604486623bc3c935e2e6b5383c17b08ebca7f57cead0bdf992a3c56aa7ca8e3cfb666fb6317b98511e107759ffee099642ba9d568a2836ff2ff17c5c0f38afb777e5c075c3ff6542dd12c4dd87c6bc8e746d64b0c2e6d29765e20b2bde0aebb63cb873e0bb4cd72ea11a0a752afee3bd9d4164476719c43f121c838113c4359b4a2fdf799f73592fe9739bfdad185b3e9fea852fb1679d4cc2768c9365882f649dbd432e89add5cbdaf43c0ff3cdbfc72d9f55c4629e51d94606dde7437d3b28b0fad26a92624ad7ede138bae6c92257285e07ec16092fd5bb71473d9f7b18440bc93fa3b2d2879b191f8cdaa49d09e43a716cb19adfa9aa12f68e9a3ad86e28eed66db7c1f8ee066f67193788c4fe0a601b0b1c4b256ce6cf027916edcf83814fcb8eceb9a56b29eb4db9913f454eb5b4f16f4adb34ba1825d3ff96a27634fda9ccb8c76527d1cf7dbe2fe8312d1cbaaef58b9a715fe6fe2d3f593d5e2bfbbf52c76d757c30d56e55911a9f9dfd1f90b822154a38e58f7d8be2114ad53225e8cab4338a7a0fe13372e73300d314c3b79029b66e4d0bd1d91f6466c089a55aaa2ef78a5e6c67ae14efabad229d146091a8e331d70b3876d6947b1f60253dd6a2de6157e69b29353fc8bdf956ec6a975ee4e74cbad3dd8eda48e3a6c2cdf0741991fc3067376cf2e1cc5c03b0a45700e96f89da1c54e5c4709125c39b8a731ac919bff39caec70e63f1fad6790dd0da2db16a82d415b0d01b717def7465c69d6fa8f53805bbde12c98cd58b3e3d0b775bb7d456bfe3d874f7d693faf798d29013324f450a4c5c99c00b8503a002942e7ffa45aceb64daf5fc98eb50b96fe1d37cff3558c75d3a95c8e5e27896540fb9b86747435845392968111afbc26a2b391af627d947c5d036ae8d023b1039dfc868a3680abeb2b00f1125ef43423982cb3b9d519f796db34eafebe441ee864633cf1792a74c453fff14f7fbd78b2d88ca9c4a1cc4ec23e36617f09ef0495e09fb74e343a9bf006068485c4b3e0c1a2206e28dc460ec2d2c0c784ee4e054db282f1404172be2ced4b9b55758f06838d3bc9da7b3b763c929b19f65ce34b7694a3b47696e84553bffa15569cfe11af648f98a2784d415376088befca937d53d871ec5cdb0e24f0eebb3cd3ad3122bb956508325f67809926b738e16636e9e95a2b6cb859f01dfeaf607abb79a1f3e7970bc1d5668fc6ee353e06463b222d87e6dec33980a52a4edc92164cb5ef96565d8900984f516fcfeb16215b6caac3b07b8e1ed0b6672b57b7fe95b818c98de866ddd72345c2f70e6847f8cd054d7746f553c7a3029eb10d954b27bef4521a019820586968408237d1bad55", 0x1000}, {&(0x7f0000001640)="74894c1983be6066fdd1b260f1fa02e9c67b84f2c62817cd23cfe194db2f8f4b1120ddda970b4432aef8ff062bdcb5a46af936d35d0c8e7597497de9a860057b8d7c98656581d88ac39c4000451a842e5af53fec1aa9c155207e713f69126225ce848ea6de72733ea7f2c53bd0a2a36c05c6b2a1afc1fe1719bc01cc7f2a3d84b683b940c00cff12ccef56db05b3dafff912af6cd08a783cafa6f8", 0x9b}], 0x7, 0x4, 0x0, {0x2}}, 0xffff) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:36 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:36 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 23:41:36 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) 23:41:36 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 7) 23:41:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r9 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r7, r8, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r10, r8, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r9, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000180)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x0, @fd=r0, 0x7, 0x100000001, 0xfffffff8, 0x0, 0x0, {0x1}}, 0x6) syz_io_uring_submit(r6, r2, &(0x7f0000000040)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1704.634325] FAULT_INJECTION: forcing a failure. [ 1704.634325] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1704.636962] CPU: 0 PID: 9604 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1704.638399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1704.640127] Call Trace: [ 1704.640682] dump_stack+0x107/0x167 [ 1704.641440] should_fail.cold+0x5/0xa [ 1704.642243] __alloc_pages_nodemask+0x182/0x680 [ 1704.643211] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 1704.644485] alloc_pages_current+0x187/0x280 [ 1704.645397] allocate_slab+0x26f/0x380 [ 1704.646205] ___slab_alloc+0x470/0x700 [ 1704.647017] ? io_submit_sqes+0x707f/0x86a0 [ 1704.647942] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 1704.648916] kmem_cache_alloc_bulk+0x1ec/0x320 [ 1704.649861] io_submit_sqes+0x707f/0x86a0 [ 1704.650754] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1704.651798] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1704.652800] ? lock_downgrade+0x6d0/0x6d0 [ 1704.653652] ? find_held_lock+0x2c/0x110 [ 1704.654496] ? io_submit_sqes+0x86a0/0x86a0 [ 1704.655405] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1704.656402] ? wait_for_completion_io+0x270/0x270 [ 1704.657399] ? rcu_read_lock_any_held+0x75/0xa0 [ 1704.658355] ? vfs_write+0x354/0xa30 [ 1704.659128] ? fput_many+0x2f/0x1a0 [ 1704.659886] ? ksys_write+0x1a9/0x260 [ 1704.660681] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1704.661759] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1704.662827] do_syscall_64+0x33/0x40 [ 1704.663615] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1704.664671] RIP: 0033:0x7faadcd8fb19 [ 1704.665446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1704.669235] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1704.670804] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1704.672279] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1704.673745] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1704.675211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1704.676697] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1704.687560] FAULT_INJECTION: forcing a failure. [ 1704.687560] name failslab, interval 1, probability 0, space 0, times 0 [ 1704.690032] CPU: 0 PID: 9600 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1704.691451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1704.693158] Call Trace: [ 1704.693714] dump_stack+0x107/0x167 [ 1704.694470] should_fail.cold+0x5/0xa [ 1704.695259] ? create_object.isra.0+0x3a/0xa20 [ 1704.696225] should_failslab+0x5/0x20 [ 1704.697012] kmem_cache_alloc+0x5b/0x360 [ 1704.697844] ? create_object.isra.0+0x3ad/0xa20 [ 1704.698807] create_object.isra.0+0x3a/0xa20 [ 1704.699722] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1704.700771] __kmalloc_node+0x1ae/0x4b0 [ 1704.701604] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1704.702652] memcg_slab_post_alloc_hook+0x1f9/0x3f0 [ 1704.703691] ? trace_hardirqs_on+0x5b/0x180 [ 1704.704585] kmem_cache_alloc_bulk+0x182/0x320 [ 1704.705534] io_submit_sqes+0x707f/0x86a0 [ 1704.706429] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1704.707475] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1704.708474] ? lock_downgrade+0x6d0/0x6d0 [ 1704.709324] ? find_held_lock+0x2c/0x110 [ 1704.710170] ? io_submit_sqes+0x86a0/0x86a0 [ 1704.711073] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1704.712089] ? wait_for_completion_io+0x270/0x270 [ 1704.713087] ? rcu_read_lock_any_held+0x75/0xa0 [ 1704.714043] ? vfs_write+0x354/0xa30 [ 1704.714817] ? fput_many+0x2f/0x1a0 [ 1704.715587] ? ksys_write+0x1a9/0x260 [ 1704.716383] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1704.717460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1704.718530] do_syscall_64+0x33/0x40 [ 1704.719308] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1704.720363] RIP: 0033:0x7fb90a2beb19 [ 1704.721133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1704.724922] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1704.726490] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1704.727962] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1704.729432] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1704.730902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1704.732385] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1704.747400] FAULT_INJECTION: forcing a failure. [ 1704.747400] name failslab, interval 1, probability 0, space 0, times 0 [ 1704.751378] CPU: 0 PID: 9608 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1704.752800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1704.754507] Call Trace: [ 1704.755059] dump_stack+0x107/0x167 [ 1704.755826] should_fail.cold+0x5/0xa [ 1704.756616] ? create_object.isra.0+0x3a/0xa20 [ 1704.757562] should_failslab+0x5/0x20 [ 1704.758349] kmem_cache_alloc+0x5b/0x360 [ 1704.759196] create_object.isra.0+0x3a/0xa20 [ 1704.760111] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1704.761161] __kmalloc+0x16e/0x3f0 [ 1704.761912] cgroup_mkdir+0x254/0xfc0 [ 1704.762708] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1704.763711] kernfs_iop_mkdir+0x14d/0x1e0 [ 1704.764581] vfs_mkdir+0x41f/0x660 [ 1704.765323] do_mkdirat+0x145/0x2a0 [ 1704.766080] ? user_path_create+0xf0/0xf0 [ 1704.766944] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1704.768033] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1704.769099] do_syscall_64+0x33/0x40 [ 1704.769864] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1704.770908] RIP: 0033:0x7f5ff7acbb19 [ 1704.771683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1704.775435] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1704.776987] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1704.778438] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1704.779902] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1704.781350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1704.782805] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:41:51 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_setup(0x269b, &(0x7f0000000040)={0x0, 0x3b8b, 0x20, 0x2, 0x15a, 0x0, r0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000180)) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:51 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:51 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:51 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) 23:41:51 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 8) 23:41:51 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) 23:41:51 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x4}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1720.424315] FAULT_INJECTION: forcing a failure. [ 1720.424315] name failslab, interval 1, probability 0, space 0, times 0 [ 1720.427143] CPU: 1 PID: 9632 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1720.428185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1720.429427] Call Trace: [ 1720.429833] dump_stack+0x107/0x167 [ 1720.430390] should_fail.cold+0x5/0xa [ 1720.430975] ? create_object.isra.0+0x3a/0xa20 [ 1720.431682] should_failslab+0x5/0x20 [ 1720.432255] kmem_cache_alloc+0x5b/0x360 [ 1720.432876] create_object.isra.0+0x3a/0xa20 [ 1720.433546] kmemleak_alloc_percpu+0xa0/0x100 [ 1720.434219] pcpu_alloc+0x4e2/0x12f0 [ 1720.434795] ? cset_cgroup_from_root+0x2a0/0x2a0 [ 1720.435863] percpu_ref_init+0x31/0x3d0 [ 1720.436563] cgroup_mkdir+0x28b/0xfc0 [ 1720.437145] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1720.437875] kernfs_iop_mkdir+0x14d/0x1e0 [ 1720.438507] vfs_mkdir+0x41f/0x660 [ 1720.439044] do_mkdirat+0x145/0x2a0 [ 1720.439609] ? user_path_create+0xf0/0xf0 [ 1720.440238] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1720.441050] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1720.441833] do_syscall_64+0x33/0x40 [ 1720.442396] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1720.443381] RIP: 0033:0x7f5ff7acbb19 23:41:51 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x100010, r0, 0x10000000) syz_io_uring_submit(r1, r3, &(0x7f0000001d40)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001d00)={&(0x7f0000000600)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0, {0xa, 0x4e20, 0x400000, @mcast2, 0x8001}}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000700)="0be03baebb80a4f463746970bad14a595fe83ef4c01f8d1736f2f4da6880c311b8a5b98ec2f7012537ecc3e67dd107ea384046823f9e251c3d30d6a988ffe4ac051c3fe0dc6eef0f2f31ca895f8a72b04d6f842c43f37dce022cdd566325f374cbc890feb980223942af51c8b91c998b8ef08a029824b9975774d1afaf9551acd39c0d84daed2aa9a92860a07a9ac8a3654f6395", 0x94}, {&(0x7f00000007c0)="e9c545999d465a90a2544a9fef39a25dc9fbe82bfb91dc98e1a544b6b2aca7e249abad70bccedbfd09bcbe35a2b360f32ceb12dad4697338827144d0c103dcc59d27924e5785117299e13a1f0cfebc530ac103864000716b3d415c8c5fca46c36461afb64131f8989c470c73e3306de8da7643c42243ebfe52ace864a731dc97d5766c6f48e83d6e5b9ef3ea207838cef723fdfdb984b430e9925e0b635fb306a902540ef5fb1b7afb1dc8f62c3ccc156dcd64ef1b7c46213afd13e88af84799375f1e3b71a06401be09caab4f", 0xcd}, {&(0x7f00000001c0)="66aeb1924691c7561e8a3b9149e4d2d3ee76ef70f38dfae928e769c593128bf03f8fb1c16a66ffd5bcfaee2cc9df6dd78d78b51aeb5bce9faab2ad66d72a", 0x3e}, {&(0x7f0000000240)="ec9c4ba059e31288f9a23872d31a6d2eec1fe1e5eaf94db77be8f29942cbd0ece8ca711252d6b5bff0d8300bc5292a5f26ec", 0x32}], 0x4, &(0x7f00000008c0)=[{0x60, 0x1, 0x9, "ec1b7f0817e6f1c38334fb88f8103bad7548d1ed17dc3eeb98fdd10ff69f5044df5b8d4ba8e0027faa293b804202946152eb9dc233e012c31aac79a9276d0e544ed945eed2bda487252b85c04475"}, {0x60, 0x118, 0x9, "1dece81e40afbce908aeeaf7df405cdd8f4893f463e39df25cf878500f8425da2d1a39c2a30a9c3bfdacc98ff643eabe60a648bf6b6e603d7558a38cfbc655d80fc444ca5441e6f80bdb"}, {0x48, 0x29, 0x8000, "37a82d6f655b49694aacdad83acf0938ce7d06bf433e7975cd7fec1937d9a9cba791c35ecaf2aec54d58dd518aa0f2f2f554"}, {0x1010, 0x0, 0x4779, "fc622861b97a20a7a483885bfe5c0bf9f0d2d387868d01296e0774730986301830cc1332b51d4f72769318cdd3eac19b6d05a95e73cd7ff3741f90dcb384bc9d819af08dcc4a1983de0b3c695ede34a2f5c14c64c5712ba71894345f7d3bac0333ac7be1289d74e42f3d695f4b91be00c94cc3646e2d9125424f8c797847e88772214bb8642b28d7d8f8259bbc7625d0cb7869a0bc9a94fb827787167ee1f380a171b16a1c117833b2465c54916838a33c576073555c10aff73f6b6dd0a72907478ffb60e92fd109408f02eb605b27d148a575915f80d78f8b85aaedc1c4c750d206dd25fbb4dedd768c89b7c486accf090d4075f01084761b6ce319e3d384c5c6e4ca9f4e327596ebad6c456d99fc16ae3cf2d92223e0207c617d7788c73c78d17e4b89a171e8cfc819ba21dae1b1f3da62b8af7e55773384ff8dba0646bedc099cf2c94059b878412c9b78ce4dc7876e6d82bafede9cef389dfc149a6aa45dcd54e739ea54178fb63d3a254a469d8e511fc8fbea3f8365a8b37264e743a2f9ad3f9594518609d010da4c5d886fe639cc527cd8030d0c2a578221601cfe79ba321d640662f07aa6be9c2400bfa64e02d5f04bf759efce1cbbd771e114d5de7aa49d404d04093321f9142b538c1156e5f1503de657c96f2de6cfd895dfc43ec5c3a49dede26e04fd6ab89fe3af65cf648ccfb2a6b4f1f8c99bd732d17630f40d0c7e65e401ebd7da4f2a3027e337156abdd1bf04753bf70a7c0e179a3172cb34bedbab57346c8d2bcd563ab74691000bf6d73d8fc81ae7b64fb533f1fb83ac58859ec082a22c1ac58b6250175af938b431b87a30b2db5a3cfd1dd4a163590cc4ea96ce3c341f854173c1f9fa71a5649530a0dc6ec6ec7e86962bb144ac7a5fce5b64527d1939b2f9f9c081464fa9df0ffe579d0961d1797ef0a0b700e2450d67d3bcdf48231d90ea3693ec803e50a16e7b7f822a788d97933af2fca23c6ba981af51d27494cdd3fe592537bc73d2d5a7c76802af7a962e7670858da49b7599c9073c08a2117fa047260c6a950c0495093e2d455a87776a8774f1ce1ec4a3e571d53e3acfb72c25aa10f72bc33aaed331656df1bb41119bce19ba9801ce0c3e5dfab931a933474438997ef977f5584313da336d0ad80cfc18b07744fb7c0ee2d211d3fd3843a7f85e43d86cf777a852b666c513b19327a336316f7b33ebdebefe99fc58c862287246e96962413b5f6fba00dc70f160154001a2f03981c2ae1d35137c2a7edfafbc479f504d8b255d6e39301314d0d2906c37f8867a878c0e86e8abf020dd621a49bbaa8c19854eaacd7bd55676de26bf0cc98733a886eae3ae6ec363b86d7f901d4ed0751846e8d9fafba1774cbcb418327bb1cb891f0015cc83e65cfc543584673e51bde3161381ae651b83150caf1eaaf8ca476c879385bec727a233a84a021d282498f28ec413a6bb61213693be8549e08181d94098182878cea5baf6c5743394e2450e241224f230ad379f8872a3742b077214d93b341e07b877215079dd0966d1505bf3604b726fa2c479b22a3b70933576aae3286cb55f35ccaa159c6a02f26162965e6b00497ccf5800cd035a32ee54000493b307942e95ac34a55eed410d58dca77f13c2b9140d500bf299c6660bfdd242480fd2b6f3d7f196b6fded56f899499dd480c4c2b8a12521d2b9bd5646d87f2e7cdf5a6eb712a493abfdac00808a802d1a2b4e78de0fa0d17f59fd16b37a82b9c4c147a85660f3f466f666122c3b3212d9c8df25cbda84665e25af0257df08bdc65b20e98221fbcc38294009e18cb6c8abd834f43a46a9cdab35e295581b203a2efa6e95550c3495cb609183a205b93e4c136ec0f0e0d154348cf3eba41a70e9a999abeefa6db6dab00813eb9b37720721ded03e5c34fed2a9c7e3647e57a06f209746bc48addc9330df4fe6808b6139e591fc9d1acc2787eb2738381bacf963656ba95d4335010234144892cc6d4e78faecf71b6e6203b70db15a06f1849cd8238ef595cae70a894e999125a9e469cabaf061891cb9eba32adea0238767157d88b33ec35bb4f9ee84fb2b0440b03ac069dc4f146f948396f3c13dada270c402f0c849838b5a391eb12f1545b604c70ddf212f80d96a74c4c7f7639d0bb2b6ba9ee84fc8d1bcfb61c9786e6aade4f88e0c70289cbfd998d9f3f836099014353db28e86a2b89eff164c3b533166cd33672208f56a37cc59f049e3930d356e8fd83f62dff1a74cdd258ab9f3323c61fe86fd2a4811097d83c289cfb30cb5e2a4f99ba69c9865ff67a61dabe50c88164a2e34333d011e6ae36f51b6282f670264a1d2fdba746cc0871d4c5f5acc1b60ba1e76895eda0b7bd48a75d789739a3e8127b42e0afed4e6835330eabbc0d742df90386f0064378f60bcb38a0a245a1f8f4df226a6c1bee863004094e09285e9fe73e889fdbb93b4b4c7f1de2d1a5841b4ce7470707daa1cc928f4e0024b057f184315b3825d91dc652cb77895204288470f1db2d82358cb002bc1b54d5b37544f8b3a63ab0769f7ddcd1b86cfb5422c12756e66dfe0af646c44d79ff9b69411425068010664b158707f704a5207abe887f7286ab04bca2bc1bfe7b0f5bf49688069a01e87abcb2bb33c4a39bb4b11451fc4e21e14ca33054abbecc9d894996caa50d1cf9ad7df0fcc13dcff403d27a8517828a3c9920e52ffafd0e33acb352041b1b441beaa553d15bca9404bffe78b4a63b822785847c155859389c224ab0c46a205856c6632d2b82c1b144e391877b100277f2b49121422919b03708bafbb5974dfefc4c08de5704e2878ccfc3f7f4c63df92e740f094b7e8dc3971f987a6b9aeba6b8cdedfadd3d6d94ee6f4cfa2573cd20a484c449b66b4c5489d3f05ac5301007f3bf4dd446e2a0a61d8d4c34cd2d73f792607bb62e561c8478a0f657ded7b51bd7b4f7532fa5f05154d9c2758133218b18592bfeb7722ae8590080c72f6671958eb89b53fef88b64a4e0071ff221f51f0e65867c68c7cb5b8a4692f0ad42c350bbbd4a4cbde3db422d369a8cea95ddf57725275df26194f2f30a70b5a1074801e0d005e6743499264f06f3ac4f88014943265f733629f759d728761e511488e003381d6ca84de54469678074f06e149a21dd2669a78d5d70020d65063a6e534648149b3f6847448c332d88e145c2c72996331811503bcae8345e75dfa9dc3ed3e6cf2bbc41f2dc065ad0b3809cd6eddc46a60c4630104c0950fbe36af3290abd36f80dca558193fd06df85f94f94627a640fadc4145aebfeaf45ebdc2c0ba613c34b9bc7029d640f661e3511a4b62ecc13b256b3f5aef400860531b3f9c29e69b0e166e24172e9a44a6d29053821419f17c4354b66bb03d03a68555c18b5d82fdf8504f4594a803846de696427f429215eb6a381010b5ddadd9687beb1e125ee6bc23abe65e9663a136db90935238de3169d72b20262af9882439d7ba2d999f9c3ffe90aa70acd931e984cd81aaf366a3cb6686218670a82cdb2fe5b2a0d7b0e479fce132ae55d5183e487fa2dbcf88fdf78f9bb3a55457828e67f9cfc6116d3044b96f96d1acfdf9822c73a75e56e56597b4b41049b2b7828a58177eacd3f3492b9d327d8f1c190fcf2836e7af5910d61c8295fe36f41db05b1db3b908d935ec67cee04c8f6d268ce634dd0a25a04d487c254e73590510b2efe98a0bc906cd78a01ad33f16343d27fc2ff5737c6e342fe852b2d4d9dc773884ac7fe454839355e55988c2e1751216d769d22799cad7a804b4b235a75def8e94d36483bed1ff0d65619c337015ca2a4900c08f1d37c3e3787b0e22080d1cf3aa424e87fa6b91caba1f171ba8dc7447899539fada7f8a86f5a7c51d2726657d9a188fa1ade0ff21776f32655f3a937c9684fe8f107f2f2237efdb084bfe8406bf49a28f165ced96fe56f6dffc38b948f2c92cf250daa5a0953cedd236464a6f81e41284efec5619e76d7f38ef9ef84dfb92a81e5ff675101b9138ab53671d39e51f8bdccde3be9120cf7819737fb74f89ea3110e57b73991de9e3e3093ef06c74432e7ace12deba3b38e96da1196bbebd27f25879a6cb38d9657ed544d6c94de532df27032741a3afc4f80aee18ade430e340792a7c29d350c29acd71a0600774952c93e2fa060c62c024dc0be8545071e5eeafe5aa933b33d0a0f622b01d2a7d64405db804d2d2fae7a02551a251c3c63b96d19b145d0d0d0fd582cbe6df1acdde57c4575c7c82d644ec5ac52aaad364305b0ee340f5ea8bb080421b3ce76ce4116f1ca16f65ec46e2d53a9eaf9fbbe250dcf5c8f58d566d29761d0af5c0dd81ca835a8cef76e59e25e75e7f107733f44e65bd785690227f6e8f05a998cad47ce04548f510daee0dfdc4e60029805b8265c167ab56e1b521bc821d6eca0146b782baf82253abb7538d80b49006387398e7eb8cd1b378766eef49331f589bf616d5a59f2b6ceff6d50be20ef15de698761b1a8e8114fe5e2545c32ffe0bc80901e49c49525f6891a1300f2a3b982c463b51a0513330438331b0347de21c9a4339fcf1b7b6b32333560610b72a60d71a5a72d8bcccec33ba25acbc7902c8dbd56f461fea542e6a436796d2b6f7defcb7849f06f08e2e058036897994b7b4b83fa7c8b419e0e34d5b4c27e3f058e566316da5a08d546453de685505dd47bba34afe30d7d76059bf487584441ef97e3d4973bbc45ed917756b8c64420e84e48e124c83f0139d77780892b2d3ee403c1460587b6f55c7253211dee90510e4852f40a525f4d8c398ecdf0b179b7f552712f40fe4750ad2c7f440f4405fb6fada76b957ab6bdb7928cc5fe4ed2839d118a69788bff30595a07d0b880db736750f97cbb801f8e8723fa51f2d9e5e36aeb65b51f333f482c4c5f8867a841419692b04a18a69cc6e6412ea7ebc1a1dd5964eda576b2c546a5d81ecfc98d4db548ef4adbd4c399adbe40e90e37f1db7ab92afac0bb9afbf49667e02ba050263435758e6714db033e9eb953a67415b66857c0b052a2595789ac3731e812bed1e05a07610e496ad02589127364dc5087a5680997e6a85940173ebbd67cd574b071005d9990b28ca7f1bba56994cb079be08392fb8f242a792d453936204b812f5ee2a28a9f971c79710c42d1279f4b323a4bf84411190811abdce50ef5a098234a575160494be933e02f949ac9266db9edec7720d6a08bd68e431094a4ccd73f3d2d29cec2277cd07e915708f8a084cf4b85ff66a19317968a33f53f5c6dbb0bccc01b0fd13d4ad2b17d6707d4c14fa38a41fa19f9d8875f69d21dd88596e064e3d2e3244f12d11cc80d64d78c1087be2cdb1748c23d867c81befe36cb528424cb5b75ab8aeef56f912a9cf0fa3eb152d9edc849e21c3ed0266192e196c1775d848a2174f3f27164c2e4ee7a674873ca4486678906b566e6acf44c4e25bfa82827d1e5b6eedb0a47f56a15500cf642902ffef01911eab2fbb0e4abfd7d0d52a0e76bcf26e5fbbf7c072b7a1eeaf2c9c034dd49059169e1154ec75170b7acef9916b5f63ce3f4267587a178e9865df4ea12e24b260774f82f118196fb439f7a9ea23c355845aeef8d0055caa12ddffa161330fe7fc449de723ce0f48826d730d5cd83d8e360f3e26522c3b2b3200de772f12f313a40df84ab7fedecab0728c73b1337f965bf648f4516fc6ee3c6c47973f1f55d4c9cdb020166121535800cfc0b258dd48404425d04f3a5b95029a548678fa6c12acace2e4d9bed8a2568a28ff2e"}, {0xe8, 0x119, 0xffff0001, "86354b6f967d6eba6b7c80aab03ae43f496390323c1335dda5f14a4eddd4a76178b12d142dcb67289d70eee6d4a41006d1c76d5957d573decede18a6a48427182b3bb08a82c11d94f4339284e5d6221a9c4aa1a4c3e574efc4a16ae514ac65d18249501104decd54d444da44387e5cf0b0e65ea608bebd8842cf9eac6eb3bb65b2b5b124527b47c70181cc2499bfaecaf0f48f8b5bb9e06e0c35f7e8fc21c1762197b21c5d7ea0c69158e3217c2b863b82131da428f8a863a1364db1478b5d174d2b5278a58d0164b4b0d88279103b0ae03b6a11bb"}, {0xf0, 0x113, 0x2, "614dc378114e476271be8e748e8e505cde4b105379aa692681590efbaf2e55ee6a8561a44d38697ead9f812e7d44025d1bdbd57379a1da6f9ccc37fc57f728fbedbb2b3142a6c9370e446d0d3931498acfa4c567e46ee57a567e978298b5e447fb1bff664adef6f736cbd14532d5bdf13f8d048453a1d10144ab4062e06c8c4baa564193081c5450cb5d2e70aea9f7075f5304c66e6d73cb7df8539a7c99394dc01ab2e64ea899dc69b7fedee86c4684918fc12b6d17c1da02bec1f384c5876edb67f342641cb5d07f8060226dff079b8f70b203117f2cbee32eead3fab0"}, {0x80, 0x111, 0x9, "f8e6934f6620fcc554c0384e16ce2ae7ef5c84b6352d8bed3aab416e79f8b8879528be871974531e526fa99cb6a08457a09711bab0bac0513a567a22478d4f771ecc100cda7adfc77bdd379423e49460c6a1f0f1f46c806fa5b31bf4c94d6ba720bce2991eab5028caad6d840e8be60e"}, {0x68, 0x114, 0x5, "1dbfd3f71b915c3b57555a3a0b6e70fb4a96312b031f83c62738be3782937774d8731ad0108c6dc12ceb121a50cb940ee774d01b5131f6bda77c4d83515880108118f33ad49b69eee7396f20a9401f88870c3d241b77"}, {0x60, 0xff, 0x800, "ad2f3455cf365045d95be8a20b250997064991a49420ea46371964d91ed8c0c407ef4d809328092e0b790c06414ce8ca4a001511b3c8843fbe1adc61780a715da19215f1e87029a850f4dc"}], 0x1438}, 0x0, 0x4008840, 0x1}, 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000100)={r4, 0x3, 0x6}, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000001f00)={&(0x7f0000001e00), 0xc, &(0x7f0000001ec0)={&(0x7f0000001e40)={0x5c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x731d, &(0x7f0000000580)={0x0, 0x0, 0x2, 0x3}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r5, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)=""/73, 0x49}, {&(0x7f0000000340)=""/139, 0x8b}, {&(0x7f0000000400)=""/204, 0xcc}, {&(0x7f00000000c0)=""/128, 0x80}], 0x4) perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x9, 0x9, 0x53, 0x3, 0x0, 0x401, 0xa0245, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x57a, 0x6}, 0x10000, 0x1, 0xfffffe00, 0x5, 0x1, 0x1, 0x25, 0x0, 0x5, 0x0, 0x7f}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) fchmod(r8, 0x40) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1720.444135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1720.446927] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1720.448075] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1720.449155] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1720.450226] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1720.450391] FAULT_INJECTION: forcing a failure. [ 1720.450391] name failslab, interval 1, probability 0, space 0, times 0 [ 1720.451280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1720.451325] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1720.457696] CPU: 0 PID: 9628 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1720.459082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1720.460817] Call Trace: [ 1720.461368] dump_stack+0x107/0x167 [ 1720.462122] should_fail.cold+0x5/0xa [ 1720.462913] should_failslab+0x5/0x20 [ 1720.463715] kmem_cache_alloc_bulk+0x4b/0x320 [ 1720.464657] io_submit_sqes+0x707f/0x86a0 [ 1720.465546] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.466565] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.467590] ? lock_downgrade+0x6d0/0x6d0 [ 1720.468439] ? find_held_lock+0x2c/0x110 [ 1720.469294] ? io_submit_sqes+0x86a0/0x86a0 [ 1720.470203] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1720.471196] ? wait_for_completion_io+0x270/0x270 [ 1720.472210] ? rcu_read_lock_any_held+0x75/0xa0 [ 1720.473174] ? vfs_write+0x354/0xa30 [ 1720.473951] ? fput_many+0x2f/0x1a0 [ 1720.474706] ? ksys_write+0x1a9/0x260 [ 1720.475513] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1720.476601] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1720.477679] do_syscall_64+0x33/0x40 [ 1720.478456] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1720.479518] RIP: 0033:0x7faadcd8fb19 [ 1720.480291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1720.484093] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1720.485656] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1720.487117] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1720.488586] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1720.490046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1720.491522] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:41:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x1, 0x1f, 0x3, 0xc6, 0x0, 0x1f, 0x20000, 0x53e4a25c32c4989f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000040), 0x2}, 0x41028, 0x3, 0x80000000, 0x3, 0x7, 0x20, 0x2, 0x0, 0x896, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x1) r5 = pidfd_open(0xffffffffffffffff, 0x0) copy_file_range(r4, &(0x7f0000000180)=0xfff, r5, &(0x7f00000001c0), 0x9, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) [ 1720.513510] FAULT_INJECTION: forcing a failure. [ 1720.513510] name failslab, interval 1, probability 0, space 0, times 0 [ 1720.516287] CPU: 0 PID: 9637 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1720.517721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1720.519444] Call Trace: [ 1720.520032] dump_stack+0x107/0x167 [ 1720.520804] should_fail.cold+0x5/0xa [ 1720.521604] ? create_object.isra.0+0x3a/0xa20 [ 1720.522559] ? create_object.isra.0+0x3a/0xa20 [ 1720.523529] should_failslab+0x5/0x20 [ 1720.524332] kmem_cache_alloc+0x5b/0x360 [ 1720.525182] ? mark_held_locks+0x9e/0xe0 [ 1720.526046] create_object.isra.0+0x3a/0xa20 [ 1720.526974] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1720.528064] kmem_cache_alloc_bulk+0x168/0x320 [ 1720.529037] io_submit_sqes+0x707f/0x86a0 [ 1720.529950] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.530999] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.532039] ? io_submit_sqes+0x86a0/0x86a0 [ 1720.532948] ? recalibrate_cpu_khz+0x10/0x10 [ 1720.533869] ? ktime_get+0x158/0x1f0 [ 1720.534665] ? irqentry_enter+0x26/0x60 [ 1720.535534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1720.536636] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1720.537775] ? trace_hardirqs_on+0x5b/0x180 [ 1720.538686] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1720.539840] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1720.540934] do_syscall_64+0x33/0x40 [ 1720.541728] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1720.542810] RIP: 0033:0x7fb90a2beb19 [ 1720.543603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1720.547470] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1720.549088] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1720.550586] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1720.552084] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1720.553588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1720.555087] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:41:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001340)=[{&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000180)=""/87, 0x57}, {&(0x7f0000000240)=""/63, 0x3f}], 0x5) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/shm\x00', 0x0, 0x0) readv(r4, &(0x7f0000001400)=[{&(0x7f0000001200)=""/177, 0xb1}], 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80800}, 0x3) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 9) 23:41:52 executing program 7: r0 = syz_io_uring_setup(0x25ee, &(0x7f00000002c0)={0x0, 0x237e}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) splice(0xffffffffffffffff, &(0x7f0000000040)=0x10001, r4, &(0x7f00000000c0)=0x3, 0xffffffff, 0x54928af0212cecac) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff9, 0x80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1720.722128] FAULT_INJECTION: forcing a failure. [ 1720.722128] name failslab, interval 1, probability 0, space 0, times 0 [ 1720.723904] CPU: 1 PID: 9653 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1720.724748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1720.725782] Call Trace: [ 1720.726124] dump_stack+0x107/0x167 [ 1720.726581] should_fail.cold+0x5/0xa [ 1720.727065] ? create_object.isra.0+0x3a/0xa20 [ 1720.727653] should_failslab+0x5/0x20 [ 1720.728134] kmem_cache_alloc+0x5b/0x360 [ 1720.728641] ? mark_held_locks+0x9e/0xe0 [ 1720.729152] create_object.isra.0+0x3a/0xa20 [ 1720.729712] kmemleak_alloc_percpu+0xa0/0x100 [ 1720.730310] pcpu_alloc+0x4e2/0x12f0 [ 1720.730829] ? cset_cgroup_from_root+0x2a0/0x2a0 [ 1720.731504] percpu_ref_init+0x31/0x3d0 [ 1720.732064] cgroup_mkdir+0x28b/0xfc0 [ 1720.732593] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1720.733218] kernfs_iop_mkdir+0x14d/0x1e0 [ 1720.733780] vfs_mkdir+0x41f/0x660 [ 1720.734261] do_mkdirat+0x145/0x2a0 [ 1720.734746] ? user_path_create+0xf0/0xf0 [ 1720.735301] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1720.736032] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1720.736715] do_syscall_64+0x33/0x40 [ 1720.737210] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1720.737886] RIP: 0033:0x7f5ff7acbb19 [ 1720.738391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1720.740817] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1720.741851] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1720.742820] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1720.743802] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1720.744781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1720.745750] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:41:52 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:41:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x1, 0x3, 0x1, {0xa, 0x4e22, 0x9, @remote, 0x8}}}, 0x0, 0x0, 0x1, {0x0, r8}}, 0x3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:41:52 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) [ 1720.884932] FAULT_INJECTION: forcing a failure. [ 1720.884932] name failslab, interval 1, probability 0, space 0, times 0 [ 1720.886496] CPU: 1 PID: 9664 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1720.887276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1720.888211] Call Trace: [ 1720.888517] dump_stack+0x107/0x167 [ 1720.888939] should_fail.cold+0x5/0xa [ 1720.889373] ? create_object.isra.0+0x3a/0xa20 [ 1720.889893] ? create_object.isra.0+0x3a/0xa20 [ 1720.890407] should_failslab+0x5/0x20 [ 1720.890830] kmem_cache_alloc+0x5b/0x360 [ 1720.891285] create_object.isra.0+0x3a/0xa20 [ 1720.891783] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1720.892348] kmem_cache_alloc_bulk+0x168/0x320 [ 1720.892860] io_submit_sqes+0x707f/0x86a0 [ 1720.893345] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.893895] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1720.894447] ? lock_downgrade+0x6d0/0x6d0 [ 1720.894911] ? find_held_lock+0x2c/0x110 [ 1720.895383] ? io_submit_sqes+0x86a0/0x86a0 [ 1720.895909] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1720.896464] ? wait_for_completion_io+0x270/0x270 [ 1720.897025] ? rcu_read_lock_any_held+0x75/0xa0 [ 1720.897557] ? vfs_write+0x354/0xa30 [ 1720.897989] ? fput_many+0x2f/0x1a0 [ 1720.898407] ? ksys_write+0x1a9/0x260 [ 1720.898852] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1720.899450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1720.900048] do_syscall_64+0x33/0x40 [ 1720.900477] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1720.901061] RIP: 0033:0x7faadcd8fb19 [ 1720.901487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1720.903610] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1720.904479] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1720.905264] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1720.906084] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1720.906879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1720.907705] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:42:06 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 23:42:06 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 10) 23:42:06 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:06 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 23:42:06 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:06 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4010, r4, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x3000006, 0x80010, r0, 0x0) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x110, 0xffffffffffffffff, 0x10000000) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r7, 0xffffffffffffffff, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r8}}, 0x7f) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x3, 0x0, r7, &(0x7f0000000340), &(0x7f0000000180)='./file0\x00', 0xd90, 0x400, 0x0, {0x0, r8}}, 0x8000) 23:42:06 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r0, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = accept4(r0, &(0x7f0000000240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000001c0)=0x80, 0x80000) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = dup2(r5, r4) r7 = syz_genetlink_get_family_id$batadv(0x0, r6) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001340), 0xc, &(0x7f00000013c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010025bd70e5fddbdf250800000005003800000000050000000000000000000000000000006e10203bc4647b00a85f000000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4051}, 0x4824) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='D@\x00\x00', @ANYRES16=r7, @ANYBLOB="000828bd7000fcdbdf250b000000080034000200000008003b000500000008002b000100000005002a000100000005002f00000000000800390000000000"], 0x44}, 0x1, 0x0, 0x0, 0x20000051}, 0x880) sendmmsg$sock(r6, &(0x7f0000001140)=[{{&(0x7f0000000480)=@ieee802154={0x24, @none={0x0, 0x1}}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000500)="57c534fea4c9c1c21865ff30679a410f48884c679d4f5d82815328034c0da035634af0c0b86709adf4ad5d5767e3fae890fd8a08fba5a5bfd78b5baae0e66a39ddc8bc5a1ed80da2e7d8aec1af89947f266c298ac94719004f89a63b3ceba78e73674c2515575dca4ef301db06fa510bd42a2735edb0091b5ccf66583d3bc648736590a26908e7e4694c400a1220c2f4e2210b6cdecb0d9bad394715eadd31e4f1372930781a44e7273c69d990563b317e800c357748fc72a75b40c49f4b9da3ed2face51fea977d19cd2724d2605d3a6c51d2555202886aacda2dd5b8e3f8883feecb8d17aa957b7375ad53cf2eb7ece1b9", 0xf2}, {&(0x7f0000000600)="e5b8f9e65f3e9267a47e39a5f24b4b284fa009cfd464a9d2f1244dff3c4d7d9f96b751d5bfb3dc08a4933818093ad012a86680cf58489cc81f83a859a97ebfefd51372bfed93eb4276787c989d9e42815027aa2bccc7c8f2937a8507216d43984c92b0e8bc861e6803aa20b653689226b5165f9391f4ff131b3257b5e15c738854c2d09679e3ab0e62d6611449d88593490471e50cff344b99210847bd60cf7423789fe6bf57d7609f9855c589f54a292e0893e294ecc58df6460044593812333aa9b05346a034698268e2470d687e55151978ebb28eb6111ad10e8d76f5a9902e4434f967a3dbc787bfe01965497bb0719b9579ca61", 0xf6}, {&(0x7f0000000700)="b7b4be1a7d8482851602fb7c8c53b92cf8cf5fb436d8daff00464bb5095473f75b386ea46cf411a9dcde254cb7fb23c0e98a90a8a3832f3de4f572cd33fb27b1a437732d71ed4c0c0d87c4137ac1c5c9e0e4aabf4f3595e488ab214d388369e414fb90b93a249da0256025c657c3bc1686d24b3c1f110d5a0eaa16e8ededb8a913f3a903bb05e1833798b2bb94410db35095a1a5a114da9202b67ef3d04a8e084b665f9f52d42b3909dcfd40b6df1bb5d3ffd003187fa881c65f7794800660f51ebfc2ee14be91422e571d88cf29b13585b967917f4e699104", 0xd9}, {&(0x7f0000000800)="21a62ebb8e3d0d6f43552e5e317647520bcbf2d86344731d185eb17812ad813a71b5fb897ca20224d22747bd0d49cec0df4c88cbbea9ebe84af59ec76d3e3e65551ca9f55e764f6be9ae21d671a8a28c79a9a0109b", 0x55}, {&(0x7f0000000880)="8a8bdfa827f6ac4d70895c80fa55db62fdf585b8a890d0a0a3eb", 0x1a}, {&(0x7f00000008c0)="e3253eba8897e28881fd72664af07cb5c19e490d461a4dde6f0b5fe09f27e71dbaeddc0462743ea9f535896f29b4e163850e98b9bea8c5ace46a", 0x3a}, {&(0x7f0000000900)="914ce22cfce3d3cdae480406f1fb585d60905caa3f206591e9ed04c2a311de12c10784e403fde2d32453e334a8c409a973963bda203e47b0cc3a32ae1bfdb2e90a0b15d5122a803a74a8a1c1e81288e344e38c3a9bc40407a32c619a7187012f09051da386e5f5d79f33cf16824687566514e1aa01d4ed8d822917f86cd811d15593df422bf76efb564f51efddbb866c43cecc020224fa7d304877c084de99bf9f12d8a683b7e93fc43a4e5d5b31438bc4711e28bf5dc41ab923dd215d4f2838101c6113bb25deae67214d225a324b3dc596d4f8fea3c23c0eade483fd8ac52077e84c1476d522e8451b942a2415b4539782208b5f", 0xf5}, {&(0x7f0000000a00)="0b501ccf41ec8592ea9e6bf42eb21be9fc8cba1fb2", 0x15}, {&(0x7f0000001e00)="a6368355596dd020dabbcfc81a6cbc1d26417506698e55fa7672982610db9548f7d602159d3e227f734ab409fb0087c5bff96886163f50550bdbe4489708eb6b921dfebed8ce3062beab40547d7d53969695792ee03dd9de99a5e2df8e42d19038556b7c42d8ba2010a80fcc573826a20b3813b1ad1953950e48888f8decdf72c77453a13040b6003e84a76f77ade537a2c98834938172640e34401b16a684c77a2e50e615c60d189df5b196af66fd356427b69145d8bc7592ccd05e5cce0523c28dbe63388e4d266c746b1ce2397fd3098340c0e1489961037beb22e852a76f16d55e9b7f608343beb7c336b79ebe546432cc88a6e9e5b0be3346c81db275e213e5f347572ca8a1a1a51c8bbf5588a50de01aa99313f66802623dcd3a80b7ac9adc02144f77d46f4855e1a486f17bbd301590f0f2a2a097bd1d3fe9936a2a3ca6227e771fcffef81ab7c04e135cfe7db77549faa2ab9bdeaac2b2324fd5dab426f240b84e45cec2cb9e6886f16c559397bd3a6f7a24acde74f4ddb89160e19938461233f0f5ca20cf41f7a48d40d5e97edc4966cbb17a2ba8e046908100902a1b2e0423f89789159070cfb2a217d68ecd97d1d7cc0a9ead4c6c0c33dd36bc624946d1b86633653e9faac53d376da05ab7a1cfea5ba789a375bd6348d869a6c3a1d58642e4dbc5c9a97b3b700082114682ee7be153699f477e0d141e68fa2a82c6825a8be66a049fd49b55a41745ea86fe74f9af6c35da0fc3eec776bd0a924e3ce2d9184c56500415e6e63a5700a12e95e6f079e9715f1a8bdc7f06b93a44124050a0ef4ac3b8ace7daed80d518fd14da1217ad2a3bb8fb84d4d772ebd848a4b33bcaa26873cb769a7a8bcc9f0cf201f59cf9a946a440453464c5786187b54d699ad3d7ad9ca41f2828fdd8b81826a093a1cc2873404ad6fbb38a8fad78ab68077c9b2234fb1438d7e935c40dd49627bf945ce460d17623bb73505df574a70ee3391314af862bae565b39646c04d9c79a5cf77fd2b9c97487283a522916e068ce0a42002a12a7c8281d2cdbf6bea1488c2a0919c45740d4feea965117854a8c75d2d490a860823c3d2fa3c484652f8fa97c14a063a2df966ca5fab1731d69ac14bcd8313db95b46832e0baab03cdd9bd27ca2ba60e5b7547f0108cf8dfe6fb703f38170da6db51ed14e1336a4778ea8440cd947d92f7477df2ea20a334bfb10face5a6ed9d2dd59a0a15f96c7747e5585cde45db65edbcdd8d748c54d56b98dddf8b049211b13889a16084b6adc44e562f98ac57a4e33613d68119043e354cdc31218ecf87139648ebb019debacf563dd51773ecdd0dabefb891b8499e888bd1aff4dab2a2f9442c223f942ca4a073fcb1da98e395c649fa33313cac54d9d120ead90e8749dda98b57fccc792ff005e4418710eb1a43e50a96eadaddb86e8bc77904d02b14d6dd145cd9c3969ed14172347a9a09b460dcea94a6281fa41c779d57b357ad4c9e17f4131e2311f1378204ee4a634d9c75dd103e777e41456ff7f7158bf879626af61cfba7209519e45f1a57ed5d4da79b5332be56d7b30cffa542b9e97bfb1ddcf481335d2ba501dd2f985f37dc6a4b3e2a04867171da159c2ba375fe530b30762f1b4be11a0c5ee844e73ce719abb80359f64191cc285afee843603e9d48932fa1b3c2ae9e7a940f82fdfdbbf4227b06cbe38652ded763350a99ea8f4dfb2994674398656ba918ce97d5913a9944f6a74c9a7879c5bc97f9771d99ff5562bde7c8dc8a10bcce3ebee31b3dbd60329be73d54c3f0f7a403e6807dbe03aa509c5dd1539de32ba8272aea851d475aed427702844952a91ae10fcf750375c5927c7f5632ae3aece85d40862d6cdfa07349d3d68a77b840c48ff7b462b90e4d047819085ee30c26ea2b59f8ba97a7183dfd6fbad4c660c898f9b2abbc47a0f7e355cb6f362cfa9f2e0605ea4d1403ffb6291733bed0de645d8b9cae6b65d24bb80fff966cf5412c8597ff59437da1946166b5be1f2bd8d9e9e35a58742f53f4c08709e06ed7850c039135833910f4ac204fdaada4ade341c32a450f2fd39499815040a0d5f98fcf561f489d6768205aa3d8d671e4c814ba4114a19c7750a5ccaaf63f20fdfb0d207380e64f96b63646fa55f40b9f6d9324fb038b8b243cbc7ce75622201914eddfa2636a14659521f0876e384d89e5563cca30b2fc8a89f7f9fdd696a324c3ed7f4dcb54fc815f9c595b58c6799973eae731c23e6171067b56fa50e36f3e87343160b485ec05f9d9f967585d139f39bde9ef48b72161cf67d23d14ca8407ae9a07576a3b34e026e1babc4432b603dc550a433a8da341f06ba13c44310b56dd03f065950da19ca5c92fe82ddd1fd4e4738261e59fe66edf661b06cc5cd2b9c65c6df3de4264b0617ca19c5bea3caec5bf38190346883d228cffc9fd446bd0f1c99843a059ed5e57b00ee4cf8a5527577b59d4e24afc1355bb3b9b1a07f1bdd5e21119295998d95e7a5174be5025729fb7257b627939afd5438eda29f7a7ce3dfc1dc8fa867988d020dee7fe2215b67bf3c532e77df3fee4d31d1a2bc58be5ef510f4598d8988dc5133cf09523211b9e999a174742729670b50f073311a2f3aa30a915e0b5499f2e66bde2d18e48233f7ee8355745039a19a42a85c529a0b1726566010a333c4ea91a5514b4174ecd5a57a4e86729b03855ec74273baa75544ec94d6793c0bb0011a0eefb002acb730f1dc8706d59605aaaf2dd9801362c02e10b5dbdbbde5a7e15e7a408767731991a9ee567b689febc61696ff757cb10699964dd4e2efd83ac31124318d130f34cbf662713e05eb54330a3681ee465e74a7873f0f1d44b9e69b4fa2ca250d8271d86bfdc046381ddb83d433ad88eaecf0cf79bcab6b0e5a24aa47173deb4d79c45a18fbf480e09a64d2d79a23f389ef81f363b49e47b84e55c2f4f86f5f09dba540aa9a213e7354ff93381ce332fc6112c18bf0d2afd86e928dcb7bf54fb3eb10096cf2bbca17bd9765b9b4e041501a76d110f115b9f7baa98bc1a2b88ce02b39607af3fa6c3f6bdb63693082bab573c12aad995703d63bb1fd4bf47dcfda533e93f25fb1f95f531b17b789b3fde6f6942b7308e8d06496f6a34945a35f514c565b0cafaa664ed3019e5e824b8d2fa7ed02321f65fa2eb7a159e2c25a43a0ddeeccea3b807dbc23f7417e24e9759ec87d040afcbcc1181eb6b1c508b95fbf43acbcdfad5e681baaa6ddfd000e90f2381ed79f4b3ba56d8424f34deef96b2bb4d94bc3fa4de0d4912c4c7a43b611320a89e1f49d35f91fb680dfd3c5e71b98dc64f8a90103c2f67984b175ada910de25b90362bc2db6d800eae6385067c834548a0e33e3a6f942736be6c6b91d95ca2fcfefca48816331b04a9973a833c363ab82360d63208c9937a8f7bd924475e59f892f706e4c87f5c8472d97383ad5edc62daac44e0ecb2bffa2bc4e3b68afe90a8ee19e84bebc4ef945018296b7cce2692a8c1af75d5c219e3890e5f1a1f6f95d637db26dbf4d9912be9344b0cd8d011c7d927d80a5d896323c0021253515eaf521da61c0b4bc896d24124f6dd5eb2156f96ee1920392581ec865df9f88ccc17f71bd71ba891b4ec38b05583e8776030bcac8c5f6c6a444594b3a894d63761d324d6f9897dd3cb80e553e71abd1ca2166d57f4466db3be473e98a1654b32d790d83ec38b81e477cdd14d4533fd2b69250fd2400230265d3b383bf1ae6d851b5252404cbdf4eb454661eb3fe03a56a0e8f8ae7ebbfc961fe96822234969bbcb3e49ee5ebababd8dbeef99def2df14e508adf34c991adc0dbf45c80497a6b37360087b99a97fee63abd8d6e37438b1b9af913fad3594ed679e65fffb663d807e7593a3a7e2fb15417cb2af9339e7e822133bdde71acd9ffb9757628c4c66a8201c2472a2cd4847b13472f88f49ef40f692889133a12ba1410a485dc9b036bbbe2b6816d76c96368284ec111aa83feda1818db7e6c1b20d7ef5062e987a4cbb71ef00dfce72af0f45be6b22dfde49004530bff38aa1915995fb04fd3625a2070939e6bdf7c0027f3599b25af93cfb3727026c9629996213af222bb11d462cfc5efb1279d703bc870eaf8a7d1ad145204058e70e7ff18bf224681b398f7b414d77597717f8421b8e9187e7655e71bb1339918dd48e7ef6ea2515fa06f4a993dcf730a8d41f0f64885c1c6db95d1b143a08bc10ebb9c4190415aa5a4532755d8564b69e8de4355bc7f86c480d2a7e9273bb2698f489e9ebc4a8bc0c2e88b77146322ab622d4dbd33cfc801a20d61fe9c58482e6c0c793aa0af7bb5047dc35c4edd19f70a2798f9ce080d56a6087252d04d240c429b65d326840660dfa7034c79f8377c968eec2c69baeaade3a6995431ccd39b838a7c8c02862798e6d35232f97bfa74e660f95fd69e0684c29f40374642c68d0c4c727f9280112100054e1c9c75f2e2e43a1d23b26ffe7d2813505cd9d3d0b979ec9336df0dc93533301e118a6f3753fe097fdc5478309cbf2444c87f353d4a17b5e5605c9d5d01098caa9a482b401c0416000636ea806633f4ae1d50cf20702f8e65f35c1b394585f57caa03f8c5afc6d99beaf6e5a77958a256ccc0e7e5d651d49d0db6bb1608e6b46843a6da1f514f7af34a779739855db2157dc665ee01df2bbffb7e0fc32482ec87cc36d258d0e707a37721da6c09233cc14f78e9d62df2dd80e6cf48ee6c555d6c4a59b8a75f47c0cb16283d4f315a124682cf9b2bf55a073bc52c222f60d5a86d04d7328f1ac6b05f000816ce5720db72474163a383882173b373e6438c605ea3acf328f848fa8216d5e7bbcfd233ab884df7b48ece6151563efaa2c06167afb71b13f7c4deb56017832b3bf37c623014af16de7b368ca8239476b428806f217e643912d3a92a93b60d53b53882b19d5c5d0db9520a7f9dac2241290d3b7808577ee23f81470e9fca2d634614e016320aceaf08863696c5f25b0d3c665b114f566ba3357f5756d6f555f6ce3a8c5ecdd01a773ff2fd99376962ecc8f6d9f4a84b534d396f7c43d02207813fd69eb9539dca6cc194668c844834b87c80105c4b919aa6c453bf0c36323c66550c6e3ffd4793850c2136a7e55f8761b3fd1219e68a5ae5f1478d23a8c56f95f423d16d36a7095c2061fc263feb00af84cbd3d5e338c0245b5aaeaa201a41bc803cea94d2b173fa18343ae460563c59ed1cae7936f802452e31245c4d7dc0f8e54fa4070104e9e8e793476832ed1a0a52d3da4fb5620e2a105262978507f9337d38ea1fb059c4a7ffa0e0f59c13498d65d7388700baf8d2009c36449cc05f923fa6354ec8643051b3f9fa33a1d5a93a2d7c47113544943ee75c853f16a247d33dd8257f5518d6a0e180960c3b3651f254d0431908681946b75cf613993da04c6d2f2acea3c59b236daa9e0aa8c37f23ba845b9435fea0c332705a40286e3f1960f5d8b2b31852828b9ba494a943e9f77c5ef323a841ee6da55d71b19b30d61e9a385ac42f6350bfd4f226b9e2a3437e5819a5bef503dddcb5f14904cab60cda1c8def0f9633b0a9fb894c8b2b07ea8aabed9247001c0b2ba1787bfbaf767f79a91f76c0bfb9c79d70248c2b9713a9e22745254c7506dc1b770259f8c833f530d9a9f3b6c1fda471ce94db840a387be076099849c25d4ded9f479b630b72fa055c380be40f4db1ad60cefd879bdbbb0152a00ee506e478281591af5a4b2401e42da9df7725e45a72b91ee82d62ab18fbfbbe4847", 0x1000}], 0x9, &(0x7f0000000b00)=[@timestamping={{0x14, 0x1, 0x25, 0x3ff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}}, {{&(0x7f0000000b40)=@qipcrtr={0x2a, 0xfffffffc}, 0x80, &(0x7f0000001000)=[{&(0x7f0000000bc0)="4a68072033837c7b80bb0728091fbc8801e2f17b89ff3ab83209bcc0f4c2b82e5fa2f6a81bfd1d9f15742d020f82b1892f5036f7dcea248254f7d3f95bbf709e701c7dcd4dfe6f895a2cea3ba031d975fdbb9583be676d3f971a2c908e93a2174dd81f615a36d73377bb385c4b1a9eb8e4fe4734f006a89e06f9b35cf37f63fc7d742998e3c8e379fbac7ed7ee822100cb7c3ffc9e4cf5fb1d619e6afa36576621da2bfbba48cbe821", 0xa9}, {&(0x7f0000000c80)="dc1193e0df852a4a055bd3a151f6a810eaefcc60bb5dfae147652f54b808f994da340f6ac51cb56e355cde9533e6ddf9a1c26150895580483d0dd6f0df635e829b6e", 0x42}, {&(0x7f0000000d00)="cf0678551f4ebe708ff7709755735cd39ee859137e1054427eacd0d233429406cfa81ec27a56ba54a63a5d40dfbf9d0898ef2db2dbf28f897522c5290e09708a56b590e5bc4a8ace3f42d0c8aba51f34cd5adfba5b0ddf07b08b09f7fc83a20fcb5da53c8c18cf7e33df9e53f2b365", 0x6f}, {&(0x7f0000000d80)="3fc7a85fea9e8a3dd5d17c014774be89bb923055726cd28067c09bd973ab0bb72ad7348500b7acb7a860d05b18edc678f34fefa3ff07ebbb150a9e2c1d8918086a0388d7a0e9afa89e870662f8de9d", 0x4f}, {&(0x7f0000000e00)="39c1750797cc71fba3af03046bb0c25daf3efbe777431e16c60b44621455c2143d9508feabbebb917ea5deffa1a0c0a7b13c559fcb2fa056efaf019824b88bba38123328ea476ed04c1c99446c57a2531121a05f7f75fe540f7e89ed82f9347e15633efe21f6d2b42ca6fcb2effd0bc9da", 0x71}, {&(0x7f0000000e80)="9ded381791c93428b4c3b3763ce31d650b57982b9fe1a23166ea754c6485a432767268f2718649d3ec0b2fb5e121457aa23e2a0da5a6cd0b17eb9029b807988b865be8bd107ab448011dd83e026191f35a4b329789aa61ea6b66a5b8afd06ae699d590ea712509c3e2029314fcb7daf88aa51368d06fcc34", 0x78}, {&(0x7f0000000f00)="f2bf78fe2cf2275b46e41329d81f9bc7d270c86eba16403632291dafd1fdff2f11496c39303ff3178b9a5c94014ba0a1c8054d45f59ad4369d79c288b88cad388bf7b791b57d82ad3db37f715a3f9d3f0d9cac5ab63d362ad6ae55d1dbc41f72d38620333ed92c2480632cfb1f6fb75cfe27b27397088f5fee207039e7e7644099ae691b46f8b6d006c4976c18685d3367a770aa3855978ffb79e25289a8fc00c04c2cc280c48ef2076315507138de3f959a23f6332ae609be66cd5ae8bc451fadc53663c4", 0xc5}], 0x7, &(0x7f0000001080)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x40}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @mark={{0x14, 0x1, 0x24, 0x8000}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x580}}], 0xa8}}], 0x2, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1cc9fea75471519b4bac89c1aa3e12c96cef", @ANYRES16=r2, @ANYBLOB="010000000000000000001b000000060021"], 0x1c}}, 0x0) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r2, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x54}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x24044011}, 0x4040000) r8 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x40}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwrite64(r8, &(0x7f00000011c0)="24cb275e6370325b66f8f8eb11b33371926e5ab9916066bbd80bb1a7b3b2650d07a0b97578d54e0605f1ad433407f892b04e3180fd282ef7be7d70928c4b69d0098a63aaa0c7e43c96", 0x49, 0x4) io_uring_enter(r8, 0x58ab, 0x0, 0x0, 0x0, 0x0) dup2(r0, r4) [ 1734.844527] FAULT_INJECTION: forcing a failure. [ 1734.844527] name failslab, interval 1, probability 0, space 0, times 0 [ 1734.847276] CPU: 1 PID: 9674 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1734.848683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 23:42:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffff9c, 0xc080661a, &(0x7f0000000040)={@desc={0x1, 0x0, @desc2}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f00000002c0)={0x0, 0x0, "646ce00ecdbabc0754b6d058cdb0d428d50d766e25f47cec2f85aeadceee847e2e9d6a648c17eddffd8e823f972c3c55467f7ab1310434416c39522840476bc652ffde91836456c4244a87b8fc194568a364a018954fb11def8c770e5deff3a0a982393467990d848f6910467bcc32aca63230b575595d958dfa936e509b9b01c3ac2433910161b87a41c425d923ab2aef1e0c2fe19e44d0eeb4e23a6bcbe46c3bd99609db28d19ba38c52b24875d29443f50528f5b3090ec90613ed22c1ce68b389fc7bed3d8d9d5119007334f58a3bc01dfcb2c414675be379b6e8873a14f23fb3f22baf4a081ef9eec768db6b8a67ed8722b5b58e5082b3a658f92b44a6f5", "21b249fc959deb8676dfc6efc31bff8fd6e61ec2911799277237ba81b9cc06cbd398ce995adaeb00c7b1bd81c17adb23fb677f80230973912a73aea9aeb5ca640ceb43d81b37f1bb29d73c2c1f5e01c03a0b333db3a3907ac94ce6fa10819a210101009fea7f41650a5992aea0e8f1fc1d5e6e8d0587e522a9840c1e331c3dc2a31f5d7711580b12b1f5f98a0c04cb93ac1e41c2144db18532a89262c26a43eda2468330c63cacaf1abde481afc3b144fd7ccc0eba32a27b756de09481a98f5a372d0c0c2ff8e28d2d71f23b9645d8df75e52b2a2b328af7611fd964f39fae3e2e0cf95bb8bc778cd8ccd0ed47835db5219c3f1fe4a64f32b4e10e7518ea638f79567b8980576cc3475e701fec916f8fcac3ec25c58017f9f6aa7d29686a0d06e3c4ecdd19f71b3c9db8048b87b9526f0e13a1d84e5b32c407a6c0e40605d007b7d8384d6effe14cdc3a1fc06637cdb2079a598feecd31913bb397b1908c3e0f8df5c83a916a73e9477a200fcf1ef70847f57dedce702eef33f8de11dc3e535689354b4e8a930a25b9d5c06264b297eff3a7549fe34bab3353f861c0dd0ce35c17107506e65fd46a814ceefb06260b5b83f1f8a02053b3ba0d09b1842b31fde5ac9689509e2442e9f7429f8c3ab4da44cf908aa199298b51dec80cf3ff436a0c717747e3a56df6afd185ca045312acde20cd50c94a6d9eb1f8a4b13d2920196690496edbc270f9017b2ab4a2b90df08c852d5f8a52866a5ae5082cd8d2758deb7c07508a76df818b2deb34b9ea8566bfcaf72c47c192ae03c4d8cdf7cb3aac7d1e581bc0d13d239aa0723028d28d2785bd4529ba001558db7720e014274d0cee655096ef2dda54a87102a25acd901c14f6abb759522a92e62102fbd9dcd5eacaa1158fd7c8ba70f5a0f17a9f8bb7614ebe09b66f58fe253498687e6f172f17a3da36806fd7d506d40b8f25801edecc1e674a4d28a977da9eb66846fe7ca1470c5c8490e22061b8be14a0b8526d1c2e1b431b238fd88446eb6e0460d3a978767d642c079cf9a53c3c47d75319f7cad7162bb3395c3156f2295863e88d6f96ff4e25a4fd1706f61db96fdc256101da6517e25c58280d65ec6e6e5bbe364c486727b991398f83351498cbd744c31eab5503d0a8317cbc01d7e3aa0750285998c495cbc352e403381f87d094c6147b28f0cd1a5e77ff662170d87caee84813361ca1db39cfa9116dd89f39e73fcda696ddd6b251765c6f45d34a52ef2b0bc4da96ffd8e289d0516d672f9e268e83932e44f8de43edde33fa7f779b61d680a45bbf1827f656246e3a4a016eb829e5a7e4e11f3d34c66f3d08674288a241b60d5ced5a133085de931c602118d778161d74aa8e02da715e524f50ebb7f2b19590c072b8508f69ae23e2a9ffc02e66c58640676a25b8ccebe7a5d99035a8973026db27ef26a0b920bb06c17475465eeeb37af282401d451d6abab02ac220615092ffc012ad6cadf74c504ee4b10ee8f9eb268d36b84432d3b80e86f260d8cb430788b8c77b188cd6e9b2b1a868750ba33b0677e4621c8c9c51a2ea172b82d2ef35948f801788393a705f22eb033151a25503c2a1ce3ac321307cc7bea766c0124333825ade02dbed3bf0d1013587a815902b9a60f604294a6300712b086c1d59be3fac6351f903bf1c57951feacc89a80dcce07d5e50b0573ac615c1214fcd5032b3d34670d423f44a91b1d8442bfd0e462970e306cb89d7092502822414b054ec083f4ba492b13a19c344f1dd31923d4df20e31c106fec2ac481742683f9e7ef49de341a0a628a3c1ed7ae4205a29b60ef3f98f3973c9629895a578ddbc45db8ffb874e06d000657f2278c4cb7b72ce6dc11a032ed0fc857b933cbce811e2917162a4f163c0e02b78f54bcdcab4f1c20dde9ee37ab474be2ddcdc090c50027a393a559c89603393926e5b59f451e3d4ca9bab71dd70b1479f5dce9147c1679debbc2a7c3208c9465744149396ec2adebd983753030f7e98ee13d37b0886b002ae55c1662449e92d83828742c0ce809881ae0dc6c2c9f96ae08c2f11ced3149cde2a6dbcb62dfac2c512664ea9601d73e7108a8598e630933a1ddb04c87036c2e9dd2849c6909bdb447155a1a8b298448330001d8e9170e534983be052b3b237990d0b3627172b6dfcf64986fa91244563d6bd2176671565ac2830028762113612fc4d0cbfbe525c7ff9b7bd4f55d3634f398a8928782e52b5d00e2fb77c10038fe0796b93987e1f682593fdeb4fd668d1d8ccc9a930abc8d15186817662e4189e35cdc58333d52fc4ef5052506b3fb6f52cbd95b9ce7e9e4d43991e7a55a276d38aad59de8a68fe98ee417f9f2fba53c478f3e2c064db8255de37756b612f3167765fb26b8fe6684b9fbb3cf11429eb08263a2482b1e63bcf6e9ab3c493beb52d102f254ffc036aca0278324320756aa0a1cc3cf67a4f2a3f8cd10db4697360a7696b688874d36c840b1f118b7086c7ee833e1f4defdbffdbb69c5d0dc60b56832f94511692508c3cc9b825addc5cbf03798a6a87d86f653411b86bd6c7e257f9361c2df5995b5ff75d01742d8570586082e054d748955c81817bdbd200aabf6b8e842e1cdab24816fac1ec6149ba5df69d113a72915a2b678067fb3c89cdcb06b51a6d6fd1d36db54c36a6dc9f18f30b97c407394d966dc46a672e0e9646ceb27c7ac465b934fec1c5086499ed240f37ed8edb2ada10e491d4aa299182c12cb5686957a3a0905478a1ac022a5d243d100559da67df4e144427a9c88df48f63265dc2c384b64479aa2bc78e04a8678950d9820c950044a2c79993bff4aabe6027ca1dff44c0c1a76f542068fade4731f9debc6e78070cc27f578728973c73351cafea6268371d5e8263f85d2c8e5f8d0491f6561a10fc31186bdb86f9c2793bea71364198819b34789a6061ccf33ac96884bcb514262c957dd261c9e464485a3588cba6e47323dacdd723238e6a442df06bab12c08cbfe6e051db149f1380536a01d439519dfe5621b106618d61ce30a1c3d690d485377f96e64ebd08edd62af059a483c68ba915677c27b784e1f996083d06a33c940ce9ced0f5bfe1aaf1b3efb0592174a8fa790924d2967968ea9305813213874f6962a6fe2322640e76c272ddcbdd0d3d0e13039579fa33ccab848fe3f37c91035591bc434942e4a61e3b14fe336197feffdc91081933eeaffd82d91aadde6420431785a7ca8cc92a10aea7599127fe5f6f57613b94783cc1287b5b56d46c134e72edcd1c16bcf0eb438c9e34b645521e7ac734909e1ea66e2c19dcb6ae2cbce8acdac14aa815cb3f54e233d3ec4429e892b0a19de4ed3a6b2b36de73a71996bf72ff906a3431e999c1c85d84bdc2a51118fbb0987788f0fbd284cdf56b5b11c0033368da1cdc296fb9c866bef0cc2a2fe52edd975a7c42794536add1ad7ccb5be72b97e258fab72ea164248c6c227eeedc22e390bc56099b08e75101eacbb3ced462f9701f0e1f4633f0481feea2e55abc1faedca4ffc27c02815a36e5042aa3abd37d6bc38890799a5d010aa75835c6011657c4a8e33008b65529a2da5d3ca8e290b13b32aab5afdbb3eb4371507ff575bbb932a9f4eaee6720b40133f8074c74b47e0b03216dcc244fd91d19582357c71c1894ab1b655874946621404c4697c14160c85092c965cf54e4fab6f3ed7d8f1c2ee1b2a2f313704dc1f041654c35aa120828c57c2aada047e6c8d51051b41ef56289c761bf4827c65953dbd8d3a14231678c1f704a6936bdf6033704ddacf57bcdc83be8cf6439214c237305f257c562013f613fe18ad47bbf797791efef36b502ba05e665fb5c91d0d09f2caf3dd5bc74bea55c6989ef73e9253a3b68b225f613ffd2ac70ee76d5b31fb0c2271cda5205fd99adec98a7f3dafeb9ab8fd4b91250a522476a890fa39b08aee4ec42afd0e74d84898e21bca60582c44e053621ecb483d2ab12a042e0341e56f89fe8571bb9dc550e0360b0dafd7fde4135165f7849f80536ee1850b433cc99ab5b79e9846062d78fc2839388939983d84a4573524a79fb3e42c7e7a86e91d81a13309515c3f86e7ccc04c217a752183fc5bc8d0b4d9da1023d5329fb9dba35e95ec3a1eb117946b84c02d5c5fa0f992ef64e6877c206aac5df77821374a430f3ec8987b6c676dd072723466df539689ded850866ffe52c9cab0cc1b2ee67930e5162efc71f37ecef8026c3ba158d93443ec7398655ec4795583c0ebc6955814cfc6ce58dd030dcfb1c2ab7dd93a4ebdbf20d4bb8ea607adc2732cf55c4887a850677ff50f4a89fda760bee342f072a2cd3c9659360a3a48d2596080da7ef4d771dda991b5cd492f2f146908b0023c03b535c0705f75edb178a05e20b11e38309e5e0e9dce40d8095b0887552bfda25cf725c9041490846079878d8bc2b6df6bf802cd5258e7c23b1ee1d7ad3ebe0e2580f88eb4e476dec586a34247619db4b1f8c39700c1751be0ece62a20319b713594126e0ba80bc94ab10c1973ce73a5be0c5b790c93f1299732aafcb660e2a971d717ba5b5977818d11a9871075d369fb4d39797108fc56257494b53a77ac477e4c26f575150e799ab37a7ec1d0df06666e681f9a112745c91ff8ffa04bfa0595ef9f1e7b3550c18ab5f554b030007aadd32b86f4cf74ba05b67fbad8ece3c196a753d2d020bfa8e04d6d29cbe05cf34d96aa986da5205000e17150af233e22bb62a42d0ac1b2f8103e0681b44aab0e5e8582eae0c03910bc8b032f8bc09cb8e13dd9ef339810755ea1fc02c115a6dbf1212212c778fcd92d428541ede3eefbcfcf6a2188aa86028365131fdaff142d9824066a4a52a9c7bf0b81b0f22f6f71c8135ebb2ba041c87ac261f17d5cfb2636fd22baa401c574c562ea4492ad56a13a6253909da423a51db3b12573af8e744ab4e069168ae06f4e5d5dcaf185a7676647060a3e5ae30c79faa7346f162afadd6a7645b69ca969fe5ae0c6de62ca71f5cb44ff8bba7bd3a3c0982a26ea8f09345e780a7ae29331340cfa6c3403c69a497633a1f6f3224e74b6728ad9cf5614a6bcc64044d3af7e90e2b9a8cb14c981472a1a42fdbc6999b584a25d17347b42e28220fcfa0dcf72b9d2d9845afe9968bd8f5a3e6996c7d6e33fa7f87bd458451958bddefe7e221e1cbf50df55b19859a92db77b58d1b335ab86b3161c6ce8c67d9d68fbe755e3b521a7de2bcfed2b17e2dde486c9b0306b406f59b2620057a0101621fc896c785b238359c71d6b0f482d5cc626cf348625fe4cf07607598cc2994d3fb5e975766ec40f8b5e5431adb3f53343955d8d69b5e5e19f953c8f3a595039ee16dba376d3f95014c765fa97508eefc871edc265f42b0a7454854218887e4"}) [ 1734.850618] Call Trace: [ 1734.851185] dump_stack+0x107/0x167 [ 1734.851952] should_fail.cold+0x5/0xa [ 1734.852788] ? create_object.isra.0+0x3a/0xa20 [ 1734.853716] should_failslab+0x5/0x20 [ 1734.854481] kmem_cache_alloc+0x5b/0x360 [ 1734.855480] ? mark_held_locks+0x9e/0xe0 [ 1734.856329] create_object.isra.0+0x3a/0xa20 [ 1734.857220] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1734.858270] kmem_cache_alloc_bulk+0x168/0x320 [ 1734.859203] io_submit_sqes+0x707f/0x86a0 [ 1734.860120] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1734.861150] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1734.862271] ? lock_downgrade+0x6d0/0x6d0 [ 1734.863332] ? find_held_lock+0x2c/0x110 ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000002480)={0x0, 0x0, "7ce145fb7781747bacefdb6f76471a1128113da03440be4d03cc3f6c46bba43635289893211f4c79de63ff21edc8eacbfa52b3cfcfde0d6d69390a0771e46913d545bcd00b60e6b820c2e4cd8eb5488544110fe412b80fb38ff9309f58ae7040c28e805fb98b08425e479bad81aa9c67763399d5b1a74a1a014bd172735edc22aee7dbaef85e68bc54f9a5855520d80a73d02a7ce75ae644442c4f1a2214a5bf1841133ca810ccf0011cfc02b23c3c03bf631b1b4668da1652f689158ada58a758316a3cc13b2c75a3d513316ace9f2f5976fd3566f8a7e93e3caef13ea8268e8efcdf743e00badf0b813fa55ec2eb6803ef2988d7210b0570ee31005ed68e05", "fe7529efea1957172d9bb5e594cf870ad0a56bc378881e81e6388ca6e819924703fd64ff6c5d6daf6d5789883469adb65bdfc281c4d65d11b17652da4ab8103c724c993a37b2f7fc183538340d47a43e25f5fef03647ddf1d20b05f1cbd897d8164e8ef70de3a25868b1cf3ed767e1e0a56b6a6b30e6785281f5a3e10755392104b827bb489da653c857e988b14ff4d79c3f7ff5dac621c5359b254eebcff8f6a240f8b4b29db032f1bd3f515c81747fbb79bb0bdf7f01d7e27ddbe6f1076a5055bc3026ba1c2e71daf647c3ebd75e9d537df2807ec380aaa618760f21ae3d5e3514e368eee8da52567c137ed1b1bb23090b96bfcb202b940a1843239c5176fc463ec8b8b3aa1844a7cfe7b07412aaec18982946334ebf11c7e793feb5081c7ce04ecc1643fd4265e5b5b5682980e50be530ab698ca239114951a6b38357a8f542fc98eb2972ad29f01d8c2e5d24bbeae269cb74b969d5d8bd4f0f16b1ef8d9fb6a769799c26234c671a26171add15380d570cdbfada220f9e24550574ff007401c5b7e34994e6993f49df6edb590908f1e3c6942582a7aec5acc1fc5ef60bc5e2fc2537159cabef53ebe3ab92fcdfdc095a50ab43abce4f8a9f2d8013eb01d4384781fd6a261aaf588c1a425c25a13f01fd074b2805eea0e539d36a71d3b30d96b1e6afd5776905ffc7f08182f1d9b94690fa27ac1a37f5756a22d39713c5f8cc1ad886c0e81d2e46475447e3ff6c9243af18df0ba9332dce81288f08a67ce7ae54c49eea0862f17c9587c3572b0552e3d9f5b5557fac34a38ddb44f7255f5a49e6ea8b750ee1de6f0c3d0fb6728131cd64079e5c18a4ad87c6ac916b9880b9600b59b68e108103747235a4e538f95d45216ae102baa80984f3c00e30ac2518367156783968898f6727ac8a6f21b55c54c4467cb9a6a5971092242a27eb957b558a1efe471c7ec0e3fde1cf44023531bae1ec5c7ff28d7efa59ddaf832ad5f52b98515e8ee504370159de04e8f4cba73fa3b2b2e4e2799ca4fb6d21989646a5f829b84fe8ce59b6f8cfc185b966aa4f4c15a6c176f73d9ea02515db517be87cfa3e44acc55d4c28b3b5bc7f540c9380728726b706c2bfffac212d464e4d50c24f73d6d3fc391b0e24164513676743cf65a1d542626ab30909f3a4a971958a3b67c742e39d30d202b1b70cadf5b3496965e0a5b6aca1a2ebf7b32fd9612d6fc870961dba48745c4c7d6f7621a41685995189528c054d2248eb0770eaad02b5daac1138adde45208dbe3a5ce98f16b80a49e1dbe31a7379d3e00eda2fe21817f859edaf70ef67cf96b59cc0824ee3d678e520ffd7681df53b10f31392bed1a2ebd9235b8983a23ff5982071f78c9962e24c37744c38b1f5a25b575e5204e869cd6df786fb46ca7cb8e6836a497aa19e3789bfbeddd18f7c1e63bacc207cc52b8d4c724dbc5d22e6918a84d0a8d83058f1d64aea875893add6c8e035cf6a56e0ccc8f48490de2072188cc6648a6bef8d52bf57befed9eada0147f880b7e61a74d9814c50aabacb70b3d0f974279a4b4ed0cb62eeeffed425486dd48ba3c0baab15833d66669fc9cfe9324bfa13d9cdc0b277887628647ca22bcea5ff7fc721fe34ee16283c95683e9fde72cac816b25498b3a1c78d2d8a7ac41b997e530fee7001f0336c50f2fb51e9df1d1d91a26349e55c618b0b899415575c612e2c1bcf9c37843ed78de8e92069ad4598f9cbb72fe70d43055e442babc3e9592fa2a4b1b29854a3b0aeb5c2405cca08e2ce73b944bd91b37340a1eb618d4a0bad9235101df3c2a7bd05fa5050601b44891022b1f7e56e39cecdafeba0e0eb683354d2ad26838a28a9796c5ccaaf30a6e41dc436fd1f6f7aa6687358bc1613fae7fc20b295867b78a6a7cc32a0d3d0097d3a1d9169c0ef280dc7a1f86a11d9e6d4c5a282c7490f0f0fb34c4afdd8fd2953e0af533a1e9daaf56c285fc87c0a609249602a900f264d5c7262808ac64113b866e60af164d5c3598aa749714892821b3c5da0edbb5ff58564bdff8d2b7c274773075957d5e196ea18f195e7499d0ff77fbf112bb97b791cd480e6e092c7d382d343a068eec1d7cadddb0a310b701e2f45fb8091dbf945f1e3a364b96afe4543beb85cbcfb7a2f87cb212e95216aa438c4e68ab29eaa412462a8718117290b8dfc750b880214c17e2523ef8b60532fd748e2c49cd109c9c2526feee139015d5fc0ed349072bafe75e12a62ff26068ff8e8062d036a16f676ec32f010a39a7e43629ebfea1e45395678364951048d9c29f900491eb6333de56be9888af495a98eadf5fb749e93f9966747f921c5b932f9be368f200312213ad48d9b7755426eebfe38ed7c4f67e54b355d3d81d1bfc1cb9f805ae373b0266e145517fc424106aab688ac71b91d4ee48339e347fbff07cb072db36fdb1348fc89e2c17e1a959822d14c7fc3a342f2a280502211af37c65249f542d45605e91360451aa90f7e3be645f85019457dc0d21e6e1d29d4047c9953ad285ead2fe6807ac77318753e8836db28306f0fff354cadf6bec9de785837a8cc12420c41eb4f670e445839a6eb28a2ff11aca9140e27067d1bb2ca9330ff0471a0cde4166bad2aa46bbec92fe95d6ba24bea951e8a3718d8947d5bae48107872bcb2acc5023f50c887a96d4817ad4babf72e8cef010a94578a68755cc8fe605b1c7efec63c7303c412a9516c9e50bef434af8f7db88aae2c4ab18b502a6b0cb0cd73f7c80e8c1867fd1052da3dfce930ea1ad39bbeed100cc028d62816cc4d384ff580c82d0231ce36bc442553e77b5b68d10c8508b525e9ab3e897b27e183fbdc8feaf09e650501dbe953c3f02c3953e6a6aa1a5e73bba9b7623c929a7844e6e50c783b0224901efc48a5fc4bf0a0ad04fe404319ff720fafbcb5853607f5ec53eaeb891b0acd94d75090b2fb2b7b49340003e30bc82a724050c957d631232391eda6ee06f2cb6b3685b00fd6efb7602d9b47149e37ce58398c296e68ae43f655e995d643eddf895aaba7673b458684fbbfc76d4428623f54e8fd9c205f8f1047c83756b1537a8338c369d2bc89ec95eb8e39fd3b1e9e65c438b0e0648656ecf89fc685f3a5bd9e3ded4c09938d0acb9aebb9301e86c362b9029dee0337fc324ea04d108129d79896b4be80b6c3c248adee897a5e94492beffc75771f121d0b7b6ce42ec0dd42c0600081f866261970772cf6cf3bd3c24282ada8158e8fac93375a57d08872c9d3a6f9a3423d5100f0579e2ac720865e7466f848acc7531e531ce011883fa3e1348dc9514da7085475b0f62cde2b9c5af0a5878856054420bd1d8b05edf76c0e441c50cf043e1c29743cd66a66c12461e8940b892da92a9ce0bfdbcb2e9418fe4271afcbb1a443d6746664e8cb23f1e49d533824ff9ee41198c70800b2bcab36a7988e8ee9c4c25fa1bcf0dd467eb8d1953502569ad2c0fa8c62d0a5a4ab66c209238d68993dd029a1d78dbe50bc0b7d511c989b951a0c00c67e47b1bb6f6e4f4a0c264ab59b4fe2f461db8f4f1b158161010c11877e171fdec7acb5c6ed61595cd4406813c7dd0652ba0be99cb86e098c72ec50ab6372d6e7e46ff5045b543bc052d487e61177c096ae0af615be987f8afc7c22ba0f8a8950e6d76757c951549430ab1e9c9343af872529661a3e648d8d721644792f2a0431049ae7cb43319d36d9f84a79823e980763c8a66461b315c5a658e2697c82020e80b5126d8b52435d313907d51d4ad7a1dfff1ee52e0627adff273401b99a2f2a5e51ed04d5f085bbeee3eb202b1a2e4699caeb0c7be71e77f761e6641ae8e6f08e62dfe4384923071be6122d8989212828aae443dc7abffc954dfbd04781c77e8b6c63013d9c95d8fdc300d7daa090fb8545b4f5e3d2aea43209c36a142b5f29bd993241a39598b9246adfce106aac0a6d00a9f1e58bc61d958421cd9a1ec9fff18091dd42750d4679bef5e4396d3e71d29d9f138b1eb6f5c2f0c38b1d0eaa0f37fc1b773f9531163ebafdd97ed2d3373e7052c5ec137d4391a6223daeb14e2bf3095727f78025ee8df30fab9f489b7c5efb6a239f06731fe3820dd9092fd1d061bb982fd62b86bcbe4a9b1fba7d735aadaa7c32f3e9c6a9567ae5cf283b9ef481f0885e89103ab5775175dc0a0e10e0218b2f19a02fe02a437739f0654cd74cd29eb8e378892b3ac7c6652481435c22c7f8c9a0099932b813a513bb58256ae003f3d8795bdabc30ac60ffa0131ef52de3743786f2213ae81022c39ebcec38570386f771a11a794632c1f3882d73cc1c1a9bdfb0f9752bcebc7b05b18e0bf70fdb13a55457a795eaabfd1e5e9ec4c0a18cafd14de9c0c729df15540ff13934bcb984590f81db69c21c0da55fdbff020bebc74b368cc0f6322250417bf09db09ae3f3364027456f5184f9baea1bb5030836dca61096010d97dade9f721e763080eb5300c577dbc6c6f46b681f51c9c67fdb57d056c756b58239e004aaaa44cd5a3215014684477df65574167912d7c2c31de80ac6c3169dadccbccaa4070e40147b0856734a3d66ba238df0bc2efe533b14780319968e4ed292aa30e2a78352ddd8d96554f24cf763f11b7a30062fc649e022d8067f8388bc57e062b83a4348547fd0780c7777dd29cbfc42eeb9ea32d122ef927358bf9271a719260d7113645a7ff97f17f91d7d46b4cea98f3bb0331fb9bf5681ce16a42a37a6cd65e065434b0df0b00eea7e98c5eddfed2eb08134ba016d793de2307f9cccdf78b98a3b29c0a41d08efcb25791b9d011e52e69da71e9b8de41bcbee6304d6a5c75508e5b4f489c7bae886a3478756cfc3d8e05ce8031e8b668ce42ed089b6b8f7852dfbd9fd7bf6ce10ebf96cf43c36b9827c7e7c0cca84daed59018b0f9d77b1c42a6103b6cd750f0247e8042aa0db676aeda28a9e10e52cf679be5d493c3167faeb00ceb5f6aca7d9441d4a0d1c2dcaeb5f1bdd0087540c593eb8f64dddd7eaa36ca424483a68806216ba38ff0dcdbd6cc74a2369dfafea183c57a220a005eca73a90360470dad20afd84f959380d3ea751ce362b53489a88b02bd590ecc88a01b4a59037129239b25c8b46508a3647e183d69326bf4577a3302467a8e7b07ea91be9d93740f9df1b585c76b25dbf68a52d5758435b83cd0164f7f43596a2b2ad5dddac833140e23cc361d90e01f4046519c98641a35a15a3a84dcd279caadfb4111518a187779be8674ef0ec965c17d2853006c4c4c72d5bd0e22b8f447eb2aa202d195fff00c40233c8520f085762cc7a2d6939927486a503547fde093f4d85e11d2376f211aba3d1408451b4a450b8c3b180aa0dc6036f30f99f84ee21d875302d750f15899a90a0bcaf4bc1f450fd7b2f684130452f"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0xd000943e, &(0x7f0000052c40)={0x0, 0x0, "1375967f605cca6410f85e99508c79bda5f5713f971e4253e9e2cae0922074dc9b83320163cfb6f49bd3c960983b39b2c2cbef81fb3c9544d69081a0e862879d7a3f0342cc1ac1ab60ab4f611ece837218114eb7485c75db225dd4049482fbfc709c6fbbfc25534f2e1663f032bd5eb1fd4067767781c3f3d7e80db3db8ee826fa67eeff37d38e87a5ed7797e3317bdd6577edad7781c5e19488c2242f94d9ba3d03a1c672783f1849c291aae851a89a97ed110dfeb5f77f6d2280f96c991e24000d20351d4943ab0680c44447ab14debd4173b46f1d99e199936957c3e7799db4b8aef8bc36b28519808c53504fd916d4112448db8ae9e272a23ce7ebd7d70a", "5f557f9ed10d507b44ce17bca9daf916deb5b70e9e0a6c6d2411897ad8a7ee48c5c765f7bbfa346a6d62f04e4b29a105e0b2c0e1e74af65081c58df1a4b82c89a5f707e3c016a28bfa898a5c91937d182dd3d6c2fbd62ef2b6da3da8ce54e6a69a32dca0f414c2ad4b4b890aa61aafb659636f4e24edee5d2cdb2150903f5b819b633760f5fe77eae34843a3ce1e9103b6565a7daae5aff2f7cb4cfefcfb334a84150ce0062c28b27a68bc6f27404c3a68e44042f2320391e422959189afa1ee0b1147d073786a762d2645d722bef0d2199722ed666fc65e39a4cd8a8500116af7b7e952d5dd70ba8aaf152198d591792e73c0fa5e8d0efa85e9c288e9acaf091d9f54ee04a092f6119a18192df24d268fcc731467eb2bb9e3e6b60946b2f3615a27739a6b46f2ec7a7cce8903dd48379af392321fa9587fe431f10783c17955f0fdc1ed2fb1cb3a5fb221a0c9a2e573d803176dc8a2488945a2c2846f072afc788a9d3ad3f335c7434253fb4dc4c6263eb8742f89d7dea2406cc066a62a4cb019281a64eaf8b64ff56715d3135c2fdd7dd8f97c37858018d345cfe01e0d21d3cfd11705de56351110c64ebe170e49ea92e18be70363002d46fd63b9e0c4b008378e378f710895f3c3a281468ec91618668cd53aa75b861e51bc0f6cd18aadf00aed26a99354e75e426a1faaf0fcedbee1797ccae75d9f94e91f89d05e9c7758eca7b2d944211fb9e3d7925d20d6bdbc07d396d45c26208b62abb93c1a3b138343d80f1f1ae8af6f008efa95c78726a7d078c05433feaf4aaf62f66b3ebc8c40f4d0a5184ca035accf330b08dc94e6c2307ae7a360d1eeb32637892b0fc98245c857a1e97a181e8c575d5e6c5e691d08b230993b44406159d8cdbd2ca23b0c8beea3b0302abe414b0430ba0b8f47302d62da0a01aee14838148359ba8c3fe6d4d585bbba92da117aa15da260749b264fa6a69412dc0d48ebeb4e6e1c12feb4e31c6e817ffcc5114c78d0070ad38f7a0a6ba6dd5c7c6066c2cfe5f31186ea4bb17b9dedca391f466967945fdd8a628d6346646bd08f4346df298e691ba5234672d4ee5a83f70f101afca68fb111abd6e03c2ceaa40b48b203dc79681b0cc1c5c8ce4fa30a4cc69d4eb2a882dcfa0b0d2d1b65c6768fe146e913ce187f95d9f11d5eb9ca9531a3b83afac5838e41cf35bbb4b4cb04a65b9bbb9692bcf4b48b9e04618569eb43f2c8ff4e3e51b71e5def11113c6b09d4a5d101720e67a41e51ca772f25ca0482372cdbd6a757c109eb73a67f81d6d0da833e257df5383ecd099d202a24c739b37a1ba7eb3624225c72b3bed7edf2835cda63561c64e211689e989fd944e0670612d48c2e3f49bce0d824f29c919e0b56db6851b83936ae3420409432850ac75433af5c2ae4b9066eb5c7c9897419244fb93719af36757debac365d355e694a26c55457a5784d8029ee0dd8545fd65de6f83c5717605f6f75c1b30e6f74bb5bada13c76a65ebff7e522d92b55a3894b66d3e5ee0ac1145466a7fb171b410f5aca763f89543378087b8398d397db84b1f3d138a2598496e22bb9272162678d1025c6157e9228f0ddcb7248a5d7f859c512647d2bab077a6bf331e033ea205b86f18415d2906da42f2c45f89aeff079fd033282dc3ecc13957d962c6777259a22710f300d5988fd14d3b4cccd9b12c7280ba12e41df756134ebdeb77c1578d66d9c7b67bbb47bd1407a85a74acf738025a8676bad59ec6becf7ed6413964dc2c9ca98266c817345c6f5654da36e3d87b9a99c6cc3df839e464654899c4e452facff6033d9765197e91911fcdd03c97145576fb040a51495607eded22a47d5dfd222f744b5271f6a32fef0cb1fb54cd037bb13640c5b997046e131d455c9426dc26aac3c4c826a9f9fb7f40b417c86119f9d11566918bd4f1e2bc2f66dc1f15e7bc103eb3548e835a78d029a644e4c0c9959d7c9f1f7fb43fc9f903b16f57a03a68cafb230d32de47576015ffb98b197eb67386e29a0a8ec39081e635754ba85aba1bb6c7ca2c15b5465b351e01b4329407e0ccbc6a0167db29f71b82e5305fd0b1ad4a17d80302d8091dbf0c8b98182ab126e7cd9ca1b20ef9245fdd76f9a78035dd4434255b0ad75d76a94e3946c1e9c4c08bea462b9b112d0928678c736773a34c44457fa04a6fbb8fa12618a40c98c8663b7503e5963ff88b1b0d622e43178572bfbdf7feed07638a3d16fbbe5e136ad8a49fdee5ecd9e533e84fea4c014256b6a708ef014a0defba9fa5dcae367bd7ca2c5eb83f8e88a4bed5141a0e5d03864f268fce1653e780d399a4acc974e4573fe5a0295a757ab69401009d809a8b93a954e7050b7f2291f78bc90b97ec66979719dbdf2e7824b1c71197a3ca80b6161a7c2c25c19b168bda1f2fa33d86c787cda5ec60138a3860e8cd4b448a9534e07938b5eee90f34824e8178f26acca0f6f98ff4c85fa9c20b2710edbe91507733028400d466e4b4c358be0edc7e9987b35dfb1810f68462b0b03d10c082f8f8fac7c16182d60ce84c79c60218a8f5e83dc620624cc5c3892d9707727d960ae6507ed1e6ccc0f99de8430fc8049a209d9dfc3d954cbeadac8639db667bd7dafabced4f7ca703425c204a0e2f23c2c79bdc2d72e50128f5ae632854649a3f98f661db07b3c3d1ae1019b47cb550a112b27a715320e1076c5bd56df63e21fab6a713db8b38221ffda569b345fc555a94163cd9ea1a909c0fed35af3ce86d327413016b5be20289186393f28b395004e48a873b810da80ab37dd2bb30eb3eb92542e7c670fa6af36e03188a8f122015442ac26d1858259328d92d860ff0c0a295257bf22c8d27a69701321116da78c80006eac9e51e1b633a8546b99e335a74d943a37a25c53436abdabde5de4ed4f326f0e9b7743b62eaa126df67fcab326889a78577ddf8655f9dcc96dca3830a85c0cc1d384c7e987ecff2c2382076c1bc1a667ae23062e057960b232f8814bd4db19fbb48c7959842247f5558a19a928b367ae82072e2854b98b13e144e6d08a6c8516c9d500b995a0196ab34c1ded393c898353a2f4b2fce1ecfe60284f1ec801e217fb86b5a2e0ee9e2d951f3304866acfacce3d2d92bea99efa7d555198693ae4bdd2dba14118101bd2279169547ad186ac9bdcb4f23fbe244516c6fddb4b3ad7c82cd66aa54e07e2497198b1c92ca90e7c427441d53a4c5bac0b95f0b88ad093ccc95cdfbab9fcb48d853a8baa5098e262166e61aefa679c66f55d93160d14c6101495695d8ce7f1cb38b3112c96a28076a126d6314722f237560d0ff160f198091056c96481f11a8e3b7ca52245afcf3ce914910e58d33934b7046fcf55b33ddb475fa515964ba46bb504048a7a636bc578caa4a6ba52a70e91b5aca43886364310882bfb858c4b6483586bc03038d28c04e841cdc92f7e9e9ab0cd6790431569472df7c09dd7a9509c178f0c9c77adb0ecf35126d605b1a2ce77126f31ff279184fd8e3f221990d07fc39ef492f9a1026d4e18de5cfa12b719f3e67466a6f82dc2ceeac469057b7b2579a81d87b5ab1480df588ba5285d7d7ed15e07736d0ddb1be31d4a953920b69fd91bc4e0cc01a982877d084c4036f3b539d08cf89841561a2648e15a3245c71904117fa862424278243c18946c18797429d61281d94fa64827a93064d4b5cb975519191ab348572bd92843cef2043ca0a82332a3461e7cdb3bf547420127a5cd9a39171ce9ed747ea3b2e98054f782c89af253bcea71063dbc81d351ccc09d8e5b69d32cd3ff8ec0f00f80f56156b92fbc88141c3df9a511ccd2c9b9c85ca220a11ce82936aac48d4d5bfd39fd89dc481d6263e8b673613d654dd5491efb062de7213b2298aeaa98b226e2f8ad2c71156693296017106bd76e08ae7f7564c50437e120b0ef294cd0b780e7a55504dca37498701e69cda79a3682397a4456f29db1d6e471421adb194876dcf434339d0cf07285fec489d48524c9951867125d851f8d4a5d7e45dc32ce18889f7e775b8d16df5cb97f2a6e18e2ca8a1f76b58a1225f302bc8f56911a89fce47cc080c161880ea4e9ae7f11b40b94e240827f89772c5373cb86a834ea3ce9f0afde671d0261b1472be2fa020ae7013fd0711f2f35dac789f63c61132d13edc8f5430416aa9d4cc9c4c5dc10e48a5591720ff09235d5decec4ec79e2baa2da2a9cf3fc13a69070719b6612f1233263f248dd693fe04ca7ddc7537cec2be20c0728f02c8cbbd98c5ac159dbbe33c4aeab6f4412b0ca8126c46132a41453193bd1ddfd14ff76d19f7163c6597079c8771dbe4fa6a0f3338135e7cc1aba9aeb5d593f2be6246aaf2007e499d49ed8a88898f58505b261aae5047ea0c7f7229e0225902a1f2c506c93f3f056ac07aa1d93828e1bf99dd5353466126494ab4e716e6fb27df4345b712d6670c96b717538d4921d9c76209a7c4cee71ea5802993113e022767634c247b84b0b0cdcc35b331d4323f4a6802114e059a96d25732646ff95abe8ea93580bed486245e3a93ad743529cab0f9b6bc4b6677c0d1c08e90dcd2383764c903b58088215e268551db0ea1d2bc498caaedfa78d5b89db9095d61be3463f6032dad2a064c7395ab9a8adb55dd4e88dbae824acb82dc1e89caf4345a30cc6fd416c539543025ad8b5e025e2f59939a035a192bac8a80e8ae7bed5c5b11b482befbd56966aeb5b2d581fe8c1a6773a31140c8bea439f92436c51ff8a804622f71a19f5d4451b8e0b9f652a4c829bf4f02363318c44e31aa37dbe2b0438d792f79d116ea653cfe00b2fe2d0abe8b3097091e531569fa98aa585baeb15c9c7513a83100d024bb3fabedd2662c72c4834d3fb54509116ca50e90e9174bbbdc19b50339700719ad9d4dc3e56f0d01f0c6172fdb94b0ea9d7b8d7fe3237bbc0121c6c70247a699f16fc1fd1147df00ea50200c3bd8eccd308be17539107a099fb92e19a2c6026d270558be5779716ec54666f960ca15b96a1294c88cd9575aba0d8ff385735ee717d09d1cc2604d4b7b3fd5832174b2159307c3d9358bb4f7fe8964d46c51203552ebb00ae1921c80e8e84870b3b65335ebe6847593a2befe996a3c6eded98e5ac9d7b51763100aafac458d2c19b40b93578c0a35eb8a1fb2a80aff466f502a3ef0a3c8b1c453649c3877e32ebd093a48e1fea9aa61a3f29ea149a2eda4105393a387d297e2d42840a4ecc049b2ef51180ec7af2e17b2987575767602468e743826d7758942c24f64ad8bb382569cc6683fe6e7f2bafc460839d0095ce6ee7b27e73422a4c3707cad95d893c07ed7168da8a6efeb802285e12841b37c30a76dad8e0e4817286ae4ac38da21302af0cbad04095c9b12b772dc1d43ffac7a2fae9be"}) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r7, 0x0, 0x0) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$binfmt_elf64(r8, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r8, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) [ 1734.864323] ? io_submit_sqes+0x86a0/0x86a0 [ 1734.865373] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1734.866354] ? wait_for_completion_io+0x270/0x270 [ 1734.867329] ? rcu_read_lock_any_held+0x75/0xa0 [ 1734.868273] ? vfs_write+0x354/0xa30 [ 1734.869028] ? fput_many+0x2f/0x1a0 [ 1734.869760] ? ksys_write+0x1a9/0x260 [ 1734.870536] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1734.871604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1734.872677] do_syscall_64+0x33/0x40 [ 1734.873551] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1734.874676] RIP: 0033:0x7fb90a2beb19 [ 1734.875487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1734.879295] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000580)={r10, r9, "66811f68e0c440bba4bcf609493241b2512dbb6769ef1fdb2121944155c56ea8b443729c72bc47cf6386f73b7ce88432ac6f99b63a93b89e7443b46a773671dded77dc24ba79debef1df5ffcd9e2222930e25f8b7e1873aae1853d7d55b7b3b64a43657809e8ea816519bc0c7323593b9e24a473e537db27b2a3ba9b30d958d7ff8d4867d47df99ca9958a196ce0c3c2c20e2a72af42aafe94c107a043d58527121953dfabf2d3ba6f3e7b2f09c47a4a55c3f5a3e68724037035d781567270a828be9bbe626a85ac9fe77bfa461f8903fcd4986a3dcc6fa6ec88fc174630b23dd02e9d99aa7daf6f8a7d6c4a01ad17f50051be284800", "53e73264eba58c5de5d2384abbe8dd8ea72be01bfcd6daa041050a23a5ec27d5dcf0aed87f9bcc869c6ebf1c3630de884b54dd6680e1dea34f661675f984828459321f42fb83d749067850004e9da3375748fa74a4330a66e3ea1e62f2f6413aef353e78ed2acf544d3beb96eefde8336ba9c02208396979ec975179883dacee433aefb6ff1cd41b6438d2f32e0763cdc310e834afb6b92ba385e602882f705da688e37726aef9cc058a02dab68133c46f77e2355193c18fc3c0d70c5856ca61d344026973f15aa81b370a08537ef3733f3c6e5ca3c7b5de9386956019ec0bba0cd387dd3f63606989591987a9dfb27d9225a164158997325d0ef88eae9e1fc00645611ce229cf3e40de15b3798048876412e5224b27b51f15785fc3f6dd8af730312e558319274b8ada98580edfb7097b11502fce5a5abc504db249764eef116b808513d550660c186ed0f5f4921fb7b6cc0529c1eb72438455c1f667d0bd0b171b89b519612913b0152cd1b420b2a9a4df55199a0ebe110d1fcf5eebb46b91e7ae1c5c95c48038dd738f8cf670c2de9bb3d3a6f092d5738fa7ed3d6a657841bb3bed0dee2895781d82e4e2dc6b51998e88e86ff53f21a4ae8ac780306d35e90eb2dc5a3f3a7d43f5dd7ce3807cb00600f7e8754eabcc815bbef1a5382cd7ca73cc85d53020c051882911aecdf9b0ce7c1bfdfa8d820d5efd4b60bacb7e64d98fac78810f085c51a19b89289772196915c93a0503694ed2af76b6960aecf0f1af22ada485b6ac62befdf35a0916678df405ca99925089cd3812d7b09e3f91f4daa94d464df0725249ede75cc626be7a8ed7cb87c0ed46675ed79618746c44729fe831f1cf4e485815bd9f7cdf455f6437f736858cf3026b18ba39d1bddbf58e9952b7d4b566955b80cc3c058fca3cb7e6c5159c3e7367d09ef3e8881179f51c10baf5cf29c8dcdbebdfa73cda0d9ccf8ab5af9240f88f78633be5d7d91da541cfcc01d59ac4936edf9920b67d19a1a093cfd4e594a8b369da465604212c6af340f0ade89223c631ba2db120ac9cfa9bda5b00358cea4c63d66f2b99dd3d575657609224a8874f12e80025173bfe43d35072e1ca14d097201178a8e27e62d4ecad1833aef65d12690ab97e0a15fd60302d1e7e516c3a9440e8535d0d4615d173607be209fcf2b91227519a808f51bc24197c0d63d0e522cf60427c95fae6e6c4bff0f4adb0902b8746738b1098bcf3a884850b7d18856d5ed07580965a693c8f95654cba9fb33f8c46b01347b074e5709fe982852e0f23e5a83215b3547edca8386bd9ebeda5807f3e6fe9dd1b3030abe916e3b7ba9c0b6130acd60f0c9719b3eb136bc8f3690b3f8e8f0d99f88bc6492024e59be459d5a08eaff70c6be9aa884faf2b69a915e191dd6ad34c75e30a06a714969e7a679756d8a76b1c8524deb5d6c868ef5e216369e6bb5207052fd7e5df3fcf8763ca2bfd9db080558571e851862dcd200491138dfd8e5b285f2e68d5e4968d8259c3df6d28fc5fb636ecc7d3fcb3f4af712c8b1d69f9012b07f7e34d8e5e76708c0a50b75d880b65fff32b4cd092fd1c6b2c36c36bea6a1308144ffc8ef9f6f717fe63dbfdfc0a95fc89ada3cb322a9033c5e72b5bc4cf8aadc1f730955fffde0a2881779e1d61b2874269bf1aec2fd075a1616cd3908edcd912f86a8003f39ad8330cde56d5875d495fa2d0941a07b20502f4211ed029b6546bfc50aa2299f8bcf6d524fac760cb74ed195f9cd8f99a027ab4556ccbb486d6a8a0914e654b6add10e68084c6f2e4c66a001bc09de3bf665642833680e4452a21f4686b865ba8e7ed9ac6a5cb932b25aa71a7b1e0146a4cf6390b96bd66fe6f26117b215a1262c8b8fbeed354937d55ca22a8c5927e20a620f4999bd91c0b523188a22efde8809abd90628c9593df695e4e3aad21831ff7db1d39b8839f476342c77cbeb15d12ed034c483c13cde875dc01fd14c1a8ec5529686d957b061f935cb9dbc24a8396cbc705cf7fb9d2169f7e3558ac7869fbd1c43aa9c9399ef0034366833c275000b59870c2ae4f2589c3c0d6b85b74b0a32a04bb5252e1e5201a3d082755a09720377361c5969e67842091fb92b6f7dc38abfb821bd40d0f1040595eb9481e5d28aa25605d87827e0905b350d9fd2750390f5d9025ef6ea30d15f616e932a4559d5c72b873300c8ff0dd44d4df7cd74f4f12f22d2855b2648bb6ecf492cc967cf9c32197c8ba8ec9d1e71aaf612a4dc4bc77aa49d858a6a0086160d0cabc5b31f8873d76cd4106f6a23031e75f6b97ec47a2fd26761ede9d980e40432d797da8e6e923d8bae939d925b84b944da98cd262a3009049d6983c2c17ddb1e693a24302b03497906af4323d0c5b2fb58eb6f9f5c256e56ec880e4d90e82ccc4b722e8f506217c9831d59e9de32e8f36163a43bb2ceb5cdcad19632d9d12bc64b2516cc8a28ddfb84f5c77e2aac8e1d45a7f31cae51f9fbc8a6629144518c291f2b5d5e7612d72213936c09653a91978a678eed3c90b9234ed165f581bfd1dd1dcf0c1286c1c3ce6fa77cced6db8c7ab033a565aa05193d6435ac3e45cd9957f0215cf0b45e71627f0b67dd979d04b916ac5317e73787704936f14a07988abfdc676b7a2cc5e2ace9e4a8b6773617c9067a01b984fcac1ad4d254c21c3259953e5c63fd3353cc4cb41b109c24280e7f40e8ee7f4dd232f6f774f37484cc9c7b5a7bcee9a1a9fef639d691592f63986777812c2e922a5ce336a8600856f94fd5eb3773794b252b971035b604d375cbd7ae53a42e0d1245b351bd11c02e0aaaa4ee7734c31be793398ef7a01d80a9f10d1265a3ec1f20bfb7434567b0a3e63a4a31edd15fc92eaee1e765c7dc8937a716e095bb1a6ac9cd63c5ad726c3d9b92d56a0f678a36c3ace4184139f2218f2b579458d94eb2c286e8ec8e098e62b76df1c4c9b5a8ece01172a75aadee376586c4b76de4d7b07c703eb35ffc7be32d78a94b0c8eddba4d4d6ff8712791a53ca61a92416afc7005c83193c4258a05d8a4aae34bc3d770a083df1badc1629659804152a351552c66265197ea63cc0ae3712b38b8b88ab1674ebeafd41211e62fb2bf1036c7865456478470a3e7276f2c60343d2a90b4a2799720f3a602930b656f369f59fbfd991d9c9d74fa0f46f8e7b8a37f78e212b03a9de446ef4f6d44e75f754dab9d5f0314ec30a302ba619b5bb85a474695ceef68a9b6669669387656e19335918d3d8537759b79f5a368b4b603f2891f151b8c828340811f87509f269ef4390e3b2a58fc8167b5ae7413d35d55667cab25636790be0beea3fc242af0d4a3a9c7d663fad6dbea1909ebf24fb38e95e014cc6afa979e83c21f5961a674c50300d9f9cb7e73708c316e66a9417719b3d9ae63e1ce33c437e900830c65825354ee88b17dec89dde804b7dc17203fa18072afa405a3add8a56cffb7fb691fac87c79bc09fb238e797f5a12e19ba70ef8f167ba0f45c46f32169295a5e6d86f566be3ee415b14e846bf358681ec554fa9d92f3573f41656a50b88596337ef766f98c5df83ff4f33185694a63d429e152b9f11c954f08f21b2607445be9d533c32fdb637537e94c4bd05ec69eb031c63cdccaa90ac852b0ce95d13ffa86ee708da2463d3d122dc235d50d92dfb55b49db8d6b6dc15701ec36006f55cbf4bdc45a67dc20874484175801514654a01a553b06817b179f92a9c8c34fe0d66529f6ca7f2b9b3f3724b80b6421448b96fd394a2f027864308f2b5788cd7b5098387cdeae1cb2ed26a4452ca0c5e28ef5c3c384181e9431ae5e0dfc7542a2a6037cb70468ee5787648223dc9c05696b9b28e1b8f78446798aed0f98e0092d32c356608b71d0716810fa247886f59eb360370221e8b2720654c6352da009c4bb0e7855a65d40e458739567c6f23b2c519126e012afa244d8a99733a1d1598b6c59f3ec9062e0c892f99540768bc9fe6bcb163577f05a7c1817b1806d3f766169aa1590fccc26b696a3e5ff5e338fd076f36e9713fd2b284ffd5ccbb68cc45d00249cbacf293908ccd47bfe1ce91329c75750762e91be71ef76ad2dddbea7ba8edaf70bf860a80ea8acc7183532b8f3498b1b2de9538e40b6cbc9b7f88c73b8952abd9c2d832d4d92bd2d00830d37418f33e58de35b49321654c762510b54c216a9f698772ddfe5082c8539e8158f3ea4e5b6fb4ce48dbac281fc20a7aebb5ecb021fede4c9c17e01e7fe5d8bda4e6fc6844a6014551044632654be6c519778ab18e28a67107163fff2ee942d2257d5dbeb3e19d6190ce4f9fc117e1d23f1f317baa0c377ea3b72d49ae28ecba77277a516cae36ba6ee91bcef308871efb5245cd9420bac262f3e91c96645ec5097ee802f0f103e9fcf8de5d809404006c91613e5eac580a05b135844e09e412fc728213a15ef64c035ce57c5c68724242d7f039c9b139609f523b9d8b2e90e3c85367ab09133d8c319b2d70b6d85ae0662b37a280ba8d02f80cb62e49dff9d062f536de074992998f0fe94a4a96310f262f3363d084ff5bf8bd0769a6c1f73a241b962310f21af08a8f7849ad64dfd37f665a3cedc817a788fcce1e739f784d8e336f5b83b6a1cf73225be911355e65945af07fef1190e31080d6b177b716f2244167e6eec76a275b4a3125df0eb196fd4fde958924282b47094497c1ffe0a128d6d9e409c69bb0c20a4fdc19a8b7ec4c4a54afb8746554c2846b2b713a91f678e688493db73e46ea8359357fe93e5f62542ecf874a56d7f7417f18b4fd0327b231ab73ad60d6532e533ccff78926faaab23722516a6525588c8b7fd064d12fe22994a19d20303f0761d4b6b59101884adeee090519df00f79b066bcfabbc92de6e9a6e8bf2fa5fb57d0c8cfa0448c61532f77faab33b25291bdd300a2c64c341c2a5a96a326e1a4216b4723c849ce2b6cd084693d0792571751a44ba30b80b62b4ff0cefcb5d508b93688abaf3283f8918861b35468ed4a44d4e2db9196531d9ad4d2ed8cd47457732e522289cc8cb3e45ac065075394826abcdf9787d8f0a89e79e3a053df27007f3316459cc7acb571486fae3e81238c8a329cfc2f2655bd349b29856babab75908b7d07657ffaa6e02981772e328465c2a82871fc1bc63ddbf12e2b124ace7a646e1412f95d04346e4ad5580e4de7a0b5c9deaf8e4449e222504a3d08825d30e745b7e875783cc8127f628c158e39333f07d6b1a14570b0632e1defa0803dbf8d6f987ffd3ac29243facf91ae4fdff11ea015b95df174438984598dea0ff3e820f973a987c6fa69a31fc6e5ba4920e6d7db43fa0cc6765351d781259d05caac19ee5d01d14101e369a567fc67dce565c42c1b16ab3c38a34bff78d64c7df1de4"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r8, 0xd000943e, &(0x7f00000002c0)={r10, 0x0, "646ce00ecdbabc0754b6d058cdb0d428d50d766e25f47cec2f85aeadceee847e2e9d6a648c17eddffd8e823f972c3c55467f7ab1310434416c39522840476bc652ffde91836456c4244a87b8fc194568a364a018954fb11def8c770e5deff3a0a982393467990d848f6910467bcc32aca63230b575595d958dfa936e509b9b01c3ac2433910161b87a41c425d923ab2aef1e0c2fe19e44d0eeb4e23a6bcbe46c3bd99609db28d19ba38c52b24875d29443f50528f5b3090ec90613ed22c1ce68b389fc7bed3d8d9d5119007334f58a3bc01dfcb2c414675be379b6e8873a14f23fb3f22baf4a081ef9eec768db6b8a67ed8722b5b58e5082b3a658f92b44a6f5", "21b249fc959deb8676dfc6efc31bff8fd6e61ec2911799277237ba81b9cc06cbd398ce995adaeb00c7b1bd81c17adb23fb677f80230973912a73aea9aeb5ca640ceb43d81b37f1bb29d73c2c1f5e01c03a0b333db3a3907ac94ce6fa10819a210101009fea7f41650a5992aea0e8f1fc1d5e6e8d0587e522a9840c1e331c3dc2a31f5d7711580b12b1f5f98a0c04cb93ac1e41c2144db18532a89262c26a43eda2468330c63cacaf1abde481afc3b144fd7ccc0eba32a27b756de09481a98f5a372d0c0c2ff8e28d2d71f23b9645d8df75e52b2a2b328af7611fd964f39fae3e2e0cf95bb8bc778cd8ccd0ed47835db5219c3f1fe4a64f32b4e10e7518ea638f79567b8980576cc3475e701fec916f8fcac3ec25c58017f9f6aa7d29686a0d06e3c4ecdd19f71b3c9db8048b87b9526f0e13a1d84e5b32c407a6c0e40605d007b7d8384d6effe14cdc3a1fc06637cdb2079a598feecd31913bb397b1908c3e0f8df5c83a916a73e9477a200fcf1ef70847f57dedce702eef33f8de11dc3e535689354b4e8a930a25b9d5c06264b297eff3a7549fe34bab3353f861c0dd0ce35c17107506e65fd46a814ceefb06260b5b83f1f8a02053b3ba0d09b1842b31fde5ac9689509e2442e9f7429f8c3ab4da44cf908aa199298b51dec80cf3ff436a0c717747e3a56df6afd185ca045312acde20cd50c94a6d9eb1f8a4b13d2920196690496edbc270f9017b2ab4a2b90df08c852d5f8a52866a5ae5082cd8d2758deb7c07508a76df818b2deb34b9ea8566bfcaf72c47c192ae03c4d8cdf7cb3aac7d1e581bc0d13d239aa0723028d28d2785bd4529ba001558db7720e014274d0cee655096ef2dda54a87102a25acd901c14f6abb759522a92e62102fbd9dcd5eacaa1158fd7c8ba70f5a0f17a9f8bb7614ebe09b66f58fe253498687e6f172f17a3da36806fd7d506d40b8f25801edecc1e674a4d28a977da9eb66846fe7ca1470c5c8490e22061b8be14a0b8526d1c2e1b431b238fd88446eb6e0460d3a978767d642c079cf9a53c3c47d75319f7cad7162bb3395c3156f2295863e88d6f96ff4e25a4fd1706f61db96fdc256101da6517e25c58280d65ec6e6e5bbe364c486727b991398f83351498cbd744c31eab5503d0a8317cbc01d7e3aa0750285998c495cbc352e403381f87d094c6147b28f0cd1a5e77ff662170d87caee84813361ca1db39cfa9116dd89f39e73fcda696ddd6b251765c6f45d34a52ef2b0bc4da96ffd8e289d0516d672f9e268e83932e44f8de43edde33fa7f779b61d680a45bbf1827f656246e3a4a016eb829e5a7e4e11f3d34c66f3d08674288a241b60d5ced5a133085de931c602118d778161d74aa8e02da715e524f50ebb7f2b19590c072b8508f69ae23e2a9ffc02e66c58640676a25b8ccebe7a5d99035a8973026db27ef26a0b920bb06c17475465eeeb37af282401d451d6abab02ac220615092ffc012ad6cadf74c504ee4b10ee8f9eb268d36b84432d3b80e86f260d8cb430788b8c77b188cd6e9b2b1a868750ba33b0677e4621c8c9c51a2ea172b82d2ef35948f801788393a705f22eb033151a25503c2a1ce3ac321307cc7bea766c0124333825ade02dbed3bf0d1013587a815902b9a60f604294a6300712b086c1d59be3fac6351f903bf1c57951feacc89a80dcce07d5e50b0573ac615c1214fcd5032b3d34670d423f44a91b1d8442bfd0e462970e306cb89d7092502822414b054ec083f4ba492b13a19c344f1dd31923d4df20e31c106fec2ac481742683f9e7ef49de341a0a628a3c1ed7ae4205a29b60ef3f98f3973c9629895a578ddbc45db8ffb874e06d000657f2278c4cb7b72ce6dc11a032ed0fc857b933cbce811e2917162a4f163c0e02b78f54bcdcab4f1c20dde9ee37ab474be2ddcdc090c50027a393a559c89603393926e5b59f451e3d4ca9bab71dd70b1479f5dce9147c1679debbc2a7c3208c9465744149396ec2adebd983753030f7e98ee13d37b0886b002ae55c1662449e92d83828742c0ce809881ae0dc6c2c9f96ae08c2f11ced3149cde2a6dbcb62dfac2c512664ea9601d73e7108a8598e630933a1ddb04c87036c2e9dd2849c6909bdb447155a1a8b298448330001d8e9170e534983be052b3b237990d0b3627172b6dfcf64986fa91244563d6bd2176671565ac2830028762113612fc4d0cbfbe525c7ff9b7bd4f55d3634f398a8928782e52b5d00e2fb77c10038fe0796b93987e1f682593fdeb4fd668d1d8ccc9a930abc8d15186817662e4189e35cdc58333d52fc4ef5052506b3fb6f52cbd95b9ce7e9e4d43991e7a55a276d38aad59de8a68fe98ee417f9f2fba53c478f3e2c064db8255de37756b612f3167765fb26b8fe6684b9fbb3cf11429eb08263a2482b1e63bcf6e9ab3c493beb52d102f254ffc036aca0278324320756aa0a1cc3cf67a4f2a3f8cd10db4697360a7696b688874d36c840b1f118b7086c7ee833e1f4defdbffdbb69c5d0dc60b56832f94511692508c3cc9b825addc5cbf03798a6a87d86f653411b86bd6c7e257f9361c2df5995b5ff75d01742d8570586082e054d748955c81817bdbd200aabf6b8e842e1cdab24816fac1ec6149ba5df69d113a72915a2b678067fb3c89cdcb06b51a6d6fd1d36db54c36a6dc9f18f30b97c407394d966dc46a672e0e9646ceb27c7ac465b934fec1c5086499ed240f37ed8edb2ada10e491d4aa299182c12cb5686957a3a0905478a1ac022a5d243d100559da67df4e144427a9c88df48f63265dc2c384b64479aa2bc78e04a8678950d9820c950044a2c79993bff4aabe6027ca1dff44c0c1a76f542068fade4731f9debc6e78070cc27f578728973c73351cafea6268371d5e8263f85d2c8e5f8d0491f6561a10fc31186bdb86f9c2793bea71364198819b34789a6061ccf33ac96884bcb514262c957dd261c9e464485a3588cba6e47323dacdd723238e6a442df06bab12c08cbfe6e051db149f1380536a01d439519dfe5621b106618d61ce30a1c3d690d485377f96e64ebd08edd62af059a483c68ba915677c27b784e1f996083d06a33c940ce9ced0f5bfe1aaf1b3efb0592174a8fa790924d2967968ea9305813213874f6962a6fe2322640e76c272ddcbdd0d3d0e13039579fa33ccab848fe3f37c91035591bc434942e4a61e3b14fe336197feffdc91081933eeaffd82d91aadde6420431785a7ca8cc92a10aea7599127fe5f6f57613b94783cc1287b5b56d46c134e72edcd1c16bcf0eb438c9e34b645521e7ac734909e1ea66e2c19dcb6ae2cbce8acdac14aa815cb3f54e233d3ec4429e892b0a19de4ed3a6b2b36de73a71996bf72ff906a3431e999c1c85d84bdc2a51118fbb0987788f0fbd284cdf56b5b11c0033368da1cdc296fb9c866bef0cc2a2fe52edd975a7c42794536add1ad7ccb5be72b97e258fab72ea164248c6c227eeedc22e390bc56099b08e75101eacbb3ced462f9701f0e1f4633f0481feea2e55abc1faedca4ffc27c02815a36e5042aa3abd37d6bc38890799a5d010aa75835c6011657c4a8e33008b65529a2da5d3ca8e290b13b32aab5afdbb3eb4371507ff575bbb932a9f4eaee6720b40133f8074c74b47e0b03216dcc244fd91d19582357c71c1894ab1b655874946621404c4697c14160c85092c965cf54e4fab6f3ed7d8f1c2ee1b2a2f313704dc1f041654c35aa120828c57c2aada047e6c8d51051b41ef56289c761bf4827c65953dbd8d3a14231678c1f704a6936bdf6033704ddacf57bcdc83be8cf6439214c237305f257c562013f613fe18ad47bbf797791efef36b502ba05e665fb5c91d0d09f2caf3dd5bc74bea55c6989ef73e9253a3b68b225f613ffd2ac70ee76d5b31fb0c2271cda5205fd99adec98a7f3dafeb9ab8fd4b91250a522476a890fa39b08aee4ec42afd0e74d84898e21bca60582c44e053621ecb483d2ab12a042e0341e56f89fe8571bb9dc550e0360b0dafd7fde4135165f7849f80536ee1850b433cc99ab5b79e9846062d78fc2839388939983d84a4573524a79fb3e42c7e7a86e91d81a13309515c3f86e7ccc04c217a752183fc5bc8d0b4d9da1023d5329fb9dba35e95ec3a1eb117946b84c02d5c5fa0f992ef64e6877c206aac5df77821374a430f3ec8987b6c676dd072723466df539689ded850866ffe52c9cab0cc1b2ee67930e5162efc71f37ecef8026c3ba158d93443ec7398655ec4795583c0ebc6955814cfc6ce58dd030dcfb1c2ab7dd93a4ebdbf20d4bb8ea607adc2732cf55c4887a850677ff50f4a89fda760bee342f072a2cd3c9659360a3a48d2596080da7ef4d771dda991b5cd492f2f146908b0023c03b535c0705f75edb178a05e20b11e38309e5e0e9dce40d8095b0887552bfda25cf725c9041490846079878d8bc2b6df6bf802cd5258e7c23b1ee1d7ad3ebe0e2580f88eb4e476dec586a34247619db4b1f8c39700c1751be0ece62a20319b713594126e0ba80bc94ab10c1973ce73a5be0c5b790c93f1299732aafcb660e2a971d717ba5b5977818d11a9871075d369fb4d39797108fc56257494b53a77ac477e4c26f575150e799ab37a7ec1d0df06666e681f9a112745c91ff8ffa04bfa0595ef9f1e7b3550c18ab5f554b030007aadd32b86f4cf74ba05b67fbad8ece3c196a753d2d020bfa8e04d6d29cbe05cf34d96aa986da5205000e17150af233e22bb62a42d0ac1b2f8103e0681b44aab0e5e8582eae0c03910bc8b032f8bc09cb8e13dd9ef339810755ea1fc02c115a6dbf1212212c778fcd92d428541ede3eefbcfcf6a2188aa86028365131fdaff142d9824066a4a52a9c7bf0b81b0f22f6f71c8135ebb2ba041c87ac261f17d5cfb2636fd22baa401c574c562ea4492ad56a13a6253909da423a51db3b12573af8e744ab4e069168ae06f4e5d5dcaf185a7676647060a3e5ae30c79faa7346f162afadd6a7645b69ca969fe5ae0c6de62ca71f5cb44ff8bba7bd3a3c0982a26ea8f09345e780a7ae29331340cfa6c3403c69a497633a1f6f3224e74b6728ad9cf5614a6bcc64044d3af7e90e2b9a8cb14c981472a1a42fdbc6999b584a25d17347b42e28220fcfa0dcf72b9d2d9845afe9968bd8f5a3e6996c7d6e33fa7f87bd458451958bddefe7e221e1cbf50df55b19859a92db77b58d1b335ab86b3161c6ce8c67d9d68fbe755e3b521a7de2bcfed2b17e2dde486c9b0306b406f59b2620057a0101621fc896c785b238359c71d6b0f482d5cc626cf348625fe4cf07607598cc2994d3fb5e975766ec40f8b5e5431adb3f53343955d8d69b5e5e19f953c8f3a595039ee16dba376d3f95014c765fa97508eefc871edc265f42b0a7454854218887e4"}) [ 1734.881046] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1734.882536] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1734.883984] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1734.885425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1734.886868] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1734.890781] FAULT_INJECTION: forcing a failure. [ 1734.890781] name failslab, interval 1, probability 0, space 0, times 0 [ 1734.893489] CPU: 1 PID: 9676 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1734.894856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1734.896544] Call Trace: [ 1734.897087] dump_stack+0x107/0x167 [ 1734.897837] should_fail.cold+0x5/0xa [ 1734.898612] ? create_object.isra.0+0x3a/0xa20 [ 1734.899540] ? create_object.isra.0+0x3a/0xa20 [ 1734.900472] should_failslab+0x5/0x20 [ 1734.901264] kmem_cache_alloc+0x5b/0x360 [ 1734.902104] create_object.isra.0+0x3a/0xa20 [ 1734.903000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1734.904052] kmem_cache_alloc_bulk+0x168/0x320 [ 1734.904982] io_submit_sqes+0x707f/0x86a0 [ 1734.905860] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1734.906870] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1734.907855] ? lock_downgrade+0x6d0/0x6d0 [ 1734.908696] ? find_held_lock+0x2c/0x110 [ 1734.909523] ? io_submit_sqes+0x86a0/0x86a0 [ 1734.910403] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1734.911368] ? wait_for_completion_io+0x270/0x270 [ 1734.912384] ? rcu_read_lock_any_held+0x75/0xa0 [ 1734.913330] ? vfs_write+0x354/0xa30 [ 1734.914099] ? fput_many+0x2f/0x1a0 [ 1734.914831] ? ksys_write+0x1a9/0x260 [ 1734.915605] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1734.916648] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1734.917706] do_syscall_64+0x33/0x40 [ 1734.918469] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1734.919502] RIP: 0033:0x7faadcd8fb19 [ 1734.920253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 ioctl$BTRFS_IOC_INO_LOOKUP_USER(r7, 0xd000943e, &(0x7f0000002480)={r10, 0x0, "7ce145fb7781747bacefdb6f76471a1128113da03440be4d03cc3f6c46bba43635289893211f4c79de63ff21edc8eacbfa52b3cfcfde0d6d69390a0771e46913d545bcd00b60e6b820c2e4cd8eb5488544110fe412b80fb38ff9309f58ae7040c28e805fb98b08425e479bad81aa9c67763399d5b1a74a1a014bd172735edc22aee7dbaef85e68bc54f9a5855520d80a73d02a7ce75ae644442c4f1a2214a5bf1841133ca810ccf0011cfc02b23c3c03bf631b1b4668da1652f689158ada58a758316a3cc13b2c75a3d513316ace9f2f5976fd3566f8a7e93e3caef13ea8268e8efcdf743e00badf0b813fa55ec2eb6803ef2988d7210b0570ee31005ed68e05", "fe7529efea1957172d9bb5e594cf870ad0a56bc378881e81e6388ca6e819924703fd64ff6c5d6daf6d5789883469adb65bdfc281c4d65d11b17652da4ab8103c724c993a37b2f7fc183538340d47a43e25f5fef03647ddf1d20b05f1cbd897d8164e8ef70de3a25868b1cf3ed767e1e0a56b6a6b30e6785281f5a3e10755392104b827bb489da653c857e988b14ff4d79c3f7ff5dac621c5359b254eebcff8f6a240f8b4b29db032f1bd3f515c81747fbb79bb0bdf7f01d7e27ddbe6f1076a5055bc3026ba1c2e71daf647c3ebd75e9d537df2807ec380aaa618760f21ae3d5e3514e368eee8da52567c137ed1b1bb23090b96bfcb202b940a1843239c5176fc463ec8b8b3aa1844a7cfe7b07412aaec18982946334ebf11c7e793feb5081c7ce04ecc1643fd4265e5b5b5682980e50be530ab698ca239114951a6b38357a8f542fc98eb2972ad29f01d8c2e5d24bbeae269cb74b969d5d8bd4f0f16b1ef8d9fb6a769799c26234c671a26171add15380d570cdbfada220f9e24550574ff007401c5b7e34994e6993f49df6edb590908f1e3c6942582a7aec5acc1fc5ef60bc5e2fc2537159cabef53ebe3ab92fcdfdc095a50ab43abce4f8a9f2d8013eb01d4384781fd6a261aaf588c1a425c25a13f01fd074b2805eea0e539d36a71d3b30d96b1e6afd5776905ffc7f08182f1d9b94690fa27ac1a37f5756a22d39713c5f8cc1ad886c0e81d2e46475447e3ff6c9243af18df0ba9332dce81288f08a67ce7ae54c49eea0862f17c9587c3572b0552e3d9f5b5557fac34a38ddb44f7255f5a49e6ea8b750ee1de6f0c3d0fb6728131cd64079e5c18a4ad87c6ac916b9880b9600b59b68e108103747235a4e538f95d45216ae102baa80984f3c00e30ac2518367156783968898f6727ac8a6f21b55c54c4467cb9a6a5971092242a27eb957b558a1efe471c7ec0e3fde1cf44023531bae1ec5c7ff28d7efa59ddaf832ad5f52b98515e8ee504370159de04e8f4cba73fa3b2b2e4e2799ca4fb6d21989646a5f829b84fe8ce59b6f8cfc185b966aa4f4c15a6c176f73d9ea02515db517be87cfa3e44acc55d4c28b3b5bc7f540c9380728726b706c2bfffac212d464e4d50c24f73d6d3fc391b0e24164513676743cf65a1d542626ab30909f3a4a971958a3b67c742e39d30d202b1b70cadf5b3496965e0a5b6aca1a2ebf7b32fd9612d6fc870961dba48745c4c7d6f7621a41685995189528c054d2248eb0770eaad02b5daac1138adde45208dbe3a5ce98f16b80a49e1dbe31a7379d3e00eda2fe21817f859edaf70ef67cf96b59cc0824ee3d678e520ffd7681df53b10f31392bed1a2ebd9235b8983a23ff5982071f78c9962e24c37744c38b1f5a25b575e5204e869cd6df786fb46ca7cb8e6836a497aa19e3789bfbeddd18f7c1e63bacc207cc52b8d4c724dbc5d22e6918a84d0a8d83058f1d64aea875893add6c8e035cf6a56e0ccc8f48490de2072188cc6648a6bef8d52bf57befed9eada0147f880b7e61a74d9814c50aabacb70b3d0f974279a4b4ed0cb62eeeffed425486dd48ba3c0baab15833d66669fc9cfe9324bfa13d9cdc0b277887628647ca22bcea5ff7fc721fe34ee16283c95683e9fde72cac816b25498b3a1c78d2d8a7ac41b997e530fee7001f0336c50f2fb51e9df1d1d91a26349e55c618b0b899415575c612e2c1bcf9c37843ed78de8e92069ad4598f9cbb72fe70d43055e442babc3e9592fa2a4b1b29854a3b0aeb5c2405cca08e2ce73b944bd91b37340a1eb618d4a0bad9235101df3c2a7bd05fa5050601b44891022b1f7e56e39cecdafeba0e0eb683354d2ad26838a28a9796c5ccaaf30a6e41dc436fd1f6f7aa6687358bc1613fae7fc20b295867b78a6a7cc32a0d3d0097d3a1d9169c0ef280dc7a1f86a11d9e6d4c5a282c7490f0f0fb34c4afdd8fd2953e0af533a1e9daaf56c285fc87c0a609249602a900f264d5c7262808ac64113b866e60af164d5c3598aa749714892821b3c5da0edbb5ff58564bdff8d2b7c274773075957d5e196ea18f195e7499d0ff77fbf112bb97b791cd480e6e092c7d382d343a068eec1d7cadddb0a310b701e2f45fb8091dbf945f1e3a364b96afe4543beb85cbcfb7a2f87cb212e95216aa438c4e68ab29eaa412462a8718117290b8dfc750b880214c17e2523ef8b60532fd748e2c49cd109c9c2526feee139015d5fc0ed349072bafe75e12a62ff26068ff8e8062d036a16f676ec32f010a39a7e43629ebfea1e45395678364951048d9c29f900491eb6333de56be9888af495a98eadf5fb749e93f9966747f921c5b932f9be368f200312213ad48d9b7755426eebfe38ed7c4f67e54b355d3d81d1bfc1cb9f805ae373b0266e145517fc424106aab688ac71b91d4ee48339e347fbff07cb072db36fdb1348fc89e2c17e1a959822d14c7fc3a342f2a280502211af37c65249f542d45605e91360451aa90f7e3be645f85019457dc0d21e6e1d29d4047c9953ad285ead2fe6807ac77318753e8836db28306f0fff354cadf6bec9de785837a8cc12420c41eb4f670e445839a6eb28a2ff11aca9140e27067d1bb2ca9330ff0471a0cde4166bad2aa46bbec92fe95d6ba24bea951e8a3718d8947d5bae48107872bcb2acc5023f50c887a96d4817ad4babf72e8cef010a94578a68755cc8fe605b1c7efec63c7303c412a9516c9e50bef434af8f7db88aae2c4ab18b502a6b0cb0cd73f7c80e8c1867fd1052da3dfce930ea1ad39bbeed100cc028d62816cc4d384ff580c82d0231ce36bc442553e77b5b68d10c8508b525e9ab3e897b27e183fbdc8feaf09e650501dbe953c3f02c3953e6a6aa1a5e73bba9b7623c929a7844e6e50c783b0224901efc48a5fc4bf0a0ad04fe404319ff720fafbcb5853607f5ec53eaeb891b0acd94d75090b2fb2b7b49340003e30bc82a724050c957d631232391eda6ee06f2cb6b3685b00fd6efb7602d9b47149e37ce58398c296e68ae43f655e995d643eddf895aaba7673b458684fbbfc76d4428623f54e8fd9c205f8f1047c83756b1537a8338c369d2bc89ec95eb8e39fd3b1e9e65c438b0e0648656ecf89fc685f3a5bd9e3ded4c09938d0acb9aebb9301e86c362b9029dee0337fc324ea04d108129d79896b4be80b6c3c248adee897a5e94492beffc75771f121d0b7b6ce42ec0dd42c0600081f866261970772cf6cf3bd3c24282ada8158e8fac93375a57d08872c9d3a6f9a3423d5100f0579e2ac720865e7466f848acc7531e531ce011883fa3e1348dc9514da7085475b0f62cde2b9c5af0a5878856054420bd1d8b05edf76c0e441c50cf043e1c29743cd66a66c12461e8940b892da92a9ce0bfdbcb2e9418fe4271afcbb1a443d6746664e8cb23f1e49d533824ff9ee41198c70800b2bcab36a7988e8ee9c4c25fa1bcf0dd467eb8d1953502569ad2c0fa8c62d0a5a4ab66c209238d68993dd029a1d78dbe50bc0b7d511c989b951a0c00c67e47b1bb6f6e4f4a0c264ab59b4fe2f461db8f4f1b158161010c11877e171fdec7acb5c6ed61595cd4406813c7dd0652ba0be99cb86e098c72ec50ab6372d6e7e46ff5045b543bc052d487e61177c096ae0af615be987f8afc7c22ba0f8a8950e6d76757c951549430ab1e9c9343af872529661a3e648d8d721644792f2a0431049ae7cb43319d36d9f84a79823e980763c8a66461b315c5a658e2697c82020e80b5126d8b52435d313907d51d4ad7a1dfff1ee52e0627adff273401b99a2f2a5e51ed04d5f085bbeee3eb202b1a2e4699caeb0c7be71e77f761e6641ae8e6f08e62dfe4384923071be6122d8989212828aae443dc7abffc954dfbd04781c77e8b6c63013d9c95d8fdc300d7daa090fb8545b4f5e3d2aea43209c36a142b5f29bd993241a39598b9246adfce106aac0a6d00a9f1e58bc61d958421cd9a1ec9fff18091dd42750d4679bef5e4396d3e71d29d9f138b1eb6f5c2f0c38b1d0eaa0f37fc1b773f9531163ebafdd97ed2d3373e7052c5ec137d4391a6223daeb14e2bf3095727f78025ee8df30fab9f489b7c5efb6a239f06731fe3820dd9092fd1d061bb982fd62b86bcbe4a9b1fba7d735aadaa7c32f3e9c6a9567ae5cf283b9ef481f0885e89103ab5775175dc0a0e10e0218b2f19a02fe02a437739f0654cd74cd29eb8e378892b3ac7c6652481435c22c7f8c9a0099932b813a513bb58256ae003f3d8795bdabc30ac60ffa0131ef52de3743786f2213ae81022c39ebcec38570386f771a11a794632c1f3882d73cc1c1a9bdfb0f9752bcebc7b05b18e0bf70fdb13a55457a795eaabfd1e5e9ec4c0a18cafd14de9c0c729df15540ff13934bcb984590f81db69c21c0da55fdbff020bebc74b368cc0f6322250417bf09db09ae3f3364027456f5184f9baea1bb5030836dca61096010d97dade9f721e763080eb5300c577dbc6c6f46b681f51c9c67fdb57d056c756b58239e004aaaa44cd5a3215014684477df65574167912d7c2c31de80ac6c3169dadccbccaa4070e40147b0856734a3d66ba238df0bc2efe533b14780319968e4ed292aa30e2a78352ddd8d96554f24cf763f11b7a30062fc649e022d8067f8388bc57e062b83a4348547fd0780c7777dd29cbfc42eeb9ea32d122ef927358bf9271a719260d7113645a7ff97f17f91d7d46b4cea98f3bb0331fb9bf5681ce16a42a37a6cd65e065434b0df0b00eea7e98c5eddfed2eb08134ba016d793de2307f9cccdf78b98a3b29c0a41d08efcb25791b9d011e52e69da71e9b8de41bcbee6304d6a5c75508e5b4f489c7bae886a3478756cfc3d8e05ce8031e8b668ce42ed089b6b8f7852dfbd9fd7bf6ce10ebf96cf43c36b9827c7e7c0cca84daed59018b0f9d77b1c42a6103b6cd750f0247e8042aa0db676aeda28a9e10e52cf679be5d493c3167faeb00ceb5f6aca7d9441d4a0d1c2dcaeb5f1bdd0087540c593eb8f64dddd7eaa36ca424483a68806216ba38ff0dcdbd6cc74a2369dfafea183c57a220a005eca73a90360470dad20afd84f959380d3ea751ce362b53489a88b02bd590ecc88a01b4a59037129239b25c8b46508a3647e183d69326bf4577a3302467a8e7b07ea91be9d93740f9df1b585c76b25dbf68a52d5758435b83cd0164f7f43596a2b2ad5dddac833140e23cc361d90e01f4046519c98641a35a15a3a84dcd279caadfb4111518a187779be8674ef0ec965c17d2853006c4c4c72d5bd0e22b8f447eb2aa202d195fff00c40233c8520f085762cc7a2d6939927486a503547fde093f4d85e11d2376f211aba3d1408451b4a450b8c3b180aa0dc6036f30f99f84ee21d875302d750f15899a90a0bcaf4bc1f450fd7b2f684130452f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000053c40)={0x800, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r10}], 0x1f, "bac24b4343e052"}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1734.923970] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1734.925581] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1734.927009] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1734.928451] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1734.929879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1734.931312] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:42:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x20010, r0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000080)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x3, &(0x7f0000000040), 0x1, 0x1, 0x1, {0x0, r4}}, 0x3) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80080) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x4, 0x5, 0x9, 0x3f, 0x0, 0x401, 0x808, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1f, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x400, 0x323, 0x11, 0xa, 0x3, 0x5, 0x3, 0x0, 0x0, 0x0, 0x101}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x2) [ 1735.028772] FAULT_INJECTION: forcing a failure. [ 1735.028772] name failslab, interval 1, probability 0, space 0, times 0 [ 1735.031250] CPU: 1 PID: 9698 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1735.032656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1735.034392] Call Trace: [ 1735.034953] dump_stack+0x107/0x167 [ 1735.035712] should_fail.cold+0x5/0xa [ 1735.036494] ? percpu_ref_init+0xd8/0x3d0 [ 1735.037369] should_failslab+0x5/0x20 [ 1735.038149] kmem_cache_alloc_trace+0x55/0x360 [ 1735.039087] ? cset_cgroup_from_root+0x2a0/0x2a0 [ 1735.040068] percpu_ref_init+0xd8/0x3d0 [ 1735.040861] cgroup_mkdir+0x28b/0xfc0 [ 1735.041649] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1735.042610] kernfs_iop_mkdir+0x14d/0x1e0 [ 1735.043456] vfs_mkdir+0x41f/0x660 [ 1735.044194] do_mkdirat+0x145/0x2a0 [ 1735.044934] ? user_path_create+0xf0/0xf0 [ 1735.045783] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1735.046844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1735.047920] do_syscall_64+0x33/0x40 [ 1735.048686] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1735.049717] RIP: 0033:0x7f5ff7acbb19 [ 1735.050477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1735.054146] RSP: 002b:00007f5ff5020188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1735.055721] RAX: ffffffffffffffda RBX: 00007f5ff7bdf020 RCX: 00007f5ff7acbb19 [ 1735.057163] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1735.058610] RBP: 00007f5ff50201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1735.060030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1735.061501] R13: 00007ffffb68f3ef R14: 00007f5ff5020300 R15: 0000000000022000 23:42:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index=0x1, 0x8, 0x0, 0xfffffe01, 0x3, 0x1}, 0x7) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x80, 0x7f, 0x12, 0x97, 0x0, 0x0, 0x1, 0x80000, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080), 0x5}, 0x8, 0x7, 0xb577, 0x3, 0x8, 0x7, 0x9, 0x0, 0x3}, 0xffffffffffffffff, 0x6, r3, 0xc) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:06 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x310000, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000340)=""/212, 0xd4}, {&(0x7f0000000440)=""/181, 0xb5}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000240)=""/72, 0x48}, {&(0x7f0000001500)=""/93, 0x5d}, {&(0x7f0000001580)=""/87, 0x57}, {&(0x7f0000001600)=""/217, 0xd9}, {&(0x7f0000001700)=""/138, 0x8a}], 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000b, 0x50, 0xffffffffffffffff, 0x0) flock(0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r4, 0xffffffffffffffff, 0x0) openat$incfs(r4, &(0x7f0000000080)='.pending_reads\x00', 0x2041, 0x2) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) syz_open_procfs(0x0, &(0x7f00000000c0)='sched\x00') r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x1) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:06 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 23:42:06 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 23:42:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r5, 0x8982, &(0x7f00000000c0)={0x1, 'vlan0\x00'}) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x1, 0x3b, 0x5, 0x3, 0x0, 0x5, 0x2000, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x3, 0x3}, 0x12808, 0x9, 0x3, 0x9, 0x1ff, 0x73f1, 0x9, 0x0, 0x1, 0x0, 0x732a}, 0x0, 0xe, r7, 0x8) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000380)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, r10}}, 0x2) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7ec4, &(0x7f0000000180)={0x0, 0xe3c6, 0x2, 0x0, 0x260}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f00000003c0), &(0x7f0000000340)) 23:42:06 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 11) [ 1735.351476] FAULT_INJECTION: forcing a failure. [ 1735.351476] name failslab, interval 1, probability 0, space 0, times 0 [ 1735.354073] CPU: 0 PID: 9711 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1735.355468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1735.357222] Call Trace: [ 1735.357784] dump_stack+0x107/0x167 23:42:06 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1735.358570] should_fail.cold+0x5/0xa [ 1735.359500] ? create_object.isra.0+0x3a/0xa20 [ 1735.360482] should_failslab+0x5/0x20 [ 1735.361279] kmem_cache_alloc+0x5b/0x360 [ 1735.362137] ? mark_held_locks+0x9e/0xe0 [ 1735.362973] create_object.isra.0+0x3a/0xa20 [ 1735.363881] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1735.364925] kmem_cache_alloc_bulk+0x168/0x320 [ 1735.365864] io_submit_sqes+0x707f/0x86a0 [ 1735.366750] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1735.367792] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1735.368787] ? lock_downgrade+0x6d0/0x6d0 [ 1735.369637] ? find_held_lock+0x2c/0x110 [ 1735.370475] ? io_submit_sqes+0x86a0/0x86a0 [ 1735.371367] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1735.372367] ? wait_for_completion_io+0x270/0x270 [ 1735.373357] ? rcu_read_lock_any_held+0x75/0xa0 [ 1735.374307] ? vfs_write+0x354/0xa30 [ 1735.375073] ? fput_many+0x2f/0x1a0 [ 1735.375832] ? ksys_write+0x1a9/0x260 [ 1735.376623] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1735.377691] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1735.378749] do_syscall_64+0x33/0x40 [ 1735.379537] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1735.380641] RIP: 0033:0x7faadcd8fb19 [ 1735.381407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1735.385179] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1735.386745] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1735.388225] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1735.389684] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1735.391149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1735.392623] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1735.404723] FAULT_INJECTION: forcing a failure. [ 1735.404723] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1735.407809] CPU: 0 PID: 9710 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1735.409238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1735.410989] Call Trace: [ 1735.411553] dump_stack+0x107/0x167 [ 1735.412332] should_fail.cold+0x5/0xa [ 1735.413142] __alloc_pages_nodemask+0x182/0x680 [ 1735.414141] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 1735.415406] alloc_pages_current+0x187/0x280 [ 1735.416327] allocate_slab+0x26f/0x380 [ 1735.417142] ___slab_alloc+0x470/0x700 [ 1735.417969] ? io_submit_sqes+0x707f/0x86a0 [ 1735.418885] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 1735.419884] kmem_cache_alloc_bulk+0x1ec/0x320 [ 1735.420850] io_submit_sqes+0x707f/0x86a0 [ 1735.421753] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1735.422773] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1735.423771] ? lock_downgrade+0x6d0/0x6d0 [ 1735.424617] ? find_held_lock+0x2c/0x110 [ 1735.425446] ? io_submit_sqes+0x86a0/0x86a0 [ 1735.426345] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1735.427347] ? wait_for_completion_io+0x270/0x270 [ 1735.428344] ? rcu_read_lock_any_held+0x75/0xa0 [ 1735.429328] ? vfs_write+0x354/0xa30 [ 1735.430126] ? fput_many+0x2f/0x1a0 [ 1735.430895] ? ksys_write+0x1a9/0x260 [ 1735.431714] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1735.432791] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1735.433877] do_syscall_64+0x33/0x40 [ 1735.434664] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1735.435722] RIP: 0033:0x7fb90a2beb19 [ 1735.436494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1735.440332] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1735.441910] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1735.443378] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1735.444879] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1735.445518] FAULT_INJECTION: forcing a failure. [ 1735.445518] name failslab, interval 1, probability 0, space 0, times 0 [ 1735.446353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1735.446365] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1735.453368] CPU: 1 PID: 9717 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1735.454846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1735.456614] Call Trace: [ 1735.457242] dump_stack+0x107/0x167 [ 1735.458050] should_fail.cold+0x5/0xa [ 1735.458881] ? create_object.isra.0+0x3a/0xa20 [ 1735.459889] should_failslab+0x5/0x20 [ 1735.460678] kmem_cache_alloc+0x5b/0x360 [ 1735.461649] create_object.isra.0+0x3a/0xa20 [ 1735.462552] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1735.463645] kmem_cache_alloc_trace+0x151/0x360 [ 1735.464724] ? cset_cgroup_from_root+0x2a0/0x2a0 [ 1735.465703] percpu_ref_init+0xd8/0x3d0 [ 1735.466557] cgroup_mkdir+0x28b/0xfc0 [ 1735.467359] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1735.468371] kernfs_iop_mkdir+0x14d/0x1e0 [ 1735.469252] vfs_mkdir+0x41f/0x660 [ 1735.470075] do_mkdirat+0x145/0x2a0 [ 1735.470832] ? user_path_create+0xf0/0xf0 [ 1735.471725] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1735.472851] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1735.474111] do_syscall_64+0x33/0x40 [ 1735.474914] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1735.475993] RIP: 0033:0x7f5ff7acbb19 [ 1735.476839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1735.480800] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1735.482641] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1735.484231] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1735.485702] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1735.487197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1735.488708] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:42:22 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5253, &(0x7f0000000040)={0x0, 0x93dd, 0x8, 0x0, 0x205}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000340)=""/157, 0x9d}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/205, 0xcd}, {&(0x7f0000000240)=""/1, 0x1}], 0x4, &(0x7f00000016c0)=ANY=[@ANYBLOB="20000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="34000000000000dd000004000101c11593e281930000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x20) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000001680)) 23:42:22 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 23:42:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x12345}, 0xabf8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:22 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x292d, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_setup(0xc74, &(0x7f0000000180)={0x0, 0xc388, 0x10, 0x0, 0xe4}, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000340)=0x0) r7 = accept$inet6(0xffffffffffffffff, &(0x7f0000000380), &(0x7f00000003c0)=0x1c) syz_io_uring_submit(r1, r6, &(0x7f0000000440)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000400)="11c3eb88bc529b1e32d568ae1829d9d6e8b330f38321fcb466a9af04a36823ad4b3ffd5c47714d5b2191562a4cfba9faf856d1695b7d02ec8b41160d", 0x3c, 0x40000}, 0xca) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000}, 0x9001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 23:42:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 12) [ 1750.799675] FAULT_INJECTION: forcing a failure. [ 1750.799675] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.801540] CPU: 1 PID: 9740 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1750.802365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1750.803370] Call Trace: [ 1750.803700] dump_stack+0x107/0x167 [ 1750.804156] should_fail.cold+0x5/0xa [ 1750.804614] ? create_object.isra.0+0x3a/0xa20 [ 1750.805170] should_failslab+0x5/0x20 [ 1750.805630] kmem_cache_alloc+0x5b/0x360 [ 1750.806125] create_object.isra.0+0x3a/0xa20 [ 1750.806655] kmemleak_alloc_percpu+0xa0/0x100 [ 1750.807203] pcpu_alloc+0x4e2/0x12f0 [ 1750.807673] cgroup_rstat_init+0x14f/0x1f0 [ 1750.808212] cgroup_mkdir+0x709/0xfc0 [ 1750.808672] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1750.809250] kernfs_iop_mkdir+0x14d/0x1e0 [ 1750.809777] vfs_mkdir+0x41f/0x660 [ 1750.810213] do_mkdirat+0x145/0x2a0 [ 1750.810680] ? user_path_create+0xf0/0xf0 [ 1750.811194] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1750.811848] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1750.812487] do_syscall_64+0x33/0x40 [ 1750.812954] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1750.813597] RIP: 0033:0x7f5ff7acbb19 [ 1750.814069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1750.816354] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1750.817299] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1750.818194] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1750.819080] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1750.819997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1750.820879] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1750.860357] FAULT_INJECTION: forcing a failure. [ 1750.860357] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.863020] CPU: 0 PID: 9745 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1750.864494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1750.866279] Call Trace: [ 1750.866864] dump_stack+0x107/0x167 [ 1750.867660] should_fail.cold+0x5/0xa [ 1750.868510] ? create_object.isra.0+0x3a/0xa20 [ 1750.869498] should_failslab+0x5/0x20 [ 1750.870318] kmem_cache_alloc+0x5b/0x360 [ 1750.871197] ? mark_held_locks+0x9e/0xe0 [ 1750.872083] create_object.isra.0+0x3a/0xa20 [ 1750.873019] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1750.874112] kmem_cache_alloc_bulk+0x168/0x320 [ 1750.875101] io_submit_sqes+0x707f/0x86a0 [ 1750.876048] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1750.877113] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1750.878150] ? lock_downgrade+0x6d0/0x6d0 [ 1750.879036] ? find_held_lock+0x2c/0x110 [ 1750.879923] ? io_submit_sqes+0x86a0/0x86a0 [ 1750.880864] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1750.881896] ? wait_for_completion_io+0x270/0x270 [ 1750.882934] ? rcu_read_lock_any_held+0x75/0xa0 [ 1750.883939] ? vfs_write+0x354/0xa30 [ 1750.884741] ? fput_many+0x2f/0x1a0 [ 1750.885523] ? ksys_write+0x1a9/0x260 [ 1750.886348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1750.887469] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1750.888586] do_syscall_64+0x33/0x40 [ 1750.889380] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1750.890465] RIP: 0033:0x7fb90a2beb19 [ 1750.891256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1750.895162] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1750.896794] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1750.898300] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1750.899783] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1750.901295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1750.902803] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:42:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x110, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x10, 0x4000010, r0, 0x10000000) pipe(&(0x7f0000000100)={0xffffffffffffffff}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000003, 0x20010, r5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4004, @fd_index=0x1, 0x7607, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x8) r6 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f00000000c0)={r6}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1750.916358] FAULT_INJECTION: forcing a failure. [ 1750.916358] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.919442] CPU: 0 PID: 9744 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1750.920889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1750.922612] Call Trace: [ 1750.923166] dump_stack+0x107/0x167 [ 1750.923939] should_fail.cold+0x5/0xa [ 1750.924740] ? create_object.isra.0+0x3a/0xa20 [ 1750.925696] should_failslab+0x5/0x20 [ 1750.926496] kmem_cache_alloc+0x5b/0x360 [ 1750.927338] ? mark_held_locks+0x9e/0xe0 [ 1750.928219] create_object.isra.0+0x3a/0xa20 [ 1750.929133] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1750.929290] audit: type=1400 audit(1678318942.453:36): avc: denied { map } for pid=9752 comm="syz-executor.1" path="pipe:[35855]" dev="pipefs" ino=35855 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 [ 1750.930202] kmem_cache_alloc_bulk+0x168/0x320 [ 1750.930229] io_submit_sqes+0x707f/0x86a0 [ 1750.930286] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1750.935746] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1750.936773] ? lock_downgrade+0x6d0/0x6d0 [ 1750.937641] ? find_held_lock+0x2c/0x110 [ 1750.938484] ? io_submit_sqes+0x86a0/0x86a0 [ 1750.939395] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1750.940399] ? wait_for_completion_io+0x270/0x270 [ 1750.941408] ? rcu_read_lock_any_held+0x75/0xa0 [ 1750.942352] ? vfs_write+0x354/0xa30 [ 1750.943128] ? fput_many+0x2f/0x1a0 [ 1750.943871] ? ksys_write+0x1a9/0x260 [ 1750.944683] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1750.945748] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1750.946823] do_syscall_64+0x33/0x40 [ 1750.947588] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1750.948667] RIP: 0033:0x7faadcd8fb19 [ 1750.949431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1750.953269] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1750.954830] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1750.956411] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1750.958077] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1750.959734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 23:42:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x6c, 0x7, 0x8, 0x8, 0x0, 0x3b, 0x100, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x1, @perf_bp={&(0x7f0000000040), 0x4}, 0x12840, 0x5, 0x7, 0x2, 0xfff, 0x601, 0x1, 0x0, 0x7f2, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r3, 0xb) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = gettid() socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(0x0, r5, 0x4, r4, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x6, 0x3, 0x9, 0x80, 0x0, 0x3, 0x60002, 0x8, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, @perf_config_ext={0x68d0cda, 0x80000000}, 0x418, 0x0, 0x6, 0x8, 0xff, 0x10000, 0x8, 0x0, 0x1, 0x0, 0x5}, r5, 0x8, r3, 0x9) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x18}}, './file0\x00'}) io_uring_enter(r6, 0x53ea, 0x1b67, 0x1, &(0x7f0000000240)={[0x1]}, 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1750.961554] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:42:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 13) 23:42:22 executing program 6: flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r3 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r3, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x2004, @fd_index=0x2, 0x200, &(0x7f0000000040)="bf443ad2cd1a753072879f4b909b991c9111060ed4d6b2a93cdda0e3", 0x1c, 0x1c, 0x1, {0x0, r5}}, 0x1) perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x30a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1751.049418] FAULT_INJECTION: forcing a failure. [ 1751.049418] name failslab, interval 1, probability 0, space 0, times 0 [ 1751.050796] CPU: 1 PID: 9759 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1751.051557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1751.052473] Call Trace: [ 1751.052764] dump_stack+0x107/0x167 [ 1751.053168] should_fail.cold+0x5/0xa [ 1751.053591] ? create_object.isra.0+0x3a/0xa20 [ 1751.054091] should_failslab+0x5/0x20 [ 1751.054503] kmem_cache_alloc+0x5b/0x360 [ 1751.054951] ? mark_held_locks+0x9e/0xe0 [ 1751.055394] create_object.isra.0+0x3a/0xa20 [ 1751.055870] kmemleak_alloc_percpu+0xa0/0x100 [ 1751.056379] pcpu_alloc+0x4e2/0x12f0 [ 1751.056804] cgroup_rstat_init+0x14f/0x1f0 [ 1751.057271] cgroup_mkdir+0x709/0xfc0 [ 1751.057685] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1751.058201] kernfs_iop_mkdir+0x14d/0x1e0 [ 1751.058651] vfs_mkdir+0x41f/0x660 [ 1751.059045] do_mkdirat+0x145/0x2a0 [ 1751.059447] ? user_path_create+0xf0/0xf0 [ 1751.059915] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1751.060500] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1751.061068] do_syscall_64+0x33/0x40 [ 1751.061485] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1751.062049] RIP: 0033:0x7f5ff7acbb19 [ 1751.062462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1751.064493] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1751.065331] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1751.066108] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1751.066892] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1751.067668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1751.068451] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:42:22 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:22 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3242, &(0x7f0000000040)={0x0, 0xf759, 0x2, 0x3, 0x21a}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r6}}, 0x7f) syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x2000, @fd=r0, 0x9, 0x400, 0x3, 0x4, 0x1, {0x3, r6}}, 0x8) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_OPENAT={0x12, 0xe9ce56e9a54f6a09, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x40, 0x31713}, 0x7ff) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1751.317090] device veth0_vlan entered promiscuous mode 23:42:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 14) 23:42:39 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:39 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(0x0, 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:39 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 23:42:39 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 23:42:39 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={r8, r9+60000000}, 0x1, 0x0, 0x0, {0x0, r10}}, 0x10001) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) utimensat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x100) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7}, 0x7f) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000400)=@IORING_OP_WRITEV={0x2, 0x3, 0x2004, @fd_index=0x4, 0x9, &(0x7f0000000240)=[{&(0x7f0000000340)="594277e025b7b0680dd3f6efcc99f124fd6b490020f4d13a3ce361a318d222893cca6a62cb7a2903c232061d83cc10b86eb598f928052160572cf97936c0a2a5ef8a1c1579d9494c0965b504fee9c55e14f84f3ee8175f877b7c0532d3cc44afead17a3e06e5d7a1302f744b2bac59ad2a54af98924b3bde309d4e66fd68d55a2de065a6936e3855ea6f883b7b357ffb5b980b5ca5e5d5ef78be9584503ba0674ab5894ead3b", 0xa6}], 0x1, 0xa, 0x0, {0x2}}, 0x6f) 23:42:39 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:39 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000880), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000840)=@IORING_OP_WRITE={0x17, 0x1, 0x4007, @fd_index=0x5, 0x4, &(0x7f00000007c0)="5fc9736e7f22c8079601c573d855afb1ec19eada3d8deec2669d9c419d0e7724433af187453d22bc52e4a8b455eb39fc0460b5c8f51173b6b30f80f874a73721e55bd09233f6ff4e265d9cbdfb790ddc3a5f8589c74cfe7127826c06fa84a5be1e86df009e50b8837218c15a66ffc7a6c9", 0x71, 0x10, 0x1}, 0x616) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x4}, 0x9) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x40010, r0, 0x10000000) r10 = accept$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x1c) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000680)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, r10, 0x0, &(0x7f0000000640)={&(0x7f0000000340)=@sco={0x1f, @none}, 0x80, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/238, 0xee}, {&(0x7f00000004c0)=""/112, 0x70}, {&(0x7f0000000540)=""/153, 0x99}, {&(0x7f0000000240)=""/46, 0x2e}], 0x4, &(0x7f0000000700)=""/134, 0x86}, 0x0, 0x2000, 0x1, {0x3, r11}}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1767.545377] FAULT_INJECTION: forcing a failure. [ 1767.545377] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.547818] CPU: 1 PID: 9799 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1767.549212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1767.550876] Call Trace: [ 1767.551416] dump_stack+0x107/0x167 [ 1767.552176] should_fail.cold+0x5/0xa [ 1767.552944] ? create_object.isra.0+0x3a/0xa20 [ 1767.553861] should_failslab+0x5/0x20 [ 1767.554628] kmem_cache_alloc+0x5b/0x360 [ 1767.555455] ? mark_held_locks+0x9e/0xe0 [ 1767.556295] create_object.isra.0+0x3a/0xa20 [ 1767.557184] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1767.558211] kmem_cache_alloc_bulk+0x168/0x320 [ 1767.559138] io_submit_sqes+0x707f/0x86a0 [ 1767.560014] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1767.561021] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1767.561999] ? lock_downgrade+0x6d0/0x6d0 [ 1767.562833] ? find_held_lock+0x2c/0x110 [ 1767.563661] ? io_submit_sqes+0x86a0/0x86a0 [ 1767.564558] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1767.565532] ? wait_for_completion_io+0x270/0x270 [ 1767.566503] ? rcu_read_lock_any_held+0x75/0xa0 [ 1767.567439] ? vfs_write+0x354/0xa30 [ 1767.568200] ? fput_many+0x2f/0x1a0 [ 1767.568933] ? ksys_write+0x1a9/0x260 [ 1767.569707] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1767.570758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1767.571805] do_syscall_64+0x33/0x40 [ 1767.572577] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1767.573608] RIP: 0033:0x7faadcd8fb19 [ 1767.574361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1767.578063] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1767.579599] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1767.581048] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1767.582480] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1767.583910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1767.585345] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1767.601234] FAULT_INJECTION: forcing a failure. [ 1767.601234] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.603638] CPU: 1 PID: 9800 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1767.605017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1767.606674] Call Trace: [ 1767.607224] dump_stack+0x107/0x167 [ 1767.607978] should_fail.cold+0x5/0xa [ 1767.608774] ? create_object.isra.0+0x3a/0xa20 [ 1767.609698] should_failslab+0x5/0x20 [ 1767.610466] kmem_cache_alloc+0x5b/0x360 [ 1767.611286] ? mark_held_locks+0x9e/0xe0 [ 1767.612130] create_object.isra.0+0x3a/0xa20 [ 1767.613018] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1767.614045] kmem_cache_alloc_bulk+0x168/0x320 [ 1767.614994] io_submit_sqes+0x707f/0x86a0 [ 1767.615871] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1767.616882] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1767.617865] ? lock_downgrade+0x6d0/0x6d0 [ 1767.618698] ? find_held_lock+0x2c/0x110 [ 1767.619522] ? io_submit_sqes+0x86a0/0x86a0 [ 1767.620414] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1767.621388] ? wait_for_completion_io+0x270/0x270 [ 1767.622375] ? rcu_read_lock_any_held+0x75/0xa0 [ 1767.623308] ? vfs_write+0x354/0xa30 [ 1767.624063] ? fput_many+0x2f/0x1a0 [ 1767.624818] ? ksys_write+0x1a9/0x260 [ 1767.625598] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1767.626669] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1767.627720] do_syscall_64+0x33/0x40 [ 1767.628483] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1767.629517] RIP: 0033:0x7fb90a2beb19 [ 1767.630279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1767.634015] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1767.635567] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1767.637017] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1767.638450] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1767.639883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1767.641352] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1767.668315] FAULT_INJECTION: forcing a failure. [ 1767.668315] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.670772] CPU: 1 PID: 9796 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1767.672158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1767.673827] Call Trace: [ 1767.674365] dump_stack+0x107/0x167 [ 1767.675114] should_fail.cold+0x5/0xa [ 1767.675898] should_failslab+0x5/0x20 [ 1767.676705] __kmalloc_track_caller+0x79/0x3c0 [ 1767.677624] ? kstrdup_const+0x53/0x80 [ 1767.678413] ? kmemleak_alloc_percpu+0xa0/0x100 [ 1767.679355] kstrdup+0x36/0x70 [ 1767.680007] kstrdup_const+0x53/0x80 [ 1767.680771] __kernfs_new_node+0x9d/0x850 [ 1767.681621] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1767.682586] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1767.683555] ? pcpu_alloc+0x12a/0x12f0 [ 1767.684361] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1767.685415] kernfs_create_dir_ns+0x9c/0x230 [ 1767.686314] cgroup_mkdir+0x318/0xfc0 [ 1767.687089] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1767.688046] kernfs_iop_mkdir+0x14d/0x1e0 [ 1767.688915] vfs_mkdir+0x41f/0x660 [ 1767.689642] do_mkdirat+0x145/0x2a0 [ 1767.690383] ? user_path_create+0xf0/0xf0 [ 1767.691226] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1767.692300] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1767.693358] do_syscall_64+0x33/0x40 [ 1767.694133] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1767.695175] RIP: 0033:0x7f5ff7acbb19 [ 1767.695927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1767.699630] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1767.701179] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1767.702613] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1767.704053] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1767.705494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1767.706927] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:42:39 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'}) io_uring_enter(r3, 0x51d4, 0x71a, 0x2, &(0x7f0000000080)={[0x2]}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) rt_sigtimedwait(&(0x7f00000000c0)={[0xffffffffffffff81]}, &(0x7f0000000180), &(0x7f0000000280)={r5, r6+60000000}, 0x8) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:39 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r7 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) readv(r0, &(0x7f0000001900)=[{&(0x7f0000000400)=""/210, 0xd2}, {&(0x7f0000000500)=""/179, 0xb3}, {&(0x7f0000000180)=""/53, 0x35}, {&(0x7f00000001c0)=""/42, 0x2a}, {&(0x7f0000000240)=""/41, 0x29}, {&(0x7f00000005c0)=""/229, 0xe5}, {&(0x7f0000000700)=""/255, 0xff}, {&(0x7f0000000800)=""/144, 0x90}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/42, 0x2a}], 0xa) ioctl$FAT_IOCTL_GET_VOLUME_ID(r3, 0x80047213, &(0x7f00000019c0)) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r7, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r9 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0xa000) ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f0000000340)={0xe762, 0x3f, 0x4, 0x0, 0x0, [{{r0}, 0x8}, {{r3}, 0x5}, {{r7}, 0x4}, {{r9}, 0x789}]}) 23:42:39 executing program 7: unlink(&(0x7f0000000180)='./file0\x00') r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x10000000) syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@pptp={0x18, 0x2, {0x3, @rand_addr=0x64010101}}, 0x80, &(0x7f00000001c0)=[{&(0x7f00000000c0)="9e79651d00c03f5a8cbca6ec56f9e6be3e3c29cde4bd962c817e2c3085f2bdbee884cfedd1dd5fa6acf5fe45f5bc48b085", 0x31}, {&(0x7f0000000180)}], 0x2, &(0x7f0000001e00)=[{0x58, 0x10a, 0x1, "3d6286df895a6576f1d37c92769f861127257e6923e74677bcdbc11810a53da4f2b0f293317a141fa61654b9596b03298b8aa010e751274232bb404820673e8ed6aa15"}, {0xb0, 0x0, 0x0, "f708d73cce2ead24f9d99a2acafc25c8105ad0ec26e71278a6e9b19d3ae11838728de8bd990d6689a2dce471b40c32a9e1b073e7fccc47dbc8920c927869bfca30a3c912b2a1d97b8832232f7a1e89d5ac81a9672f504b38eb886cba53274dc7cf9548fc86b144350d13eba8e346d2ce4f702ac3b3d415c16a2b3995eac0a670ed7d3ae845f913ea19a0707a958d250e9131bc6c94a345ea9aece3ab46"}, {0xc0, 0x3a, 0x40, "dec10b9ede9af16e079f51a911404b3be6765ede90d8aa70e7e00b45f988a4fd33bb26a3bf957d50dd1300ea8c1c05658454eee11ffc0a97ea7bc7af02d73ce5d0ff58a21bb46f2260149c413eaf90dfc6ce7953a19c18b29b358e25d073063e2677892d85e01f26bf54d6adf5b0192bf35e40e8e88204c9aeab896f9900d3d20de87844042716d267697d17d610ff9abfd319a82b0a41593fcfef4e04494ede5a3fee4efae9eb1226c4215b76932c"}, {0x90, 0x10d, 0x7, "f6996b6c1efc1a24c29ad9252a470ce265e64b71772d183a933e6c6cbf4c1dedd26843173edf78d07f1a886001432c2cb642b77f4d2279ec34fc7fd1f452da20e879c7b0134e4109032b7c9898d89958cdb3bc5046405741411f610c487bc553cf88298161af144098fdefe1bbeddc0e61462945b9c7fe8af062"}, {0x1010, 0x107, 0x6, "49b331e703811f6611b9c9806e4ab480e036e292c5fd9e98d8fd20a7d98cf632b8e182ed32ff888aa304d6f5d99815045ace6bb5184a05c0fb80a638e77a551619985fa3b0390200f928426ea15b7b03ca7be8f1b3feccfe5e9219fbf2f31d27be6126dcf28f5af04c7280e8167a05b885744c5aab8a6fe898e1f4ea63924f099b8c06c4216c0ce77cee90c9671c807ee4c5e5ccc2fd7cf25e9cd5f49ffff3b1fb190afcab474b9e16a0fd90d5cf348bf207718563f883472a32e7f53f69e490fad5559d1caf1a09a6a1d4838718ca12e8ffd7aec45752ca5f676de25453640085545442e9256634db98ebef17825c3e42cbdb4dd583bd9651a96a17f7a63f3c2fd3676e0585ef38084aadf7fbaee014b9e49f149249960f68dfbd6bf569f905a19015a49d64dc388a4604bff9839d367ef3c8f84c1090603514ecb7001e919da9570227dbbc0a9b3d4c5dba39d106721c7e1cb4919258fe0b9013be35505e5340b04be7495619816d80f32e983331cdb89d28f5564530f609fe0eb5763b4b78bec49bc4e3d8104f08bfa149c111880022c68064050a548eec459d3c52d6b68152b6d2cd440601a40930033e72b6d604b195d9dd16537355e06fe0cc8023d37ed9d061b173b1f36d333d59ac179bdf77bd25cdf7acde62f83e9f1bca1df384e80f032499499d7c7c116c4ad3c9a0c5db2d9e8ee78055922581f985be575b999b1ebb9c5b675de3bfda7dd62159ae258d5fa9bf9c6b8456e48be36b9571c25ef462faeda3400fe12ee802378a1eb1b93f46f8d157c3ff7125b44f9ad3482204fee5923461f53bf14b4d11234dfd29644b64a7e1f289eeb6c31678da77f7079f4f254e652036b1f96ab8d4118208ead13f89234211e5e8eff17e8e28cdba8e66eaae3a8b5af5ded0d4fbe0f4e84d8b40a5472979b40ee9980ccfaef788c31628a198826a319e070b4eb72fb33e98ceda80fc3aa885cc11056037232bf5328fde9466d872cb6c7043c0c86057f64785db58f3252a0c3ce39a8c4e2728bc3e67a47a04c4eaef64b9c6dfe7cf6983e79d7269adf5cfe697c690da19e761e9d3bc52c0f5379b392fcbf4a8c67e8a5b8d8ce68ba28f400053eba50ef2c173158a3d3f2062b547db4b868dfd855f66f3ad3bd547f439a9b1fa92da419655e58cde83b23f949a3bba7c29344dbda03fb155a56146cac1e00ae4b3d243f5b8281af33d66941ecc16e6787927bf0ec470d625d81c5934c463f869ccc1614a754006eb01ef73cf9fc7e076c2217938824d215058c4e4de7732d76a853f05e8e797f506df28e9fd4a5154701984d6582d68315ac988441fb537fcc4f70516decaede98ef6211a304821f2dbe59372e02a51c329645c96328ecdc8119d674cbed715cd3292fe991c8fe90ee54d33a24bf071e9cec667c7418528eff9b947b324840bbb599d1fc41f80c214ed996a9a0b1c25d3a0aac10356ce15b18ca321d417a64b0a7e610bbf5c0441b4b24758d84c4b6d8bb069b4fc4530acf4baae7fcb9ca12a83e73224e44a18d3f24f770fecade029ae2da35edfdd2282bb100f4fb546435e960cef407f02671c4868c873acc1cbd981c819cac53ede68826bce5db2a27959e29984cd7e532268a3084bfba96482005eb7a441356ca1f68bdfe7e7d5c9d25695435556aa7712d828135cd18d160c34951f6b2a8d91df3cda4326dc9b4e33a45f39fa19ad9285d56dadbd61beeaf04cf5d36036ab3e725a07dacbd7120008f80c52904e0bd1bee8c2a7e171622cb3bf6359723846c39643f8f77d590350437834fff6680049abb6c6f60407ffe2d8c2a38a341d1bfec8058f25f2f9a1bd361258627f3e27dbc99a8222d063ea356f9c92905abaffe586107d974cd3a7007408acf255e4b9c02f1f10ad808d669b05241221599bd2d91aff6bb8e05229d30ecafc6b7f645317785cb18705b71533d09eec23f27be30e426770330dd7656e34e163bf08392c7a85bab408f8cbe212096c071d6ecbc1b8fcd36236e28c91ff490fdee269e3d5d0a75b73b51335a5750883ac3aa49c216b571cbddbe69fc6453e2628d285ff495aa8c6b4536be6eb5fbf09ca3855534e72f57d3f3a6e1fac332bf637f7c3d3064b0552d0cafb450f954e2a486416752d8303965348e7e65a49c4a8c642825c359015ebb4127b54b230b874d2fe883b87b681a87bbdfc1be5c9cfc1519aac4f4e6320bae174b865dacc0ffa3cbdbf1571b5a992ac1f891d22c14b3dce258ef4d78ecf95f6cacbee1f97715ed6735a1c253ee91e18c9f533b2eaa6c17eaf401dbb529c2eed04237a5d46f9e16ba62c83bb222d29e954a8dacfbb7fda1d4d2eb2d7e750f719b78ce623b0dcbf92cd74047f5c277a746287c468843c8d5439415316da8cef23d946ce3a7228f73c824049c1f852636c8304c97be9d49f909b7b249e8887a084854f9261921fc0ef419c4b3e28c32a3183b11d8864b9a1a34e05d4a770da99868a3618832e3389aedc38f93fa7419132b8b1d10ee2ebe46e9dbbc1ec3f5c2ca9b01974fd667d59c7316d10ed14cdf02edbef16a2e5d518adcd1836cd0c8cef55381fba06d616c595b2d0588dc1be2795ac4cca66e2c41b4ccd0ccbe62f9e6c398d91eb4ad580ae96415dd4b86dd2c88c7324ce3f6210a65dcddb5b66d1f5af151dd1f4168aad494cb2cd5c1b83582c53e0fec53894585144eae5535f84bdaf4bb9b8920f3e58126a78072d985ef8ce8f658b34e698b989b2e7b12dc5af7c3827f5efed5f6ea94faeadd5142d30d9f8a7042c6fa1483c2562bce79461395403ea713a19fd4c87c1c283165f32e1eff7d4925cb4009573837ff77bc9c6c4e27732294f933092d1c0bf111ac78da3443dcf6817c817cc3e126b18c00ec9e603b54646ed57461765971f1339dc2c445c19078f4fe0ba3c8da62b4d31b76a95db81449ac1da7662ef9f51032066a9c38acb29c457ccee31cc4dbc5885d6a393148ef191f15b60b50d0d806342394feac5f1b42174eb340e7d46f1199d9365cd5887da08c7d6fff8d7e3a5e6086311e77a706d1138b6bee54cffe3f8021cc03b3e39a10c45d891478e950e04005609091769cfd5d7da545a7c2737f96ddebb68f3ee995a54aacb58f68ffd0c03d76bafcd94021d29a2d8053027ffefca9066ca5ec6fdca7f89b59a2aa7cc8e3fa2b78e633d58934b0ad57c26a50ff035ee4783d809af60788064dd550550f4fcfb26ed3e56d9b9eeb7186d1f25fa016530a1199368171537513a40c37a94ac6281061c4a6f384a0f68401bb7f6339b37d865b4e4e19f5722b073dafc7ce8c8986fdf2ebf0c05f5b74a3f2f0492ed56d7c7d7845c105660dcdbfb21bb7b2af551c57ee5244646a362003d4b9a7bab3c242e78ab166fa1ce967152b26845785e298ba832be8762c91f6abcd41085b0bd1dd6709dd6cfa88dcc3f8dd4aae1b1b45190dd7e63d4e6edd7acbb5663db621ad0e786a77550f760c021afd409136895ce254c8e308062bd29930cdcfe545dd9676aa9615fe3b2d3113f2c854f7cdacc4ce514bef6b2a6fb90b71d0eec6f92b2e29f27753eaff710265b492d8e911d171ece4d3f51676e3a945f191d6607ed0221c2aaa226664cc9a74d25c1bcced3cf1592607a113b6c4384d89a776626377b41c3bb5a2034e173640cb4c8dc79794afa6ab955acb873fb0b2246e65d7c7463915e34c2a5f2365489e8dc11efc4a4071d646b1bc12c796e28f4a739332793ea041bac819a6a8d33fba918a3e3b98ee5195073d4c41efff1af51addf599492a915932183b4022124a495cdab736288d024c699fa6900940059ba705921673a378af423f10c5465d8493761c864e33ea4541fd14c992a726b4cf5302c1bfa2c062833f3a4150b882a93288be4bfa33a653c795123d1ccf5eb8acf2479853275dce80c2053f897bfecd421ffaca3fb739209eca83ede0e84ceea7ab6c555c58b8af6da36402eeac2c3e460b70fad6314f1da8d7178372883756b7f5355e9bbbd9d607b5cbf410e06ebcd3a73c51f33b5771ef8521e9878c72d7d3a88db6deb6aaf3941ed915e5b19ec7c6f009cecae70715fb74c72197fac240ba155fb37eac50937be7efe83d941b0c062356bb4c8d3f56b0a37f6f1d3b59c9c3bc4cf991755c5bd7e0558b5637521a2222baa5c415c2a19f5c1e08fb9f7d96ee3c4d23e61b85f98fb4af60bc06071dc54dc2bd54c5c8cfc08d9473853f8c7d98683fb430f1f62d3cccbe8bb3bf808dc9ea8997193585591d166b12b78d5a79550fd9c697061573bad1727f37a59c12a17a3cf5b36e6c66dc68a8427de8497998f786287061544798f931d8fd66e45ef9a4fbfd8bd5b5ab0426866c191a7eb56f13db5630a3c7c5b84eed05be9fb94b49805a2d2c3880983753a5371e80a96a3ea485f34b1e59716466d91cd8f89ee88c768176d8a02887d86813ef9cc95ae4b958d66a4d9b19234095972d865495371316311c90abada9c98398f39ef1dc6895ada9b92eb4415b92665572ad2461aa85103a14812614f2f76d3b110295f8044e9098926d1a4ee884db767d3c50d80c14bf4b496e269d6c303160c22842f8866838d1052683660a7a88a73b2c587f371f12a66b5d1f439b346a19007ba2da759897d012d033d6ee9b3541ab44d9c793c63fc70fef141851ed5a78127887ab37c9b71c536956d71ba90b797d98db7cdcffb58dc45c6aa69644bdc2d480141ba3b20c76aba05c4838ea4e67e7249bc3b13e2d5fc599e7079f5aca8bf9d50d58564d9118ad547a07116a3c932ea31d5deb7a296eb5ba843ef84bf854c9f525d74683e8dbddcf915f863b3c7b028bb8f7a0f02a53bc9b8ca8c1fa581919a5bdab4d3c4874ccd87a71a56f8577a9e3fdbea00fc1ff9cf4762630d0b45fdd0f200c455312d718db3c19b911c08310d2a15dcf04485f537974204a5d5bfd0e77fe9192216472b9f5beca19541029ae56434efeb9bef41d8265ea26bdf9e7b476761232f36c0c47e0a96b1b7b99e57f37cdcd0ca8534d9428a2e5663ab94e4d4ab260b5c01353ad2b750d98168ccb34187f9560759c646119321697a94d8efebd155905452f79ceb65297e362f339769400a1e58e3b938fd125a5654f45612f647f0518b107e3e6cbaf6ac260cd39c39f712ff9d08a86cc1bb0e0d37a128f0116fc86e6e30041ef171ecbd7f17dd15220d984d0eb8fe657b3853c53bcc1a8842d0a6e66b4cb70946053526100d76dd7a96f08f4dd967590f55912a90914cc963a9d57fd5485c54abb5df79a97b9d138c5ae1888cbd489afb903c3f21125b01fea3d860727daa2acfe929760dff47983530d35b4b8528103659368839cfd13c89032abd4ac537812d1d3c17c9d037c94e8e820a7533d809d7e05ac6288b6aaf8153fd20b9d30e5aaae778b7a41b1367a9e22ce85651b6cb1d3b8e14dd9775ef37701060da956919af48f3c91204088ab572c5c6817fb9ad6de09eddc4d8bf3a5297e863a8d6e5e73c3b814409a90f0a6093c02db587817d2fae3f1482cd8efb24b4aa8f9a0ecddf022f2dc89dee39017dc83d976ac70d4ae49cdb51085b45251764c8d36dd622b86a40bbe16a214a8cd1fe0cbac8404810a7b67e2ad2b9cc142e501b54685f643ca0b0c6a7ce59c336fa38888d226c34b7fceea463382fc83c65e9cf49c7197b259411899ff2e8c284bc8e1de86217b974e39a75481c8f90e1f410e5a620d2d1f598dd748d819049707c65ed2bba6abe06c98f8049230ecd07bb4e53d73ca2a465bd997bebe230bc"}, {0x1010, 0x10b, 0x1, "8c64ebfae693fb4eff9d7d56270adc2356df315b536c5ffbfbcad742400dea5fa9b0804ff21796f5fd424337b704915696632fb3b72e67b2e8dcaf28716b91e5ef9d8de3b5879e1d2feac253358087c07d4e81cf831e0bb2e86155df722499a85c75de24d3d35891ea6163f8b00d1a11803bf3af65218221b7270f20cbc59610d6c03441d4c25098cb477fb5cb9e62a437a655060b414fb95d11cc26f8aebdfd49f64ad4a6c2a7f6be268a2628e9ac237b1544eb4afd36dd02c57ff65de7d7c46b0d700454637488341a20ff7918c08656936d0b77e49f3280872be14b2907041ecd59ac1951e5c27317be69bba80929c5c0215a629cd7df95853da0f5f9d89cfd3d31bb1bb3f7a26b0f69982f1b64f91dd3fc212ab9ef46d328aeb3af5d9215f2271cbb5e7e29aac0324b045f7c25b32fe079cfdd74210c28d54c1a1711cab9e10113b007b44e2185f7375a10e9223501020437c5e26ff56ee6b5e08ec3946458f33eb840937ee547517b042766eeabac650093979899da11a30ed0d94feadfea407645464e842bf79c0e4b5b4c09a0b9e5ca94d494f005204dc5ae630bb3e572c5a17abab6d0eac72bf1ce5525775bec82f7c89de35a11bdcb716fc2033ab47fc13a5b5012d1a4b4247dea3719c941e6b69a4203611d3dc97d2bc8b5f843924023a79b5b93390891e4c4cc9111d1d65ee20454e5a1df072ea8ceba585f0c41598efd874431e69ef810abd1b17f99cb85c0c1ee49389b59b924834d32a5648089aeb5f0320f601019a51e479123eb14a63c9898214ca9e4147f381594dfc649c1fde8351d304c5eaecd3a09b492fdadea9e79ed4737a2b3604e3d2947fc08ae99edfcebcac1306e93ec3cddea6be7eb448a4e9224a08e7ab01e94bb1212c5975c2db4f2ab2e8e961d54dbc6d56aa6814319f42d73ad006d07a7c580b6ed32f93d47c8801c73b11fefe2a1fa2febcc3033f4952499c668b84c1d0a63f2eecdd4d1cba7ca9bf675447220c4227cdd15baf07270a07cd33388ccc34548afcd2a9f021af76e0453f9e9844833f666189d7a389629b2dcab4d961a5d0bbc7b4f0f1acca8b6aa178c989e2eb9cef7a3058387569d7a47857b0fe864770709b9894304d9f6c51651bec1cf74da23fd65f32cbb14f6b92dd5d242e09844876970982809e100e9b2ea060e1dfbd2e8f4bd9d098c0ae3584bd2f510e1e4ec6d30038c2ffaeb1b5a94a13ed90ec2cae76c45acf52582960e27a4ba08049742a0ec3a7c80d9136046ad104e4a4eacfb23f33838c5f578d5fc9267cd3bb76b696ff2d8a024878257cafbe2c2ce86643e01d569d92333fb427e8e628b692006a5c330bdc450242472acd5b717acaf0ac72132cae09a7a39d25f3f6335d186e781f19d7167bdfffb66b8b6ee01fe2b25da0ea195b86ee484cdafcc02f459193649f7960119fd1040da10e468ad9615c10b2c60e2f2abfb9cc471548d719d56699f2891fbddb9034991f9ca5a561fc30de1613e2382ca29ba7338c9776ffb8b4da0a2d9f6a8856cdebb9115c10fdad4c55c10197b416f86ebe654ce54c90d3dc5ca8c4154cade621b076a9c7cb99408f18fbd1faf9c57b4bbad09a4cd3c98933246181912a92c7ed33787413705ca21a9b589310f25912716abf867f9ba335ecee511b7d3ff8287f3610b1ac2b32be984a6732485d54d0e26fc44123284752fd5a16749d17187bc20f82e495093fafd0d4382ad9ba4af95af7304d17646915cce9e8334449078f6a8eec40a6df1cbeedbc247c60817e80019ef942b64ee6f05d2ea5ac58ec7b1ac2b4d4dcb40b41449fcd7442682cd4a3104d6ffa9abd166e332cc6f1f4fb0c77dc6448f0c4a03b510762dc2a56f1198aa76b931759d8ddeeb86532a110c4d22cc44b2e13d1c715880d3809609f29423be03086e6ec10ea6f532d0198b688a5c3c2fa2906b5aec673cf694c23046d7523500954fef178ba2f880f99876a8f3a030aa81c45b628e0c0d6d56437d0d3f6441758d645d1379e66266311efaca382f7227ff5de26e08d72e31b7d9cf55dc8b8c6a4bacde0fd2940fd5f2d676b0b4cf382a8090e5510b9238fabc0eacf5c79709532f1fd20359979140ad2fbd2a1c7ec2f5f5201420c0953e58f292bc6c0a86f0cca4802bd7a8a937584bb51f662d9f6b57e4ea76ee3375d444d4c0c49eb1faadeeaadcb057aad51beebf0702ead2f26ea3b1abb7c1578171aa53ff3affe92b014f2583f2411b899d9168cb340c2c1093112e701f779cb903c695f4bfca7a32a699f47ee431768b8fcacb179822f0a4649913edd71c572368015e31fb7e1486f800a0f61eddf842d1dc1f26bd0e00db9bc6f95fa945374fb0dae237bcf9731d5ba4e24a3cca5e1a59ad1030392692ac43fc06a3266cee4eabbf764a993c39bf1b597cceb2ac7c459df8bdf82d99343fa694d5e82897a4db869f9312861308698be634245e22e99fc57e12d6215622466b41db7057d7ce7a4147cade3fe3bb43956dee5d1ace531f632369aa65bbee927951d8bf43df02922eddcc6f3af5b43cc6679cf71dfa63634a76ab1d9136266e1ba61cf32c4452a7e35e716da2a79a67a2e1a78322fd52b34f102e8844ca78e0d3f01330f1e40d096460d92ed34bf52d2a83a559d40ee7a18bee215b82867c265ef4e7c0be9946bf88660ef299666d22a93a98bc98a8823a5534707d80ac46914d3d90ad40219308b9ff9ec495cea6aa5154f86ffd372423d50304f4430a1b3f610d862067ad23deeed9441923cd4a51af4b6b75643413e3807cd802b2249875eebde9e8299e14b83c31bbee3f05eb6a3f3be3c4ffb4399c5c7f380aba79b439130caa9087ed2ef70c1bc290e360bb63bbf9a63883d1bd31e07265c4a877122e6b95cbd1cc22a682501afc38ff41467bfcc5feb6cf1674126820b4431fefc5ed6647f88248298d9c5e0785581359ce30c14ac5eff785dce4e8908e2e97bf265c5d9702bca3e292910b42a2eaf44e5068ad77703f07998e4462b016f99500eb60850e6e1c480783bbe55faee5fa3381291508d19818696f62ad486e11dd6c59dbc65ae64f7eef29f3e5a934aa7d6ad748e073c083ef5cab309a21cad2d1c2df3abb7fc417e699f028e96bf7c3bebe3cc2d9568c6b52dd38b2a9b9f0dd3c1472afebc2384291bc587be4dfadd480c7aa91768fb408c521e1e5945b5778fc40e08630389b8d0a3603ea763eb7f4032e960fddf656e65ae50787a41d4cfbb7760cff60c29ccca4711f69f057bcff00e2362d87e7637d7e4868437b0e132ad13481ed0fd2ad264d73f1fbb1fb333b56285850d39b6b56a432c8521b70dda6af369f39719cbb1dc7c6001e2bb26fcd125302bbca4cf51c8bf702f5b474ec08a5e3e1caba8537b31f0a2cbc222e1f51ee4a3cb1c822068b17ac6bce31917d401c20a29dd032fcfddc6a1052c01fb511b877d3fbbd6ede084cd0a2790314317875f54bab38f4a3b168fc65109173509d1ec6ef0abe61d99925ce3b7b160ac6794a3ae59ab7c1174b04989cc019b8ab8a43a9361cea837fd1eb13f7aeb0555d2e80c658f7ce073df52a582a9be53320ed47a3ea32db28a799c42f5ad9ed7a33fbfe1f6ef81d6416bd937ec4f561e8366fc902c8bb4acb370100b755a0e6c8596f24995825eb71d08c1c9301a57536fc522fbc9ec028f397addb870f4e7be906edb40a616c5c7e2bf343d329d56edd01c1076b9a5a3217d53eee85f7e1909177184524816e50951ec13f317a520fb1adec4aec5fdd90b83b06ca931c94ddd7713f41b337a3f9c0a44eb4a448c9d5b6ea9199ea5163e79622f483b94ef9e34e4e4dd0ded33193bf2a81ebdf62aebba6fe26c7c65ef823a834aa4bf641c8c0a86ce69e092775192c7d21a0a98921dbc5f0c0adcb64faa388592fb474fa490988c988f69c85fd77d1d3fdc01407dd58e4ffdb99580e396a8e8a2c51d589c4bcaf05f1af27dea6b19f408e33b4574444e43ef1b93ae1474ea9cf689acc316eae51c573843cb1b37e830ec8be59333980949dda36cf2acfb49f7a96aefe799501ccaff9920f43cff8c480a2e4de71868d32de091c4b1a3f63b36486d84b5acdf2bad9b937136afa1ccfe37ab00eefe8384d9077fa7b520956b3139d0aa775f56023db7e20cbd96eb03edf8979bc8ece901012c86899030b3f651649807cf6633ab35d99c73923c200a2b3eaba84d779ab531c60a0d3999d7e88dcb679edd41623a8aea40aa891197e5a5c53b477b264f6e0f95b31dbbbef981fb794cd0b78bbb258060ce14f68342da0863699c5c7bb69be9a82ffca98436b55da20ce638e0bf18a5c75d1e503472e0e3ff229b7e51b380d4d24b89f319c088b38665c6e306e4e0a5e882c9ed5980966f4d401368d4a265adb091dba589b36fe55f9dcb607e38edec21da08fc6f9d6f194a4efd8995ec921baf69c7d421ef7a05e45d13eb75f01c02ddc288a4437a37a71f8059d40bbb6292aa3bbffcfb5c654d1e43105aed5b092bdb51153a13e7a264030300b4dea2b5d760a3bbe8b026247ebba11890a09b897fec7d2ca0660896a585a1ca95165413b746405619456dad5e1a170b265680a226b61852141ea339c4a1be8f340e4c8d094f890698621d2b96027e7d10c8f3b681f3a0e697eb4af3d6d6b3916d54e729de9a0f632b350ca509509efe8beaa0ab70b6a60d3fb2b0396d7c5ff30114ab2f0b0233c30dd26f062b88ae86b7fa6c3a5f4eb2edf154ac886add910e68f0b343fcb0c54919979206395a848fc8096d3f0e3d2a6a3b8cf6d0afb150ee4935fc78eb95c76afc83187601ee679789d560dcf12691e7a24f4be382f91f92982fb433fb1e7170ad293e073e20bc5360bef0d7b9cafdf6db24e38d51d8f3d653f2f694e6cf4843c2256ddf4bcef2fa9a14eb7db56091a7f8d84c6e3e9d099820f973c96a11a12ed096914eef131a57777441f1af4ac786f5cb126be4f92af5f9a9eb69b9a66ddd72b979d473a54c35de9a007a34fb5c36ad8365fb242d9e376a09d9f4d3087d41274be19c686eee82f7a0f01cf37b1d91af5b4f37e3a508ec66169fd2617ab3efa707ab4df4c50b3d44735f36095bbcccd4a5b814cb66d029bcf7686bc0025c6e9cfad697f1b7be588a242643a4cac5cbdc5c71aa7992f6d0fb8ea556d72e29c3ee62324472aca799df085e924048b417af7f63fc752479d5f94d5645af3ca084f162d7ff69e8cff2a98d106a2c8de85eca3dbf9d547e44253813249e985b9693809e94c8dcefa454548cd0d2c6c0d834b35f8477299abc7c8086a6f71d2f2865c9d85252428ba0e51e111586972c9a45624ade385e6f6cee6332d6d4abeb0ab47242305f7a281975e354b317350abb97e15a5bede776a60104814fd7eae8b734f6c3b7d4b6d5362ed8058349e140352da72fe297221a3973a94bb4a76333c126e71cf8ad41faa02f32f6c8c69889ccd80e4a417fffb3444f3b80f068759262452ef1c15e1749d3f0e2a0bdea6f70e8e459e7fead7eb5491bad614e04eda43df0f0d9017afb089172bbac2a160d8d3b69869e9b9fb0c2afa8be7a2759a4740bb1fa1e759f8523bb21c05577a584621aa1d9adfb32dd0ae738f36cc11d1ae1c6f1f66c43e8e7d90e1c3e954222dbb2b5d220776f448a3ddded8a40f5cc788e2bd4c7cbd5866581324651f153982dbf06cab505cbe54b622e4914d255109518ad476ea0521c691ac2cdad641a90af99d1d5e965df82386e0e7d78e9e999d68d5e8dbd4f39a7acda614015efff05387c90a01d3331e"}], 0x2278}, 0x0, 0x40840}, 0x5) 23:42:39 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 15) 23:42:39 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 23:42:39 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) [ 1767.991538] FAULT_INJECTION: forcing a failure. [ 1767.991538] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.994045] CPU: 1 PID: 9820 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1767.995435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1767.997115] Call Trace: [ 1767.997658] dump_stack+0x107/0x167 [ 1767.998398] should_fail.cold+0x5/0xa [ 1767.999180] ? create_object.isra.0+0x3a/0xa20 [ 1768.000109] should_failslab+0x5/0x20 [ 1768.000894] kmem_cache_alloc+0x5b/0x360 [ 1768.001717] ? lock_acquire+0x197/0x490 [ 1768.002523] create_object.isra.0+0x3a/0xa20 [ 1768.003409] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1768.004469] __kmalloc_track_caller+0x177/0x3c0 [ 1768.005406] ? kstrdup_const+0x53/0x80 [ 1768.006194] kstrdup+0x36/0x70 [ 1768.006847] kstrdup_const+0x53/0x80 [ 1768.007597] __kernfs_new_node+0x9d/0x850 [ 1768.008445] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1768.009408] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1768.010373] ? pcpu_alloc+0x12a/0x12f0 [ 1768.011166] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1768.012240] kernfs_create_dir_ns+0x9c/0x230 [ 1768.013139] cgroup_mkdir+0x318/0xfc0 [ 1768.013918] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1768.014872] kernfs_iop_mkdir+0x14d/0x1e0 [ 1768.015715] vfs_mkdir+0x41f/0x660 [ 1768.016441] do_mkdirat+0x145/0x2a0 [ 1768.017175] ? user_path_create+0xf0/0xf0 [ 1768.018017] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1768.019068] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.020111] do_syscall_64+0x33/0x40 [ 1768.020884] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1768.021446] FAULT_INJECTION: forcing a failure. [ 1768.021446] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.021909] RIP: 0033:0x7f5ff7acbb19 [ 1768.021930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.021941] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1768.021963] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1768.021974] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1768.021986] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.021997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.022008] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1768.038670] CPU: 0 PID: 9825 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1768.040089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1768.040177] FAULT_INJECTION: forcing a failure. [ 1768.040177] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.041814] Call Trace: [ 1768.041839] dump_stack+0x107/0x167 [ 1768.041863] should_fail.cold+0x5/0xa [ 1768.041882] ? create_object.isra.0+0x3a/0xa20 [ 1768.041902] should_failslab+0x5/0x20 [ 1768.041919] kmem_cache_alloc+0x5b/0x360 [ 1768.041945] create_object.isra.0+0x3a/0xa20 [ 1768.049569] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1768.050619] kmem_cache_alloc_bulk+0x168/0x320 [ 1768.051569] io_submit_sqes+0x707f/0x86a0 [ 1768.052471] ? __mutex_lock+0x425/0x12a0 [ 1768.053316] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1768.054340] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1768.055342] ? lock_downgrade+0x6d0/0x6d0 [ 1768.056206] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1768.057317] ? irqentry_enter+0x26/0x60 [ 1768.058141] ? io_submit_sqes+0x86a0/0x86a0 [ 1768.059037] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1768.060135] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1768.061267] ? trace_hardirqs_on+0x5b/0x180 [ 1768.062169] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1768.063301] ? irqentry_enter+0x26/0x60 [ 1768.064145] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1768.065247] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1768.066374] ? trace_hardirqs_on+0x5b/0x180 [ 1768.067285] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1768.068432] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.069506] do_syscall_64+0x33/0x40 [ 1768.070282] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1768.071339] RIP: 0033:0x7faadcd8fb19 [ 1768.072111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.075916] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1768.077496] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1768.078968] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1768.080469] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.081944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.083413] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1768.084986] CPU: 1 PID: 9824 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1768.086372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1768.088038] Call Trace: [ 1768.088591] dump_stack+0x107/0x167 [ 1768.089334] should_fail.cold+0x5/0xa [ 1768.090103] ? create_object.isra.0+0x3a/0xa20 [ 1768.091026] should_failslab+0x5/0x20 [ 1768.091792] kmem_cache_alloc+0x5b/0x360 [ 1768.092647] create_object.isra.0+0x3a/0xa20 [ 1768.093535] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1768.094574] kmem_cache_alloc_bulk+0x168/0x320 [ 1768.095502] io_submit_sqes+0x707f/0x86a0 [ 1768.096388] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1768.096734] device veth0_vlan entered promiscuous mode [ 1768.097388] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1768.097414] ? lock_downgrade+0x6d0/0x6d0 [ 1768.097430] ? find_held_lock+0x2c/0x110 [ 1768.097455] ? io_submit_sqes+0x86a0/0x86a0 [ 1768.102000] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1768.102975] ? wait_for_completion_io+0x270/0x270 [ 1768.103947] ? rcu_read_lock_any_held+0x75/0xa0 [ 1768.104887] ? vfs_write+0x354/0xa30 [ 1768.105644] ? fput_many+0x2f/0x1a0 [ 1768.106385] ? ksys_write+0x1a9/0x260 [ 1768.107163] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1768.108238] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.109271] do_syscall_64+0x33/0x40 [ 1768.110030] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1768.111056] RIP: 0033:0x7fb90a2beb19 [ 1768.111810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.115494] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1768.117032] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1768.118465] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1768.119898] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.121349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.122783] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:42:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x2004, @fd=r0, 0x1, 0x3, 0x400, 0x8, 0x0, {0x3}}, 0xfffff800) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:52 executing program 7: r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x821, 0x101201) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) pwrite64(0xffffffffffffffff, &(0x7f0000000680)="b6821ef9a6eecf4e63eb254bf6939b717fec58a4bb15b95d0833756c175166e036727b58a8880cad4ed839d6e46d76c478ed21fb4bf42cd351933a39899d8fdf9b3b14a97889567e141ae61326c25940dd80a978cd34433fb5cf1367f463863b2d468789bd471b7aba5472849418372551a700dab668fc50e7beaef5e62d95dc4556bdf1345594e17d3e11838da73bfd2cbf0e4e35231efab8ced72ebd034e318e3134cf34b55e8747e6b82c0fbb40063efda12f9fd10ff7f5ac36f6247759c090be7116", 0xc4, 0xde2) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x318, r1, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_LINK={0xe8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9a5b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x87}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xdfd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0xb8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010101}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8001}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'batadv0\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "9d7f3e4c8490e6f5f9320d2d892c8a48141143d6bcdd8261c12eba65b97e3950"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "6db5438390cb5127b6219504dcea1aee47ce2f306c8ccd9f5371c2ff"}}, @TIPC_NLA_NODE_ID={0x40, 0x3, "fe069fc564ee48f1d6cad3ae33b67b7182ccbe4877061c9f7ac176ee4cf1e9beffc18410cbe78060d7aa0f56623f26a01ea6463ae60ccae895ff32df"}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "124408acb035ed02f1f605758a464f683c74de7d8fae136520"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2d}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffbff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}]}]}, 0x318}, 0x1, 0x0, 0x0, 0x20000040}, 0x1) r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:52 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) 23:42:52 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(0x0, 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:42:52 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) 23:42:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2, 0x0, 0x0) 23:42:52 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 16) 23:42:52 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1781.453581] FAULT_INJECTION: forcing a failure. [ 1781.453581] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.456912] CPU: 0 PID: 9849 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1781.458375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1781.460090] Call Trace: [ 1781.460673] dump_stack+0x107/0x167 [ 1781.461447] should_fail.cold+0x5/0xa [ 1781.462262] should_failslab+0x5/0x20 [ 1781.463071] kmem_cache_alloc_bulk+0x4b/0x320 [ 1781.463993] io_submit_sqes+0x707f/0x86a0 [ 1781.464911] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.465957] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.466978] ? lock_downgrade+0x6d0/0x6d0 [ 1781.467831] ? find_held_lock+0x2c/0x110 [ 1781.468692] ? io_submit_sqes+0x86a0/0x86a0 [ 1781.469605] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1781.470624] ? wait_for_completion_io+0x270/0x270 [ 1781.471638] ? rcu_read_lock_any_held+0x75/0xa0 [ 1781.472607] ? vfs_write+0x354/0xa30 [ 1781.473382] ? fput_many+0x2f/0x1a0 [ 1781.474150] ? ksys_write+0x1a9/0x260 [ 1781.474525] FAULT_INJECTION: forcing a failure. [ 1781.474525] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.474951] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1781.474970] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1781.474995] do_syscall_64+0x33/0x40 [ 1781.475016] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1781.475030] RIP: 0033:0x7fb90a2beb19 [ 1781.475058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1781.486019] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1781.487615] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1781.489112] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1781.490600] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.492090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1781.493578] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1781.498256] CPU: 1 PID: 9845 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1781.499672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1781.501372] Call Trace: [ 1781.501930] dump_stack+0x107/0x167 [ 1781.502705] should_fail.cold+0x5/0xa [ 1781.503494] should_failslab+0x5/0x20 [ 1781.504270] kmem_cache_alloc_bulk+0x4b/0x320 [ 1781.505211] io_submit_sqes+0x707f/0x86a0 [ 1781.506112] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.507119] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.508117] ? lock_downgrade+0x6d0/0x6d0 [ 1781.508978] ? find_held_lock+0x2c/0x110 [ 1781.509813] ? io_submit_sqes+0x86a0/0x86a0 [ 1781.510734] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1781.511725] ? wait_for_completion_io+0x270/0x270 [ 1781.512740] ? rcu_read_lock_any_held+0x75/0xa0 [ 1781.513681] ? vfs_write+0x354/0xa30 [ 1781.514443] ? fput_many+0x2f/0x1a0 [ 1781.515181] ? ksys_write+0x1a9/0x260 [ 1781.515965] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1781.517049] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1781.518103] do_syscall_64+0x33/0x40 [ 1781.518862] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1781.519900] RIP: 0033:0x7faadcd8fb19 [ 1781.520672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1781.524419] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1781.525964] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1781.527414] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1781.528872] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.530325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1781.531773] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:42:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000000, 0x80010, r0, 0x8000000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x14b2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000400)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r8}}, 0x7f) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r10, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x2, 0x6, 0x0, 0x4, 0x5, 0x0, {0x0, r8}}, 0x8) syz_io_uring_submit(r3, r5, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0, 0x1ff, 0x0, 0x1, {0x0, r8}}, 0x7f) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1781.592041] FAULT_INJECTION: forcing a failure. [ 1781.592041] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.595403] CPU: 1 PID: 9843 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1781.596799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1781.598494] Call Trace: [ 1781.599032] dump_stack+0x107/0x167 [ 1781.599793] should_fail.cold+0x5/0xa [ 1781.600569] ? create_object.isra.0+0x3a/0xa20 [ 1781.601495] ? create_object.isra.0+0x3a/0xa20 [ 1781.602397] should_failslab+0x5/0x20 [ 1781.603194] kmem_cache_alloc+0x5b/0x360 [ 1781.603998] ? lock_acquire+0x197/0x490 [ 1781.604820] create_object.isra.0+0x3a/0xa20 [ 1781.605714] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1781.606750] __kmalloc_track_caller+0x177/0x3c0 [ 1781.607688] ? kstrdup_const+0x53/0x80 [ 1781.608513] kstrdup+0x36/0x70 [ 1781.609173] kstrdup_const+0x53/0x80 [ 1781.609931] __kernfs_new_node+0x9d/0x850 [ 1781.610788] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1781.611755] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1781.612871] ? find_next_bit+0x13/0x30 [ 1781.613665] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1781.614729] kernfs_create_dir_ns+0x9c/0x230 [ 1781.615629] cgroup_mkdir+0x318/0xfc0 [ 1781.616423] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1781.617391] kernfs_iop_mkdir+0x14d/0x1e0 [ 1781.618248] vfs_mkdir+0x41f/0x660 [ 1781.618985] do_mkdirat+0x145/0x2a0 [ 1781.619731] ? user_path_create+0xf0/0xf0 [ 1781.620598] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1781.621668] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1781.622718] do_syscall_64+0x33/0x40 [ 1781.623473] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1781.624522] RIP: 0033:0x7f5ff7acbb19 [ 1781.625287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1781.629035] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1781.630582] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1781.632040] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1781.633504] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.634951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1781.636408] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:42:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000000, 0x12, r0, 0x8000000) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x10, r0, 0x10000000) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r5, &(0x7f00000006c0)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=@in6={0xa, 0x4e20, 0xffffffe0, @empty, 0x37d0}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000240)="b98daea2a6e51d7cfa350958fa0255d053962218258b295bf51a6ea7803e0cc48775a74b3e4cd06de4f827dfe3771b45a18a5897970964766d65aaa75a2a242684379f94efc672337cdd272dbd1e7c520905c69c750d6110308889d0a8aeeb99bcbcb2b4fd7eb1d86d", 0x69}], 0x1, &(0x7f0000000380)=[{0x18, 0x110, 0x80000000, "fead5a78eb"}, {0x48, 0x29, 0x3, "b2229fcd1fec94254e4d90b24c4fe0333faef12a0dd451132e875825dd721ab6926244133f89596ec5f51ac399e9c99b151f"}, {0xd0, 0x11, 0x1, "d8603ed9b678c82ca59e35c183e506cda528246f84e2ab14ef16e9ab3c8d43cc92f72cc3ae194ab71a4b879af5fd7bcd28ec50e57b3d6179a2f37b0b5481b9206efed4feb3a37c7fc2249bb4ec12315be2e6e69bed90622a6dde36309b57dc536933a0467ece79ae87dea690b3c5612c10488e338f1cdadf5475bfbc710292bead2b7987a388f1f351e35857e335d26cc3b2ea7e410aaa9b2a7beeacae86d83a7bfbfc5548c95c974410aeede93aeb5b84c4f4735d0e6489001eeaf63be582"}, {0x78, 0x117, 0x1, "f6cb9f437fec5e4bd8c33b2804ff2d90e9f1f018d0e1580f78720ecad179234eb11ea5926b5dd713e03623fa4b7b524cff1a21a0d9e1091db97dfa69af3d566bd23967f7e44c58dcfc86831add2e857b31c63d29716df86f15030756549443bae5796eabee09"}, {0x70, 0x10f, 0x1, "cf0d46a115c4c765d0cbddae13bee811a989164c6d6a4910e5c9267be8b47f4305bb2815fea2a022493653dbe92e1233e1a8481abe62c7d2de0a80ba507a4e71a9e6820f35f821a8a42f915b7e213d7bc58e2ccd1ae73a1497c436"}, {0x88, 0x10a, 0x1, "e37513a8d06679761403952dd0beff44a9f0600724584a62370318831c73745ee23699d09462585635436d783a3097c53e1905743b27a2e31a27c2911af2237b1f804d114bf7b7052b2ceaae6643f91e967ecd1dd9833e535b49ccfd9cb7614f1e12d592910e915fd4407cb17b8f8dd713"}, {0x58, 0xff, 0x8, "c0c427884effb21a7b2e39a6b9ab4d720f56148bb923b9474f4842b6477ea1170cf8a8f60414e771e4ba0075f275bf2cb43ed23cbbd85db02e6be1fcbe03e19e6e"}], 0x2f8}, 0x0, 0x8000, 0x1, {0x0, r6}}, 0x5) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f00000000c0)=@IORING_OP_OPENAT2={0x1c, 0x1, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)={0x28102, 0xfa, 0x4}, &(0x7f0000000080)='./file0\x00', 0x18, 0x0, 0x0, {0x0, r7}}, 0xffffffff) 23:42:53 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 23:42:53 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) [ 1781.842336] device veth0_vlan entered promiscuous mode [ 1781.882258] FAULT_INJECTION: forcing a failure. [ 1781.882258] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.885337] CPU: 0 PID: 9864 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1781.886787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1781.888557] Call Trace: [ 1781.889121] dump_stack+0x107/0x167 [ 1781.889884] should_fail.cold+0x5/0xa [ 1781.890687] ? create_object.isra.0+0x3a/0xa20 [ 1781.891648] should_failslab+0x5/0x20 [ 1781.892490] kmem_cache_alloc+0x5b/0x360 [ 1781.893347] ? mark_held_locks+0x9e/0xe0 [ 1781.894204] create_object.isra.0+0x3a/0xa20 [ 1781.895127] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1781.896185] kmem_cache_alloc_bulk+0x168/0x320 [ 1781.897142] io_submit_sqes+0x707f/0x86a0 [ 1781.898042] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.899079] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.900083] ? lock_downgrade+0x6d0/0x6d0 [ 1781.900956] ? find_held_lock+0x2c/0x110 [ 1781.901807] ? io_submit_sqes+0x86a0/0x86a0 [ 1781.902737] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1781.903285] FAULT_INJECTION: forcing a failure. [ 1781.903285] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.903743] ? wait_for_completion_io+0x270/0x270 [ 1781.903767] ? rcu_read_lock_any_held+0x75/0xa0 [ 1781.903783] ? vfs_write+0x354/0xa30 [ 1781.903806] ? fput_many+0x2f/0x1a0 [ 1781.903826] ? ksys_write+0x1a9/0x260 [ 1781.903855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1781.911547] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1781.912651] do_syscall_64+0x33/0x40 [ 1781.913438] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1781.914517] RIP: 0033:0x7faadcd8fb19 [ 1781.915314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1781.919194] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1781.920807] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1781.922301] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1781.923790] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.925300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1781.926794] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 [ 1781.928348] CPU: 1 PID: 9863 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1781.929802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1781.931547] Call Trace: [ 1781.932117] dump_stack+0x107/0x167 [ 1781.932898] should_fail.cold+0x5/0xa [ 1781.933716] ? create_object.isra.0+0x3a/0xa20 [ 1781.934684] should_failslab+0x5/0x20 [ 1781.935501] kmem_cache_alloc+0x5b/0x360 [ 1781.936366] ? mark_held_locks+0x9e/0xe0 [ 1781.937236] create_object.isra.0+0x3a/0xa20 [ 1781.938141] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1781.939196] kmem_cache_alloc_bulk+0x168/0x320 [ 1781.940143] io_submit_sqes+0x707f/0x86a0 [ 1781.941033] ? percpu_ref_tryget_many+0x143/0x290 [ 1781.942049] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.943075] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1781.944092] ? io_submit_sqes+0x86a0/0x86a0 [ 1781.945004] ? recalibrate_cpu_khz+0x10/0x10 [ 1781.945911] ? ktime_get+0x158/0x1f0 [ 1781.946688] ? lapic_timer_set_periodic+0x60/0x60 [ 1781.947674] ? clockevents_program_event+0x131/0x360 [ 1781.948738] ? tick_program_event+0xa8/0x140 [ 1781.949654] ? hrtimer_interrupt+0x771/0x9b0 [ 1781.950584] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1781.951663] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1781.952746] do_syscall_64+0x33/0x40 [ 1781.953520] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1781.954579] RIP: 0033:0x7fb90a2beb19 [ 1781.955352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1781.959142] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1781.960730] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1781.962200] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1781.963664] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.965138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1781.966592] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:42:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x2}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r5, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7b, &(0x7f0000000180)={0x0, 0x7ba5, 0x1, 0x1, 0xcd, 0x0, r5}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000340)=@IORING_OP_NOP={0x0, 0x1}, 0xd) dup2(r5, r4) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:42:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000340)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'}) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc, 0x40010, r0, 0x10000000) r8 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r8, 0x76d3, 0x0, 0x0, 0x0, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r7, &(0x7f00000001c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x5, 0x4000, @fd=r8, 0x5, 0x0, 0x0, 0x0, 0x1, {0x3, r9}}, 0xffff7fff) syz_io_uring_submit(r3, 0x0, &(0x7f0000000400)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000380)=@isdn={0x22, 0x9, 0x3f, 0x80, 0xfc}, 0x0, 0x0, 0x0, {0x0, r6}}, 0xffff) r10 = signalfd4(r8, &(0x7f0000000240)={[0x7]}, 0x8, 0x100800) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x3000008, 0x40010, r10, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r11 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x282100, 0x143, 0x10}, 0x18) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) copy_file_range(r0, &(0x7f0000000040)=0x3, r11, &(0x7f0000000180)=0xfc, 0x8, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x4) 23:42:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x80) 23:42:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 17) [ 1782.142831] device veth0_vlan entered promiscuous mode [ 1782.263502] FAULT_INJECTION: forcing a failure. [ 1782.263502] name failslab, interval 1, probability 0, space 0, times 0 [ 1782.266054] CPU: 0 PID: 9879 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1782.267508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1782.269300] Call Trace: [ 1782.269871] dump_stack+0x107/0x167 [ 1782.270666] should_fail.cold+0x5/0xa [ 1782.271493] ? create_object.isra.0+0x3a/0xa20 [ 1782.272499] should_failslab+0x5/0x20 [ 1782.273294] kmem_cache_alloc+0x5b/0x360 [ 1782.274147] create_object.isra.0+0x3a/0xa20 [ 1782.275060] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1782.276119] kmem_cache_alloc+0x159/0x360 [ 1782.276999] __kernfs_new_node+0xd4/0x850 [ 1782.277869] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1782.278861] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1782.279855] ? pcpu_alloc+0x12a/0x12f0 [ 1782.280678] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1782.281761] kernfs_create_dir_ns+0x9c/0x230 [ 1782.282690] cgroup_mkdir+0x318/0xfc0 [ 1782.283491] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1782.284492] kernfs_iop_mkdir+0x14d/0x1e0 [ 1782.285358] vfs_mkdir+0x41f/0x660 [ 1782.286108] do_mkdirat+0x145/0x2a0 [ 1782.286871] ? user_path_create+0xf0/0xf0 [ 1782.287737] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1782.288828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1782.289906] do_syscall_64+0x33/0x40 [ 1782.290684] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1782.291748] RIP: 0033:0x7f5ff7acbb19 [ 1782.292538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1782.296346] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1782.297925] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1782.299420] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1782.300928] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1782.302423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1782.303918] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:43:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 18) 23:43:08 executing program 6: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x6766, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x1f}}, './file0\x00'}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:08 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:08 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 23:43:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000340)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) 23:43:08 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(0x0, 0x4a4300, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:08 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) [ 1796.755310] FAULT_INJECTION: forcing a failure. [ 1796.755310] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.757558] CPU: 0 PID: 9887 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1796.758400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1796.759407] Call Trace: [ 1796.759744] dump_stack+0x107/0x167 [ 1796.760194] should_fail.cold+0x5/0xa [ 1796.760685] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1796.761386] should_failslab+0x5/0x20 [ 1796.761854] kmem_cache_alloc+0x5b/0x360 [ 1796.762372] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1796.763069] idr_get_free+0x4b5/0x8f0 [ 1796.763547] idr_alloc_u32+0x170/0x2d0 [ 1796.764025] ? __fprop_inc_percpu_max+0x130/0x130 [ 1796.764630] ? lock_acquire+0x197/0x490 [ 1796.765126] ? __kernfs_new_node+0xff/0x850 [ 1796.765664] idr_alloc_cyclic+0x102/0x230 [ 1796.766176] ? idr_alloc+0x130/0x130 [ 1796.766630] ? rwlock_bug.part.0+0x90/0x90 [ 1796.767165] __kernfs_new_node+0x117/0x850 [ 1796.767682] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1796.768278] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1796.768881] ? pcpu_alloc+0x12a/0x12f0 [ 1796.769367] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1796.770005] kernfs_create_dir_ns+0x9c/0x230 [ 1796.770553] cgroup_mkdir+0x318/0xfc0 [ 1796.771023] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1796.771609] kernfs_iop_mkdir+0x14d/0x1e0 [ 1796.772133] vfs_mkdir+0x41f/0x660 [ 1796.772587] do_mkdirat+0x145/0x2a0 [ 1796.773052] ? user_path_create+0xf0/0xf0 [ 1796.773567] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1796.774220] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1796.774852] do_syscall_64+0x33/0x40 [ 1796.775304] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1796.775932] RIP: 0033:0x7f5ff7acbb19 [ 1796.776383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1796.778621] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1796.779539] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1796.780394] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1796.781283] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1796.782146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1796.783018] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1796.796546] FAULT_INJECTION: forcing a failure. [ 1796.796546] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.798118] CPU: 0 PID: 9898 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1796.798939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1796.799929] Call Trace: [ 1796.800249] dump_stack+0x107/0x167 [ 1796.800728] should_fail.cold+0x5/0xa [ 1796.801182] ? create_object.isra.0+0x3a/0xa20 [ 1796.801734] ? create_object.isra.0+0x3a/0xa20 [ 1796.802279] should_failslab+0x5/0x20 [ 1796.802732] kmem_cache_alloc+0x5b/0x360 [ 1796.803229] ? mark_held_locks+0x9e/0xe0 [ 1796.803720] create_object.isra.0+0x3a/0xa20 [ 1796.804243] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1796.804870] kmem_cache_alloc_bulk+0x168/0x320 [ 1796.805432] io_submit_sqes+0x707f/0x86a0 [ 1796.805954] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.806551] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.807145] ? lock_downgrade+0x6d0/0x6d0 [ 1796.807641] ? find_held_lock+0x2c/0x110 [ 1796.808137] ? io_submit_sqes+0x86a0/0x86a0 [ 1796.808678] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1796.809262] ? wait_for_completion_io+0x270/0x270 [ 1796.809845] ? rcu_read_lock_any_held+0x75/0xa0 [ 1796.810410] ? vfs_write+0x354/0xa30 [ 1796.810860] ? fput_many+0x2f/0x1a0 [ 1796.811314] ? ksys_write+0x1a9/0x260 [ 1796.811775] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1796.812416] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1796.813041] do_syscall_64+0x33/0x40 [ 1796.813489] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1796.814094] RIP: 0033:0x7fb90a2beb19 [ 1796.814538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1796.816811] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1796.817760] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1796.818651] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1796.819535] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1796.820421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1796.821322] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1796.842389] FAULT_INJECTION: forcing a failure. [ 1796.842389] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.845096] CPU: 1 PID: 9893 Comm: syz-executor.0 Not tainted 5.10.172 #1 [ 1796.846531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1796.848252] Call Trace: [ 1796.848817] dump_stack+0x107/0x167 [ 1796.849583] should_fail.cold+0x5/0xa [ 1796.850380] ? create_object.isra.0+0x3a/0xa20 [ 1796.851331] should_failslab+0x5/0x20 [ 1796.852120] kmem_cache_alloc+0x5b/0x360 [ 1796.852967] ? mark_held_locks+0x9e/0xe0 [ 1796.853813] create_object.isra.0+0x3a/0xa20 [ 1796.854716] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1796.855773] kmem_cache_alloc_bulk+0x168/0x320 [ 1796.856742] io_submit_sqes+0x707f/0x86a0 [ 1796.857642] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.858668] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.859666] ? lock_downgrade+0x6d0/0x6d0 [ 1796.860525] ? find_held_lock+0x2c/0x110 [ 1796.861370] ? io_submit_sqes+0x86a0/0x86a0 [ 1796.862273] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1796.863275] ? wait_for_completion_io+0x270/0x270 [ 1796.864273] ? rcu_read_lock_any_held+0x75/0xa0 [ 1796.865237] ? vfs_write+0x354/0xa30 [ 1796.866010] ? fput_many+0x2f/0x1a0 [ 1796.866766] ? ksys_write+0x1a9/0x260 [ 1796.867561] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1796.868643] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1796.869704] do_syscall_64+0x33/0x40 [ 1796.870485] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1796.871545] RIP: 0033:0x7faadcd8fb19 [ 1796.872311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1796.876019] RSP: 002b:00007faada305188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1796.877585] RAX: ffffffffffffffda RBX: 00007faadcea2f60 RCX: 00007faadcd8fb19 [ 1796.879045] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1796.880497] RBP: 00007faada3051d0 R08: 0000000000000000 R09: 0000000000000000 [ 1796.881987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1796.883526] R13: 00007ffc7d50f1cf R14: 00007faada305300 R15: 0000000000022000 23:43:08 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 19) 23:43:08 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 23:43:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x2f52, 0x4, 0x0, 0xfffffffc}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1796.954268] FAULT_INJECTION: forcing a failure. [ 1796.954268] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.956128] CPU: 0 PID: 9911 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1796.956955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1796.957879] Call Trace: [ 1796.958197] dump_stack+0x107/0x167 [ 1796.958619] should_fail.cold+0x5/0xa [ 1796.959049] ? create_object.isra.0+0x3a/0xa20 [ 1796.959576] should_failslab+0x5/0x20 [ 1796.960006] kmem_cache_alloc+0x5b/0x360 [ 1796.960464] ? mark_held_locks+0x9e/0xe0 [ 1796.960927] create_object.isra.0+0x3a/0xa20 [ 1796.961431] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1796.961999] kmem_cache_alloc_bulk+0x168/0x320 [ 1796.962517] io_submit_sqes+0x707f/0x86a0 [ 1796.963002] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.963559] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1796.964109] ? lock_downgrade+0x6d0/0x6d0 [ 1796.964579] ? find_held_lock+0x2c/0x110 [ 1796.965036] ? io_submit_sqes+0x86a0/0x86a0 [ 1796.965535] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1796.966081] ? wait_for_completion_io+0x270/0x270 [ 1796.966656] ? rcu_read_lock_any_held+0x75/0xa0 [ 1796.967178] ? vfs_write+0x354/0xa30 [ 1796.967613] ? fput_many+0x2f/0x1a0 [ 1796.968022] ? ksys_write+0x1a9/0x260 [ 1796.968476] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1796.969077] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1796.969686] do_syscall_64+0x33/0x40 [ 1796.970103] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1796.970706] RIP: 0033:0x7fb90a2beb19 [ 1796.971119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1796.973258] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1796.974107] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1796.974941] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1796.975774] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1796.976626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1796.977473] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:43:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$unlink(0x9, r4, r5) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x800, 0x1) openat(r4, &(0x7f00000000c0)='./file0\x00', 0x4000, 0x14) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r6, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0x30000012}) 23:43:08 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 23:43:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd=r4, 0x0, 0x0, 0x0, {0x8352}, 0x1}, 0x7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:08 executing program 1: r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r0}}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/configfs', 0x400, 0x88) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xe1, 0x8b, 0x1d, 0x40, 0x0, 0x4, 0x82003, 0x5, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000040), 0xd}, 0x1b10, 0x0, 0x23371d36, 0x8, 0x8, 0x6, 0x401, 0x0, 0x9, 0x0, 0xac04}, 0xffffffffffffffff, 0x9, r1, 0x9) 23:43:08 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) [ 1797.126536] FAULT_INJECTION: forcing a failure. [ 1797.126536] name failslab, interval 1, probability 0, space 0, times 0 [ 1797.127935] CPU: 0 PID: 9924 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1797.128699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1797.129625] Call Trace: [ 1797.129927] dump_stack+0x107/0x167 [ 1797.130329] should_fail.cold+0x5/0xa [ 1797.130750] ? create_object.isra.0+0x3a/0xa20 [ 1797.131268] should_failslab+0x5/0x20 [ 1797.131700] kmem_cache_alloc+0x5b/0x360 [ 1797.132185] ? mark_held_locks+0x9e/0xe0 [ 1797.132644] create_object.isra.0+0x3a/0xa20 [ 1797.133128] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1797.133689] kmem_cache_alloc_bulk+0x168/0x320 [ 1797.134201] io_submit_sqes+0x707f/0x86a0 [ 1797.134678] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1797.135225] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1797.135767] ? io_submit_sqes+0x86a0/0x86a0 [ 1797.136241] ? recalibrate_cpu_khz+0x10/0x10 [ 1797.136736] ? ktime_get+0x158/0x1f0 [ 1797.137156] ? lapic_timer_set_periodic+0x60/0x60 [ 1797.137688] ? clockevents_program_event+0x131/0x360 [ 1797.138280] ? tick_program_event+0xa8/0x140 [ 1797.138770] ? hrtimer_interrupt+0x771/0x9b0 [ 1797.139277] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1797.139871] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1797.140458] do_syscall_64+0x33/0x40 [ 1797.140895] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1797.141477] RIP: 0033:0x7fb90a2beb19 [ 1797.141902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1797.142443] FAULT_INJECTION: forcing a failure. [ 1797.142443] name failslab, interval 1, probability 0, space 0, times 0 [ 1797.143990] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1797.144003] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1797.144009] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1797.144015] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1797.144022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1797.144028] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1797.156333] CPU: 1 PID: 9913 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1797.157802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1797.159579] Call Trace: [ 1797.160154] dump_stack+0x107/0x167 [ 1797.160955] should_fail.cold+0x5/0xa [ 1797.161783] ? create_object.isra.0+0x3a/0xa20 [ 1797.162770] should_failslab+0x5/0x20 [ 1797.163592] kmem_cache_alloc+0x5b/0x360 [ 1797.164477] create_object.isra.0+0x3a/0xa20 [ 1797.165439] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1797.166539] kmem_cache_alloc+0x159/0x360 [ 1797.167464] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1797.168683] idr_get_free+0x4b5/0x8f0 [ 1797.169530] idr_alloc_u32+0x170/0x2d0 [ 1797.170375] ? __fprop_inc_percpu_max+0x130/0x130 [ 1797.171417] ? lock_acquire+0x197/0x490 [ 1797.172274] ? __kernfs_new_node+0xff/0x850 [ 1797.173235] idr_alloc_cyclic+0x102/0x230 [ 1797.174129] ? idr_alloc+0x130/0x130 [ 1797.174930] ? rwlock_bug.part.0+0x90/0x90 [ 1797.175862] __kernfs_new_node+0x117/0x850 [ 1797.176787] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1797.177817] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1797.178849] ? pcpu_alloc+0x12a/0x12f0 [ 1797.179695] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1797.180832] kernfs_create_dir_ns+0x9c/0x230 [ 1797.181790] cgroup_mkdir+0x318/0xfc0 [ 1797.182621] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1797.183643] kernfs_iop_mkdir+0x14d/0x1e0 [ 1797.184550] vfs_mkdir+0x41f/0x660 [ 1797.185323] do_mkdirat+0x145/0x2a0 [ 1797.186108] ? user_path_create+0xf0/0xf0 [ 1797.187007] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1797.188130] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1797.189252] do_syscall_64+0x33/0x40 [ 1797.190055] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1797.191153] RIP: 0033:0x7f5ff7acbb19 [ 1797.191955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1797.195893] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1797.197531] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1797.199061] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1797.200594] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1797.202120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1797.203647] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1797.216741] device veth0_vlan entered promiscuous mode 23:43:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000c, 0x13, r3, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r7 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r7, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r7, 0x6628) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:23 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:23 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 23:43:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0) 23:43:23 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:23 executing program 7: ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f0000000040)={0xa3, 0x68, 0x7876}) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x30, r0, 0x10000000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r7 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r8, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r7, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r10, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r10, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r9}}, 0x7f) syz_io_uring_submit(0x0, r4, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000080)={0x10000000}, r7, 0x1, 0x0, 0x1, {0x0, r9}}, 0x47c) 23:43:23 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) sendmsg$inet(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000001500)="a4b1574d3494b079ab284af91f7d184cb727e5fdc412ff94ea20c13f7c2f1bddb2123dc1e9e3e0c6c0d93dceea777f8bca88b6b3fecedd67489183b9fa7496d2172432691296dbc25d20e8e583a850579ccbb53bcef9a5b14da4f214b33f5fef03e3e67373151fb4ddf3472fae", 0x6d}], 0x1, &(0x7f00000015c0)=[@ip_retopts={{0x78, 0x0, 0x7, {[@lsrr={0x83, 0xb, 0xa7, [@remote, @multicast1]}, @end, @lsrr={0x83, 0x7, 0xa4, [@multicast2]}, @generic={0x82, 0xb, "1f9d0eff6a3beaad5a"}, @generic={0x7, 0xb, "1da3c05328e5a693d3"}, @ssrr={0x89, 0xb, 0x4f, [@dev={0xac, 0x14, 0x14, 0x35}, @private=0xa010100]}, @timestamp_prespec={0x44, 0x34, 0x9, 0x3, 0x1, [{@multicast1, 0xfff}, {@remote, 0x6}, {@dev={0xac, 0x14, 0x14, 0x29}, 0x4850083}, {@multicast2, 0x4}, {@loopback, 0x1}, {@private=0xa010100, 0x6}]}]}}}, @ip_retopts={{0xd4, 0x0, 0x7, {[@cipso={0x86, 0x21, 0x1, [{0x7, 0x3, 'o'}, {0x5, 0xb, "af02d250b4d3a53d68"}, {0x5, 0x7, "09958f4463"}, {0x5, 0x6, "e0f0766e"}]}, @rr={0x7, 0x17, 0xd4, [@multicast1, @private=0xa010100, @remote, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x27}]}, @timestamp_prespec={0x44, 0xc, 0xd6, 0x3, 0x0, [{@rand_addr=0x64010101, 0xfffffff8}]}, @timestamp_prespec={0x44, 0x2c, 0xa2, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@broadcast, 0x2b}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@broadcast, 0x3}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x39}]}, @lsrr={0x83, 0x13, 0x39, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x38}, @broadcast, @loopback]}, @timestamp={0x44, 0x1c, 0xb5, 0x0, 0x8, [0x0, 0x1, 0x1, 0x1, 0x3, 0x4]}, @lsrr={0x83, 0x13, 0x4d, [@multicast2, @broadcast, @remote, @multicast1]}, @lsrr={0x83, 0xf, 0x7f, [@empty, @loopback, @multicast1]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x180}, 0x4044043) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x5, 0x2004, @fd_index, 0x81, &(0x7f0000000100)=[{&(0x7f0000000340)="fd083d7709669afd3cb8efb2d0013174ccf50913bad9d211e405ba356b8ea691b2c05a24263d841d3a86ba1a3519f209e404323d5b6de3a92f27fa24b555fd3361fdbb89cd261d7536335e4bb0da2ba17fcd47cc612052584afcdb55bd302470ed840699ba9b64aadc63ec3259b220284cca813b13c938fa88d9b9047130c3271d23e3e4aa1b4a14", 0x88}, {&(0x7f0000000180)="ab9adfa6fe496765c8219197a4cb48a5a75dc8883fb1d9cc3d98b6e02a685d88ef8784dd757aec4919e68322b90d6ad37845ea56365f47e7807c2e6da2a1a9dc0daf5b75b45b78b349a9deba84d74c75ba47757faa63ea17da6b5e97a87691b76d2f4bb0670e796fc59177d334be4d", 0x6f}, {&(0x7f0000000400)="6409d6b35347448acb1e75df1797ef3e52b07feee0914163552e2f0406d90097e9a86411de8bb634c8e9b1e28c4cc57c82705cc57df6a2f34aec74fc537ce82ab7eed3e88c2115aeca2afb225935a15f8d2b54e151db9fa06fb993ea629285972fd1375bbb408f06b8637d00278fe6d259486d8211ddb0bd9f1a6102cca1bb9cfa15b457ace92e7adbc93de720d41b333981bcb0e70cac75f973382a2025c73da7acedae6995fb6f67d263e4e7978be7f57c2711c9e72943be32079d3a31cb5564ddc8bac686e91446d9ffcd9978d24466dd735cd94a469ffe46c69d558f9c61e3e014283709fc04a5958c4adb86b4c48b678d8f519ad473a96fb4ba430bf94f3e4bff253ed58919c31f014a444608dec94ac5c5f195d9b16c255f8ab27d01bb72cc8d5ccdb9201835607a362b1340fea46437ef793c77ab0525d980753406def0025f260bf6dea23e46367d655ec196fdfb56ea4bcd38e641a045270eb07541c415285d1fc9e5063a6df54bda156287c8a39d2c65cffb69d8ca4783ba5dfb7479eafb2ddc3604ed41bc54e7bde6d7d58f03f9b98aea449b5d84f965e1448970306ce3ba6b71dad3936ea96c896cd6a268492bbaf635f61cc2bf1c60bf3d55bb0b6669ab1862a2c5a8690e6b896c8b7d768c2a923c019ab24c4061d9869dea02088dfb963fbef561ea12f2d90d00297b07e12a7c8eff2b8d9b4a61d4f083e37c4cca19675c8e338a53d4d7114233927e2cb4c6ec6f58bb0c3c7d2c6c1ebc8bf33400aa0cad7211081e0fc60866bf2c5d31262706101662fed3ba38c7abe65bb57d4fc7220754a8d642ae9b6a37e264528f5711d896d18856767305831e37c2259fd3aea93290580405b7805dbffeeec8f2440409ef602d3a346a71fb25daad4c2f2db47bb71b03c35289acd4d07fd97ee4d6af79237e294fdab6b9a863a5118ec362ec86daa0980fc659a7539a82a4169b854e35950b11498c27590cfe0f0405739fa5e7fa853caf7f40c044f0a50fae0378e87a89c82041df096bdb0c450986932be4d67c6a7b757c8a2882ada2d02384c53ee2a2ec34eed4223d13ffd43dd127f58f93118a6f9260ff2e486c7b6ad9f974dce24f85d2f1bc5b7111430e89f75cf56f8c73586d02e63c4ac5e4f001f2d0a85c8457f3110f4fe5ad1c970320103d454f5e100c1b08935f05144d60aae61d0bdf19bddbc75145f768df763131a29d8f7d4fad1feb4c7577bd49c927158b706498a03e0c41c52a644132dac0b9609480a0d1c20f79639aaea19c0f65d852b0671c2eb82fc709e92c0a2108d65eca8044fcbb6f0220689510331e06253b0e8a194d37531386daaf0c81b6030fc4692cc4e26efe7a114cb6817233226096cca810cb0ab6f5ee1479c7c37aa1ec1a8998ffa6c4b08db662fd34f128c2e31a988a8ce46ec0c106d9fa75ef09c736130190687faa547cbfc75c7e8ec680d576a51a53af85c908a631527c60ee85c2377640631ff445f14b7b5acbc6fb7ecf8c00848688ab8e0d0aba434715d163cef3097fcb3e9c424c55fc2242bfba1cc17e28f167c2dd5e3b9ab652f534f69731ddf7b137733ba7f0651b251d08aa1309af5e57647beca8692c27c9a1e4db06551a4a8b1a71461250155fd4f16da8f1071dea86bb86b0e8250d4c1dd3754c826b1b56a1788a238260050ab7849641046c28ee21921c938cf75897db9a935255c94bdae239c380c7ac178c912f6940b4f1d8b6ad30ced2cf2cb546b7277d980dcfacc6fa5d8b8326b9b9419e269b93fa7b6aff5f4878ca42dadd9018b6dc55ced372defb7612bf0f59d0cc33a1c9898c6b4daf86de9d15b565c54beeb68a8dd584dae945bf3aaa0b05b8267112c0519495703bef28dea8bd66322a85c5a6d34088551f2b685c0415098286446bc9c37433f277cfbeaee088763b291e5f55be8f5a92a61d81fbd468cecefab6813da172020ad66c8d1ac2c17ae12276972e4cb99c000b54c6f1ef44156b12631467c9cb0747eaf3e89ec93924606444820d04ab12185b30d51a96bd032da1ac23e7c2ad2d513961819147ff4ab24b021f640d73350fc67d9ee1cab27743ce0f98e45d796b55bb3f7bd9028c087141f0d26244016d516c364d0291e1488f50f458c48dfee5225c2d168c43b2edc3a26da847a36a5945eb435c03e8cc634272a04cd5e37a09e2fcf849ae66d296337fd8b458cc9950d47973694c9c8fc7b27ccd61e9aced6c5083fa11caf19ffa1a32ee358d623daf1e093a95ed8f3674c8305f76ee68b75a21e0ac10d71dc51ce37dfc337491fa873582e04e68025d483d98a8ad26d5930600acf9cd07c4dd0f0021771670c363a9794b398b8260b40cf53ced3d92ad1b459c8491dc717ffc4ed0ae5a79e6ca98bf11c7b63184e1168e2082a6033d29c52a3a09c2f2b379d157ba8096e0197ff48a250371d4bc38376466d7680bca77162294662af98a8a33df9f0d70f374ebb394b6e1d6b1c1ec52a26846325d7b544c1f57d828bcfeebb6ef95ac236aa546f81a3bc4d4b73a0fa4b8f87a2704ea4b109247677d5fef90df25fb1e0d349e2aadc6e4c535bbca7513e922c5af41f50cbe710782aa423b1bc8450d6aa34bf9f67c9a324ae18594f0ab593cb95889c987dea7ae7e51b26030691305e0e73bcbbc3c29391c57bfcfe67696e8161fc6bd01fc4736bb617d631e6823942c4e333afc5a6eef456c347712ca9535723338670459d3e46873183440c6e6377a029410d3367164c8edeee187887fd51419243c5afe8a37e18564120d5751b83fe2fcc2cc8358d0588bbdc71b47a0527002d4828b81fe6091908b977eb21987dd6f97578313162ee82c1be8cfa09ff10322d8bc3ff3fb7fa9c9747afb11b206acc93f622666647a88ad4252bbefe49141d00a2d52744a539d4565fe395a5603fa998b125d811f58c4065f2aa20823f40ab7f1921896028124400fbd567d852b13971286f77a10dd3dcfadd31d64579502c267d9f7db9ef760616dc946de6efca9629f2d33e02493f1da559a2c94ac86a62cbc1f46c61f2631660526a17da915c1cb77925651d1c1aa25ad19f3e51b9f628d37df2868aaf2e9563626170de5c724a7c19ba5b478dc1ffe60a76ab48e1796f0f0fdc72e575111d8c40ba6a36cfcd2488eb536e1330c172fee666f5595e961ec09d155d28404ca259282a42a47c1c9877398e534fb4a9a1d13eb4b8ba855751a024473c8b09bc0c49e9ae51e704d4c7c08a254fe04c235da4e56918a3235adb006692850a16d3d7b61bc2413a9652822e98921dc9a4ec572019e369ec02e6b0563022880168683be91e95d81a73165fd2bdd45ac4ce457d501fc10f9e6cc5d701266d216d2e806facd99890df904b86c68aed1111762cb179c7c6dfed7e824ae4deb3ec6288c1051c9e57a528fcb93dacbe7cc0caae45cec307a398b9f6ec503c08351c858546cec61c9e138f28542ad872d5cc29bf5d36fea27d170499e1fad7049794d62f62ed15e90107eb96effd2bcad39f16774a9d0a7ab813d8c821b98068fb27e17ef6d94930ccf93eac2389427052bc4c2c971ff9da54d3960b9f502ef78f1b91963bdb25253b132c22257092bd57be42d7888aea5262364f4856770b963a0df35e5489aed5baee2437118a972d2ed8021faf9fa427d03c4651a68fda4740b203d2cde500980514f269d9d025de6163faffeb39fa6608afd73aa543dba6bd0412bf5adcc50fd0ec3ff92959dd339cd36905a96484c88886e9f3ad4c39aba231c65b4a73116d5d6c401d181afc0ab6d5d1eec92707b6bed9e479982856de37dcf8ecf246baa87f8beb6b206d789b7fd61a6962319bf7f2e38cef448aa867e09fab9fb57403931063f6df301bfdba42a9ee053d0836c8b24bd045f9bbcf10373591798daaef648292b534e4d932b5ce1833fc1141bad87f1ea324c4f6f744f6ed6b6ac1fa825b4b232018561b69d942c699638621e59bc08404a59134806f303d2363e514db94cca8f61c6cef625ef44d4ec4d1537015db144cca45e217bc8a57185ec1f8b7de6a84b862fa2db968aa9066ad74af23c550bf9a59bb89f47d0afc7da6fc3513a8b7ffb4abf275ddf0f6ad40361d0fc22e28740f8ad439b07fc8a6ea4ced5f804719b32d4c85dbd4cbc96bd6a2b27a9d04d7497f26dd7e5b2e92b83e4a2ab245ad9ec94d0ac97ad63b38fc9b3e6a52668ba80de8b1423193e5bcecf4aac90f1b3498d273d8661b0585890215d8513f3bda630dd2791a14eab196a522af1a59a69e7deb488983a66a3be101e3d73850b2830d3c89a18510e167d253ad7abad75e58fc0e46f74fad79dd01209cc891c0acff625fbd12132d20017e28e5fc50ac0af6a3bc2ae492bd0f540e56b46df0ef8f93b8a57127c5fd486d76d5cc35ae1a943d0f09c0604388527a78d683bf7ebbd31ca2009057b3191538744c36a288a9c45ee88ce1cfca5e475c2b5dc3f631d69785df07380b22fe0c080eea0ba4cfbbd58d0c4cab21157b66ef57dab689dc917750836014c3cc5023258dcd3ea497b312a229c9a358f6f35ccc828da8197415285e4d6603f24e9521833f4bbbf61b2f623767d807120b2f7530b915f2ae0f4dd7a3bb72c621149fb6a7b75f6d605b72ac9936a32aea94062f91877893fbd6120055685254d0b1ea749218d9eee62df2f9221ef8a7ba1f0dbc614dfcbd0fbc56df513c88ed9b71f8056a7cacc0524ca553cd53692eed2e10e762ab5c2e23048774bd42840224a061cd3699afc03218e05412267dda55f108b31675bad1ed7758f3135ba22e85674acd5957e44145b9f1171e3fc228e6632cf267ff1dbfbcd46e4584d2ed2273045acd87894eb1a91b0d7b642ed513a4ea954d00554daedd083fd1a0a14916f1033d37e14660297882946fe1e54bc31ee175b8cdc5f47ab343bb886351c4136ed2fb7057b8f024a45e87bde04df211f6681c9618307f81d905dd5d8abb6762eb4bcb9f3dd7a362dffd9f94f166d8bf4bfcf96b70139df21fdae88773e2a5d9f868ff34b259c5b2beae2bcfaf2eb56d2e5b8815ad9ea4184938847ea13007a9e9ebb2e3694e4297761ed78b6823b05153a6777d9e6c82851181887fc6cb35e2490208c28e17cdfb487cab15e2a88b1d95cb1a9dbe488d770882cb73515eb01f5f76e260856a13358cc4d5b1ef11a2997e22d117ce79f4bce31656f0897dfcd43c13832e6080d51a0068df54f940fdd1c52003aecbde3dbcb2989aa12409900ce99232f2b3e611734ce7ac7cd0ba61b95a8965a7b0c7ca1f983465a111e27593762806be3d19fca6f36d080a70e03383edbd2a479ba57cf6667ae61d9ce7760d44e4741495023c244184db5a69c766888856a2bae7089e3d3f6164e028517bac8bac102ef94d523299d2fd8aa14d95fed0fbb5bbc74001ef36c3c67a0d0522b7abb37d1b54f95aaa23789acbe6894719b50960e39c8f40e0a6c3e67b36eae9e175f36d2f34edd9e2d0942e11b679e620765f31aa5a06abc9d16a7d008e44fd6bcf804faca6983763950b7bfd8249f66a2e6d2343be821722e1d39426fe680f3e1b66383b847b3a46f9886a2453e29cea024cfaf5d9bcbef82e97dd9ca78d43128226fd4a486bae7fc592ecbcd791d3f60de25549787eb7fefaa5dabfd872d8f7109546bf0fa5091fd9994b73e0d41b5bf6a32a6ead5ac9b97b61b29ced5e12b688387aa1d0ea67261173f65a3c71fb1af7da317469e2b1093c81568c0bb2de579bb59e9401573216bfc3c156c564148a8df154ede4edc80576456", 0x1000}, {&(0x7f0000001400)="560f4d1cc6c1d74b764a63dbe81a6b80f27191fb849954bc47b23a000d615774dec226580a89ebb3fe210de3668d7e21faa35ee6f6eed32d2eff9cdc91ba2045c43ee897583f3f41fc96a77fd2a2c3f43a21bb757a5fd4b5aa0709c298a2d3d89f3d055e1409c9201199d31c96efc4abec952e482e3c6a807005bc8820830ef89c4d5ec0b1f891da7b80764c9bdb035229ad8ed9cb4ab82c5e2a6f291064e0b87b1336ce052eaa38ba444b3c067b9c17b1c4719e1bd1538f451ec262089d4e1ddb8576f89c18", 0xc6}], 0x4, 0x10, 0x0, {0x3}}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x14908, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = getpid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x20, 0x7, 0x40, 0x4, 0x0, 0x6, 0xc12a, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000040), 0x2}, 0x148b3, 0x6, 0x4, 0x6, 0x8, 0x7, 0x8, 0x0, 0x9, 0x0, 0x1}, r7, 0x8, 0xffffffffffffffff, 0x1) 23:43:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 20) [ 1811.579172] FAULT_INJECTION: forcing a failure. [ 1811.579172] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.581189] CPU: 0 PID: 9953 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1811.582087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1811.583125] Call Trace: [ 1811.583466] dump_stack+0x107/0x167 [ 1811.583934] should_fail.cold+0x5/0xa [ 1811.584418] ? selinux_kernfs_init_security+0x132/0x4c0 [ 1811.585103] should_failslab+0x5/0x20 [ 1811.585586] __kmalloc+0x72/0x3f0 [ 1811.586021] selinux_kernfs_init_security+0x132/0x4c0 [ 1811.586662] ? selinux_file_mprotect+0x600/0x600 [ 1811.587275] ? find_held_lock+0x2c/0x110 [ 1811.587798] ? __kernfs_new_node+0x2ad/0x850 [ 1811.588348] ? lock_downgrade+0x6d0/0x6d0 [ 1811.588891] ? rwlock_bug.part.0+0x90/0x90 [ 1811.589460] security_kernfs_init_security+0x4e/0xb0 [ 1811.590139] __kernfs_new_node+0x531/0x850 [ 1811.590708] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1811.591356] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1811.591989] ? pcpu_alloc+0x12a/0x12f0 [ 1811.592503] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1811.593204] kernfs_create_dir_ns+0x9c/0x230 [ 1811.593791] cgroup_mkdir+0x318/0xfc0 [ 1811.594266] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1811.594907] kernfs_iop_mkdir+0x14d/0x1e0 [ 1811.595469] vfs_mkdir+0x41f/0x660 [ 1811.595951] do_mkdirat+0x145/0x2a0 [ 1811.596441] ? user_path_create+0xf0/0xf0 [ 1811.597008] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1811.597704] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1811.598372] do_syscall_64+0x33/0x40 [ 1811.598865] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1811.599546] RIP: 0033:0x7f5ff7acbb19 [ 1811.600049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1811.602456] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1811.603444] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1811.604393] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1811.605335] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1811.606277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1811.607225] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1811.624451] FAULT_INJECTION: forcing a failure. [ 1811.624451] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.626487] CPU: 0 PID: 9958 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1811.627372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1811.628464] Call Trace: [ 1811.628832] dump_stack+0x107/0x167 [ 1811.629304] should_fail.cold+0x5/0xa [ 1811.629795] ? create_object.isra.0+0x3a/0xa20 [ 1811.630383] should_failslab+0x5/0x20 [ 1811.630873] kmem_cache_alloc+0x5b/0x360 [ 1811.631417] ? mark_held_locks+0x9e/0xe0 [ 1811.631958] create_object.isra.0+0x3a/0xa20 [ 1811.632530] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1811.633186] kmem_cache_alloc_bulk+0x168/0x320 [ 1811.633776] io_submit_sqes+0x707f/0x86a0 [ 1811.634338] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1811.634990] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1811.635626] ? lock_downgrade+0x6d0/0x6d0 [ 1811.636173] ? find_held_lock+0x2c/0x110 [ 1811.636723] ? io_submit_sqes+0x86a0/0x86a0 [ 1811.637303] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1811.637933] ? wait_for_completion_io+0x270/0x270 [ 1811.638571] ? rcu_read_lock_any_held+0x75/0xa0 [ 1811.639180] ? vfs_write+0x354/0xa30 [ 1811.639664] ? fput_many+0x2f/0x1a0 [ 1811.640113] ? ksys_write+0x1a9/0x260 [ 1811.640625] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1811.641284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1811.641935] do_syscall_64+0x33/0x40 [ 1811.642401] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1811.643033] RIP: 0033:0x7fb90a2beb19 [ 1811.643492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1811.645726] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1811.646636] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1811.647486] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 23:43:23 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10088}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x180, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1811.648331] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1811.649385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1811.650358] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1811.700895] device veth0_vlan entered promiscuous mode 23:43:23 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 21) 23:43:23 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 23:43:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x8, 0x0, 0x0, 0x7, 0xf, 0x1, {0x0, 0x0, r3}}, 0x8000) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000006, 0x2010, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast5)\x00'}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="4ea1b77849a05280ce6a2cbf8ffee7c5e27f70d7a96df94b02676022573637c11a99ab8b16", 0x25}], 0x1}, 0x0, 0xc0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1811.849265] FAULT_INJECTION: forcing a failure. [ 1811.849265] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.850785] CPU: 0 PID: 9977 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1811.851565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1811.852502] Call Trace: [ 1811.852808] dump_stack+0x107/0x167 [ 1811.853224] should_fail.cold+0x5/0xa [ 1811.853651] ? create_object.isra.0+0x3a/0xa20 [ 1811.854171] should_failslab+0x5/0x20 [ 1811.854603] kmem_cache_alloc+0x5b/0x360 [ 1811.855066] ? mark_held_locks+0x9e/0xe0 [ 1811.855533] create_object.isra.0+0x3a/0xa20 [ 1811.856022] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1811.856584] kmem_cache_alloc_bulk+0x168/0x320 [ 1811.857119] io_submit_sqes+0x707f/0x86a0 [ 1811.857608] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1811.858164] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1811.858709] ? lock_downgrade+0x6d0/0x6d0 [ 1811.859195] ? find_held_lock+0x2c/0x110 [ 1811.859673] ? io_submit_sqes+0x86a0/0x86a0 [ 1811.860190] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1811.860390] FAULT_INJECTION: forcing a failure. [ 1811.860390] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.860751] ? wait_for_completion_io+0x270/0x270 [ 1811.860765] ? rcu_read_lock_any_held+0x75/0xa0 [ 1811.860775] ? vfs_write+0x354/0xa30 [ 1811.860788] ? fput_many+0x2f/0x1a0 [ 1811.860799] ? ksys_write+0x1a9/0x260 [ 1811.860814] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1811.860824] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1811.860838] do_syscall_64+0x33/0x40 [ 1811.860849] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1811.860857] RIP: 0033:0x7fb90a2beb19 [ 1811.860868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1811.860874] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1811.860886] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1811.860892] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1811.860899] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1811.860905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1811.860911] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1811.887322] CPU: 1 PID: 9979 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1811.888715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1811.890416] Call Trace: [ 1811.890971] dump_stack+0x107/0x167 [ 1811.891724] should_fail.cold+0x5/0xa [ 1811.892509] ? create_object.isra.0+0x3a/0xa20 [ 1811.893463] should_failslab+0x5/0x20 [ 1811.894237] kmem_cache_alloc+0x5b/0x360 [ 1811.895062] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1811.896050] create_object.isra.0+0x3a/0xa20 [ 1811.896958] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1811.897987] __kmalloc+0x16e/0x3f0 [ 1811.898723] selinux_kernfs_init_security+0x132/0x4c0 [ 1811.899769] ? selinux_file_mprotect+0x600/0x600 [ 1811.900735] ? find_held_lock+0x2c/0x110 [ 1811.901582] ? __kernfs_new_node+0x2ad/0x850 [ 1811.902481] ? lock_downgrade+0x6d0/0x6d0 [ 1811.903332] ? rwlock_bug.part.0+0x90/0x90 [ 1811.904204] security_kernfs_init_security+0x4e/0xb0 [ 1811.905259] __kernfs_new_node+0x531/0x850 [ 1811.906119] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1811.907091] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1811.908069] ? pcpu_alloc+0x12a/0x12f0 [ 1811.908877] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1811.909935] kernfs_create_dir_ns+0x9c/0x230 [ 1811.910849] cgroup_mkdir+0x318/0xfc0 [ 1811.911630] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1811.912599] kernfs_iop_mkdir+0x14d/0x1e0 [ 1811.913508] vfs_mkdir+0x41f/0x660 [ 1811.914239] do_mkdirat+0x145/0x2a0 [ 1811.914979] ? user_path_create+0xf0/0xf0 [ 1811.915825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1811.916892] do_syscall_64+0x33/0x40 [ 1811.917647] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1811.918690] RIP: 0033:0x7f5ff7acbb19 [ 1811.919447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1811.923177] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1811.924745] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1811.926196] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1811.927643] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1811.929100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1811.930544] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:43:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000180)=0x10) ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f00000001c0)={0x3, 0x22, 0x1, 0x4ed, 0x3f, 0x20}) io_uring_enter(r0, 0x58ab, 0x40f1, 0x0, 0x0, 0x61) 23:43:23 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 23:43:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r4, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x2, 0x0, r4, &(0x7f0000000180)=0x80, &(0x7f0000000340)=@rc={0x1f, @none}, 0x0, 0x80800}, 0x80000001) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x3, 0x0, 0xffffffffffffffff, 0x0, r8}, 0x7fff) 23:43:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x141d, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r3}}, 0x7f) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x1, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)={0x101080, 0x92, 0x5}, &(0x7f0000000080)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r3}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, r7, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x4, 0x0, r10, &(0x7f0000000340), &(0x7f0000000440)='./file0\x00', 0x2, 0x800, 0x0, {0x0, r3}}, 0x631) syz_io_uring_submit(r5, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1812.004315] FAULT_INJECTION: forcing a failure. [ 1812.004315] name failslab, interval 1, probability 0, space 0, times 0 [ 1812.007324] CPU: 1 PID: 9985 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1812.008736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1812.010432] Call Trace: [ 1812.010982] dump_stack+0x107/0x167 [ 1812.011726] should_fail.cold+0x5/0xa [ 1812.012515] ? create_object.isra.0+0x3a/0xa20 [ 1812.013471] should_failslab+0x5/0x20 [ 1812.014248] kmem_cache_alloc+0x5b/0x360 [ 1812.015084] ? mark_held_locks+0x9e/0xe0 [ 1812.015912] create_object.isra.0+0x3a/0xa20 [ 1812.016823] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 23:43:23 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1812.017866] kmem_cache_alloc_bulk+0x168/0x320 [ 1812.018910] io_submit_sqes+0x707f/0x86a0 [ 1812.019797] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1812.020821] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1812.021804] ? lock_downgrade+0x6d0/0x6d0 [ 1812.022643] ? find_held_lock+0x2c/0x110 [ 1812.023480] ? io_submit_sqes+0x86a0/0x86a0 [ 1812.024365] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1812.025359] ? wait_for_completion_io+0x270/0x270 [ 1812.026349] ? rcu_read_lock_any_held+0x75/0xa0 [ 1812.027291] ? vfs_write+0x354/0xa30 [ 1812.028058] ? fput_many+0x2f/0x1a0 [ 1812.028815] ? ksys_write+0x1a9/0x260 [ 1812.029601] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1812.030663] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1812.031718] do_syscall_64+0x33/0x40 [ 1812.032475] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1812.033531] RIP: 0033:0x7fb90a2beb19 [ 1812.034295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1812.038032] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1812.039574] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1812.041034] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1812.042483] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1812.043931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1812.045381] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1812.149578] device veth0_vlan entered promiscuous mode 23:43:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 22) 23:43:37 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x140) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:37 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) 23:43:37 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = epoll_create1(0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r4 = signalfd4(r0, &(0x7f00000000c0)={[0x1]}, 0x8, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000340)={{r4}, 0x0, 0x18, @inherit={0x68, &(0x7f0000001340)=ANY=[@ANYBLOB="010000000000000004000000000000000600000000000000ee00000000000000000000000000000006000000000000003f000000000000005400000000000000ff01000000000000080000000000000001000000000092d84c490000000000000800000000000000b203fd5eb2c6423681b6b76fbe4fb8d9cdf5829618ef2fbac6790b4c5479808907b21b007538415931065945c3e467bf38e4da6c24bd7cedacfc577083dee7eb927e88055aea0c44b14039d75cd04c4473305cb73d6c5f2777f95cbee70d0a7a1d137b41edd8773c24a0f1089bb281f9804835ee7ca56ac6ebdadf695d3b07928fb0f395594f418f9397e0136c7220d3ba17e9ae72abf7"]}, @name="3a5a5dfcaeb32155c3eb146bd263de6ea1049af9fb2e4ce936f1cb6471ac7a729d8c9c7ed5c7137a6e2048fe72137cda218d639b724b9bd0940677cabee536990336bf48ccd608f2ddad8b1a2e4d4cf97f6ee3ba4f8120d1d1997e6760b5643e3b972c47facf348e33bc4d7bf4e5e7415eb567cc43d82f8bad2ccc123b91f1e41a551c30a0baab319365ade458842e31496dc8a7e0fc3ef30cb5cbd64d052530ce4b74de4bda4ab387dfd28ce3dccdc473de03a5ffdf6ea4a96823e78a8a4e961156e2bb07f12830a42af6eaf0ff464b4ed9f674941fd4d5ee2bdf4216ace205c839a0222b3d37b38c57b54e6e95f159b2990cc8aa935b2d144a6b3974a6d7afd4591ae252f14bd67036dd3d48315efb502f7218d05df02fe8498ed03da848114fd899d860b171680787e9acc763dec09fc102039eb98b7857b4118964aa89ec5ba7689e5099ee080404d40177ab51c5de50e2a0186dc74ec9e0677e2ebea12ef2fc75208f582f0808a6c6c6f24ee6db53a719136afecf2823db0cbf7c0a37070ef7595e2d75ade123f4473eda0e61c87bba66ffb7d09633b5bac6e7cb87a3728a41f15ec960d973e9c3651eaeef55c7427af8f71d14421ed793411e4dcc39b24d03226f358821415a13baca858055ea6b867dfdabaf03dff14647708607b01f81b82288f2a7938f2ce01cc5759e2ecf36fa2b67a32203eec9f3be840a67a7a7f7da93f3c10c1b759fc2f94c757e63a4859e23353e6f4ffd070fe9814559ac09f666cec1f2a4830fcf8cab50794ce2286518f4fae17ef68247a300adfe4f996748f48984a67629ba7e2941cfad45e9cea32ce34b126e56eceb81e4856af4cf8c1f3c4c90543ac38a39dd4b39e10d2d42328df5714edb4165f9d30b38726cc18467ef25efda7d793e496bd97fd2f9e559947193cca9c84642e79abf062411a865fe3b0232d6c0c273e141d5f535188023e16efb41dfe932ab0d672bc5d4122e905e6ec2f2c752a376db240f3604340d9767b5cf66476414cf6d2626f65c7665704087b61eb856e197459f2aa0f4b438fa8c49600385319aa045f7b76acb9acffc1babd87741edd68bce9c7fa161d72c1b85fb8092d32fb0c4dec3a984d7c31575fb68592b26669ff428fef9d9808ca4fae2ecda62e0c67a713aafcfc1fd5c51aa62063a1f37183283d9fdf16e42f0a94c0154bd341701a43d04ea63b67585f4be27bd0e353c5e44c623c9bf2cb7c9f01fbc92541dee4469acd3c7ad88e22a1e7c1acc655623c04449ede380d29b512d60456af2c3a865f6d1f25af43d2a5be54000fd0fe36698d14a47bb9c37b276d686b5e1dc1ba09d0e8b5449bf03b4d647731f578e8b990ff13a52d32e1d13baee823778812cf1967bc651e8e38c413b3b1c8ec013fddcf54537c3b5650004bd3ee12aa7876eee4f8a97510b86f6289727c23b7ea729635ea48464aa1665592061117713a3f68b840cad1e0fbacd6d9a8a7a1ea86bb61bf4710bd7988d2f042cae80fb796605da2a45913b706e80e131ab25b30575cc097456a652577544602b2b88a48d6dde423b07fb769881fbd6ea97a02794487e40327643fffe36d835d92a7a5c4af24ca58c5b4cd50d4a048663d2e6858a5446c1715439397f1827d5c45284940fc647d41a428beced907f2234b97554cfee993ad11f74fa3429a2831329886ce4482252bc85bdcb2b41062b8103f6c201723055642847699f83a111e1197a0014c8dc66db75eb0e5d0ba08ad43e56715d675caa6ad5c5312b67b5852694d08e218dbdc522372dd283bc8a11ac223d1c2cd95e2eb1c26cd82601bc0fa9bb083137bf87129509b1eb8f6fea7888b1c0803a066a492ffbe7d22d46bf027b31f130ed0eb31b30c4df32fe8ee9a56a9cef08b2971f5cbcc18a3065116235192c376f1308fafda4149b9e09c141de302847337d04afcb19c7d597f639e3d303051d9ca7271baef1f65406a9820d9c4a4e25e3b67619b34481844acfe7cb912a5eb5d260ed340d3be38ee908411583276eb58acf2ffe5f069e1c89de5cd26fcb81baca1103059ade0f245e5eea9f2777d150467b1985809782a8868b57f8d01ca0bf89171e6074bf11fc0f162865cb2f5d3446666aec9caa2462ce8f30a7f2b73583c064210fc1a03cc71f266991116a6695ce9e05f355976d7ee86eba6e01e833d81ef8477afc3d3d17b6972ab593561cda5fbfc2599604d05c841aad83a4670ae9390266f701c4f64dcfb5b987fa3e97c0b244eaeaa86068889597ff93a7e44bc7969021866ee7531396b75c39fa5cdc68b6173c6c58a1287945b46f1b624042a05ad6739034d7c7e5e552c4a77d5d7d23c5075e43101ffcceed93d9873a4bcb4a9e49bc5044f9d6bcf4b84fc8fd3c5011ba482df6a863e135e65f4ca240afaf1342f7ad7239660115b40ada33bd076ca84f1390443711210f2395361f7951f22e9b38c8bf12dce358b5d18fde5ca3022649dd5ee0d1c8f84a7b273dfd291eb3f2440cad3f07de3611505e0e52dcab2d8a52affd5be1e01536fb49c8eca53af3d37917c057afda5439a92a75e6ef04def6d990289cde2484a6b639393c96acd01cef289c29350befdeb990ba3758e3bd7c46a05e1062d68a2879366b3fad8f0f26e23f01b00ddf8e3a0b51221040ca2167f370ee4f3731542b3a98736ce3b5650d9f759e4f0262531408b59fe8a41301c2da6041bcbf30be99132b11c723af4fad11d4ba7973d4ff2fcc7c7d7ef2d73ad3fd3669190d05840622051a85e12a74bf24c3422b9bbdff7f3fa8a02bd269f6e39046a7798b003c990beeeead36c2250850762f3e362e6627b9a5a3d36ac877d5e511527b0393612d289c9d2108ba58d58736126c1bb457e252bc3cc12498d33dc2730a0c45a5fabfefac317e1e5d65f89c56b5983af0047495e6e9f064768b394f939c41ee3283dac40122460290c3680ef8f19d5bf02094bcde9e046cf4e117835a1539d35a6ebe6dea38acee8e677ee167b01fb19e9da94ee2c87ca91424dec4e73257477a5d76a9c6bf23f973a240603beaeb8c74480ac3654d06c2ff90c5cd62cf3553d2bed72eb539444faffc3ac540574281b57d8e4fcdb20b05bb6f01f1fcbf63dadb5c94c7cb0f25633d9ed0631ebcd70160191abd7e3f14e2bd922bd6612f9bcdc4364534afc4036c150951ba03d6dc5153e621ebd0956b0bb3e6ea10aeba3f5e33fc53bb922dde1e3512151fa1629674d95056e578649a5e58cc131db52dbad0fdea3e429e5e7d70d4ac163570e6447347baafcac9dfee858a05b40b2c9beda95cff2709cb05624157a527721752af1dd18b38ac53df7fe905b70d456cd8c266543a9bbcfadbc8231fe7252330991c170a6bbe1c7c3c14581c18b92ddec39100c7d599f317cf6db79de89ef5843ee2329cb307a01eadaf28d86a7cd189d8c90f111bff44fca1e4b3931c80ed6a8b044142b17868e9ec91270c2c42db2351ba180bdef6c5bb0c5f9b15e15241f3adcc42681568e6e9dc4fef85a59241526ef408558c53b231ea22ca47cb32a075b031fe20d83ffad39769166dd7e4b1fbc0960c10edfa4cfc97b81b5b61f8bfcb272d145e62c9cf39101fb559090f4c88bb6f9cf8e0725c00fd46c5d317f1d660e0c978cf7d2ae6e3c931e767b73c5cdde97245afe0c69db87715b1aa93552b3a6bd11b0f84b8cdad9f702bb92c8a38c59256427ffeb3d54975e83a41da3e4457d9f377bd378c58f9bb0061f65da9982e3cdfc212ca5b6b4efa5b71be14b410e276fe82053c6a7fdd0833e442d6373292c62d14b6777709c364af3fec407874c22733b930a6d7dde3010dd994ab9fda02a35f5eaf001f62a096db1f8e8a0daa8c430358b6b52dd98d38b674c0f3a539744bf546a0debe2ea50dd5c392c506cd2c3dfa68516050b80038ad225b0c989470aa0404bdf807f53318e71813a89d25093e424c8a9e3cc7ff089d748b5c53f47e2e010971f22995df5e735d542a6c2e0860bccfb5139ef09b15df0357feee5206fbae8daf14b1d9abe63646f1b8714033b93ac52cd0cb96322483c99795a303e57aca051863404afb8bbea53dcf4c2c9b5c073092d5e42b3ae4d3400655f8f47212a9f161fc792bb7772bd40d0c93197f72b0267cc194254b3c7fe576721fe1accf205a822d4636853f4a8b896a494e8441e4fe9fef23cbe9434eb5f6f986e54c858d88f4cc62d1b9ab242dc0bacecf741fbb6aca6e1d9b9fb5eef73848b8ec6d1d43cb2e4fa944a8fbef535c5ee82a78567e91faa87fdddb5435ae2d0e978fa5f54d0c8350a44c59e5eb413edbfa032074ec47b53561f0e2c540f3455584c077c4574d2a8163f8d45fa3b255dd9e46a24a71691fd9d813712e4ef902e76bbf9cfc69125c09c6cfdbbedf27cf899e630337f9ce66ef0f857114fca31ed5696d00cac64bb2261dc82deb40de2a90546f2b138e2867e132795b1a4117ae4d1bd5e70af800100531e42980a9a658f72b58d43c8b796e8be25cf5e95e928c4a697103f1b75f07425e4d9c61ed2a78cc9e594c7deb2fde3bfaf3d5f56a03b813a20ee1db8463fd53c46d40d17d8f90353edebe40fc4bc080255b8dba0d1b8a6a52fc0c53e1cd3425da6b96fa26ac0cec599b636ba0490798cf864cdcdf322a93917af0a56b340872b143428b9422eea5825ab6d9af7eb25b2e874e67be80ecdeb6fda67fd39c48d5980286bde5cf7e520010047b1c0d03575af1308ad364a6fb17129297911248de087e2047f2e1be08b597fd9765ba72acc2c70889e03a34681e0f0e073cb7c76de4439d582c0f4cbbfb73ab421650e9efee1cd0cb60cb3b7e85d29d2c1cff1b907612d8cf7795411b7c2435a4daae14aff6cdf9098401a4474a315483c93a8d1f658d432b2f504bfd8a9d2b3eb6e330d2d99172202a85bf1ccf84d4178203921e86f67e939aa8d204403d6ae90b1638e17ffe52131284e48829b1f168315d4739acdcd2b88e1b281e83d26fbc7a5d8fc94a25a816e09d1f2bce056a83c623764dcf54c69667689c73e215bcd4a40b232c3d9a8690408b1c758acfdf4462a34a152de73373947e3abbae2b1c61e99d0a657138b775b51d17363e6e2e48464b5dac9c03ed1fde2fc38e25906910288bbac8bbe3d356f51fef56985b8d4ba3e90a17f91bacf3cb1f162e6b3e84fa4ff1ec285dc608dd4c7165d07c7237029040d14de8c27c747eb5a8d9c4271d0f963bd9f3a4e84127c87a7dacdb18209eb636b8da7ed18bd930538a43aa4e694e512f299da4d6a23fcf4e26b56b8a67f189690a4d9b077db2fe5515148bfa97623feae4c598e210bfaa49f6edd9284863e91c1b69c6a97ffbba6b7c10e1feed7ce19fe92a96a1c5314b1a65928f87c3271c82a0ee16e78796405969bd851a8356b2a55e7140a449319a1f7c3f82c3f14037a15ee8997e6c0320d1c15a53490fdb9022246f71baa1418e1fe88db7ba7efe2f1dc2e5d10733de21c10a71d1a1d9ce914de32c33e9e0cc5208c354091635d44531fd6c0bfe6f6779e4c572b04f343cc95644399f47826a74b7fdcc2c11be579697c7852be484edaccac466e181ed541094982c3f184d4fd824b1c0ec57beae21df19e172c42f330887833244d8af865929e27aa2875b6b1464bba852b855a505199d0ee0422fce4f1c0a212816cd7d427359f86a6cd2de7d39d39ae72927b3625b7b5bd7"}) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000080)={0x80000006}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd_index=0xa, 0x0, 0x0, 0x80}, 0x81) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:37 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TUNSETVNETLE(r3, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:37 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 23:43:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x2, 0x0, 0x2, 0x2, 0x0, 0x80000000, 0x45020, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000040), 0xa}, 0x8, 0x2, 0x3ff, 0x5, 0x0, 0x5, 0x0, 0x0, 0x5, 0x0, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x2) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:37 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2aa}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000080)={0x3, 'gretap0\x00', {0x10000}, 0xdd4}) [ 1826.249486] FAULT_INJECTION: forcing a failure. [ 1826.249486] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.251662] CPU: 1 PID: 10012 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1826.252701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.253964] Call Trace: [ 1826.254368] dump_stack+0x107/0x167 [ 1826.254942] should_fail.cold+0x5/0xa [ 1826.255534] ? create_object.isra.0+0x3a/0xa20 [ 1826.256243] should_failslab+0x5/0x20 [ 1826.256831] kmem_cache_alloc+0x5b/0x360 [ 1826.257466] ? find_held_lock+0x2c/0x110 [ 1826.258077] create_object.isra.0+0x3a/0xa20 [ 1826.258733] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1826.259500] __kmalloc_node+0x1ae/0x4b0 [ 1826.260166] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1826.260948] memcg_slab_post_alloc_hook+0x1f9/0x3f0 [ 1826.261759] kmem_cache_alloc_bulk+0x182/0x320 [ 1826.262499] io_submit_sqes+0x707f/0x86a0 [ 1826.263176] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1826.263932] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1826.264683] ? lock_downgrade+0x6d0/0x6d0 [ 1826.265316] ? find_held_lock+0x2c/0x110 [ 1826.265936] ? io_submit_sqes+0x86a0/0x86a0 [ 1826.266598] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1826.267340] ? wait_for_completion_io+0x270/0x270 [ 1826.268057] ? rcu_read_lock_any_held+0x75/0xa0 [ 1826.268768] ? vfs_write+0x354/0xa30 [ 1826.269369] ? fput_many+0x2f/0x1a0 [ 1826.269921] ? ksys_write+0x1a9/0x260 [ 1826.270509] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.271298] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.272110] do_syscall_64+0x33/0x40 [ 1826.272674] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1826.273457] RIP: 0033:0x7fb90a2beb19 [ 1826.274027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.276746] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1826.277889] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1826.278978] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1826.279503] FAULT_INJECTION: forcing a failure. [ 1826.279503] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.280034] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.280044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1826.280053] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1826.287914] CPU: 0 PID: 10017 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1826.289374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.291115] Call Trace: [ 1826.291680] dump_stack+0x107/0x167 [ 1826.292451] should_fail.cold+0x5/0xa [ 1826.293278] should_failslab+0x5/0x20 [ 1826.294089] __kmalloc_track_caller+0x79/0x3c0 [ 1826.295043] ? security_context_to_sid_core+0xb4/0x820 [ 1826.296159] kmemdup_nul+0x2d/0xa0 [ 1826.296935] security_context_to_sid_core+0xb4/0x820 [ 1826.298025] ? security_compute_sid.part.0+0x1670/0x1670 [ 1826.299155] ? do_raw_spin_lock+0x121/0x260 [ 1826.300310] ? rwlock_bug.part.0+0x90/0x90 [ 1826.300330] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1826.300358] ? do_raw_spin_unlock+0x4f/0x220 [ 1826.300379] ? _raw_spin_unlock+0x1a/0x30 [ 1826.300409] security_context_to_sid+0x35/0x50 [ 1826.300438] selinux_kernfs_init_security+0x198/0x4c0 [ 1826.300458] ? selinux_file_mprotect+0x600/0x600 [ 1826.300476] ? find_held_lock+0x2c/0x110 [ 1826.300506] ? __kernfs_new_node+0x2ad/0x850 [ 1826.300529] ? lock_downgrade+0x6d0/0x6d0 [ 1826.300577] security_kernfs_init_security+0x4e/0xb0 [ 1826.300601] __kernfs_new_node+0x531/0x850 [ 1826.300630] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1826.300660] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1826.300677] ? pcpu_alloc+0x12a/0x12f0 [ 1826.300705] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1826.300738] kernfs_create_dir_ns+0x9c/0x230 [ 1826.300768] cgroup_mkdir+0x318/0xfc0 [ 1826.300795] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1826.300819] kernfs_iop_mkdir+0x14d/0x1e0 [ 1826.300846] vfs_mkdir+0x41f/0x660 [ 1826.300871] do_mkdirat+0x145/0x2a0 [ 1826.300892] ? user_path_create+0xf0/0xf0 [ 1826.300929] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.300947] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.300974] do_syscall_64+0x33/0x40 [ 1826.300995] entry_SYSCALL_64_after_hwframe+0x61/0xc6 23:43:37 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x1695, &(0x7f0000000040)={0x0, 0xb33f, 0x20, 0x2, 0x389}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0x80}}, './file0\x00'}) [ 1826.301009] RIP: 0033:0x7f5ff7acbb19 [ 1826.301033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.301047] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 23:43:37 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) [ 1826.301072] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1826.301084] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1826.301096] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.301107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1826.301118] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:43:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 23) 23:43:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/if_inet6\x00') close_range(r4, 0xffffffffffffffff, 0x0) accept4$bt_l2cap(r4, &(0x7f00000001c0)={0x1f, 0x0, @none}, &(0x7f0000000240)=0xe, 0x0) r5 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r5, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x3197, &(0x7f0000000040)={0x0, 0x73e0, 0x8, 0x1, 0x382, 0x0, r5}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000180)) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1826.505398] FAULT_INJECTION: forcing a failure. [ 1826.505398] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.508180] CPU: 1 PID: 10031 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1826.509185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.510156] Call Trace: [ 1826.510485] dump_stack+0x107/0x167 [ 1826.510919] should_fail.cold+0x5/0xa [ 1826.511376] ? create_object.isra.0+0x3a/0xa20 23:43:38 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) [ 1826.511949] should_failslab+0x5/0x20 [ 1826.512506] kmem_cache_alloc+0x5b/0x360 [ 1826.512992] create_object.isra.0+0x3a/0xa20 [ 1826.513522] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1826.514127] __kmalloc_track_caller+0x177/0x3c0 [ 1826.514687] ? security_context_to_sid_core+0xb4/0x820 [ 1826.515313] kmemdup_nul+0x2d/0xa0 [ 1826.515743] security_context_to_sid_core+0xb4/0x820 [ 1826.516399] ? security_compute_sid.part.0+0x1670/0x1670 [ 1826.517130] ? do_raw_spin_lock+0x121/0x260 [ 1826.517669] ? rwlock_bug.part.0+0x90/0x90 [ 1826.518235] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1826.518840] ? do_raw_spin_unlock+0x4f/0x220 [ 1826.519414] ? _raw_spin_unlock+0x1a/0x30 [ 1826.519952] security_context_to_sid+0x35/0x50 [ 1826.520564] selinux_kernfs_init_security+0x198/0x4c0 [ 1826.521219] ? selinux_file_mprotect+0x600/0x600 [ 1826.521829] ? find_held_lock+0x2c/0x110 [ 1826.522370] ? __kernfs_new_node+0x2ad/0x850 [ 1826.522931] ? lock_downgrade+0x6d0/0x6d0 [ 1826.523489] ? rwlock_bug.part.0+0x90/0x90 [ 1826.524041] security_kernfs_init_security+0x4e/0xb0 [ 1826.524687] __kernfs_new_node+0x531/0x850 [ 1826.525242] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1826.525833] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1826.526465] ? pcpu_alloc+0x12a/0x12f0 [ 1826.526980] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1826.527675] kernfs_create_dir_ns+0x9c/0x230 [ 1826.528262] cgroup_mkdir+0x318/0xfc0 [ 1826.528741] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1826.529375] kernfs_iop_mkdir+0x14d/0x1e0 [ 1826.529920] vfs_mkdir+0x41f/0x660 [ 1826.530406] do_mkdirat+0x145/0x2a0 [ 1826.530870] ? user_path_create+0xf0/0xf0 [ 1826.531421] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.532103] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.532784] do_syscall_64+0x33/0x40 [ 1826.533282] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1826.533905] RIP: 0033:0x7f5ff7acbb19 [ 1826.534390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.536846] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1826.537796] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1826.538663] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1826.539526] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.540478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 23:43:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_SEND={0x1a, 0x4, 0x0, r6, 0x0, &(0x7f0000000340)="3eb00176f51375e73473c94955d8c05dac2409f825e552ebd33282fa5020b4f8ae114c3a3ee4f4679616a5f5264a0dd7656e68e5ade54c4255e547e90e74b796fc4a6f67a4437554e1b0c7d6cd55e422e88c699b0c35fb9d5ef30d56675e674dce55cf45e807f7f1a32c6aca9bc16141b2987fc312d67089d170692371657bbb88890bbd4ddf92b8d641b3bd46f0405c017eec1f003c7ca9f9c716924e5c12c3bd4eb3188762128e3bd10e2126847f05a2d88303c64f00df4008df2cb7e623b2a08a5d81ff29402dcfde801f713ed8e910038c85bc37ab2914be8a730a8f77c026b6692f4bd083925ad06aab7b97fe46", 0xf0, 0x4040080, 0x1}, 0x5) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1826.541518] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1826.558757] device veth0_vlan entered promiscuous mode [ 1826.650296] FAULT_INJECTION: forcing a failure. [ 1826.650296] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.652552] device veth0_vlan entered promiscuous mode [ 1826.652795] CPU: 0 PID: 10039 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1826.654611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.656333] Call Trace: [ 1826.656891] dump_stack+0x107/0x167 [ 1826.657659] should_fail.cold+0x5/0xa [ 1826.658449] ? create_object.isra.0+0x3a/0xa20 [ 1826.659405] should_failslab+0x5/0x20 [ 1826.660193] kmem_cache_alloc+0x5b/0x360 [ 1826.661051] ? mark_held_locks+0x9e/0xe0 [ 1826.661901] create_object.isra.0+0x3a/0xa20 [ 1826.662801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1826.663855] kmem_cache_alloc_bulk+0x168/0x320 [ 1826.664797] io_submit_sqes+0x707f/0x86a0 [ 1826.665692] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1826.666708] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1826.667697] ? lock_downgrade+0x6d0/0x6d0 [ 1826.668544] ? find_held_lock+0x2c/0x110 [ 1826.669389] ? io_submit_sqes+0x86a0/0x86a0 [ 1826.670284] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1826.671272] ? wait_for_completion_io+0x270/0x270 [ 1826.672263] ? rcu_read_lock_any_held+0x75/0xa0 [ 1826.673235] ? vfs_write+0x354/0xa30 [ 1826.674002] ? fput_many+0x2f/0x1a0 [ 1826.674751] ? ksys_write+0x1a9/0x260 [ 1826.675541] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.676608] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.677676] do_syscall_64+0x33/0x40 [ 1826.678443] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1826.679495] RIP: 0033:0x7fb90a2beb19 [ 1826.680266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.684071] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1826.685634] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1826.687102] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1826.688566] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.690046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1826.691504] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 23:43:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r4}, 0x10000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000000, 0x10, r3, 0x8000000) 23:43:53 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:53 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:43:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 24) 23:43:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000004, 0x30, r4, 0x8000000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r8 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r8, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r13, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r13, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r12}}, 0x7f) syz_io_uring_submit(r5, r7, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x3, 0x0, 0x0, 0x0, &(0x7f0000000080)={r10, r11+60000000}, 0x1, 0x1, 0x1, {0x0, r12}}, 0x5) 23:43:53 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 23:43:53 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) [ 1841.771350] FAULT_INJECTION: forcing a failure. [ 1841.771350] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.773924] CPU: 0 PID: 10062 Comm: syz-executor.2 Not tainted 5.10.172 #1 [ 1841.775389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1841.777148] Call Trace: [ 1841.777725] dump_stack+0x107/0x167 [ 1841.778506] should_fail.cold+0x5/0xa [ 1841.779330] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1841.780438] should_failslab+0x5/0x20 [ 1841.781281] __kmalloc_node+0x76/0x4b0 [ 1841.782129] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1841.783199] memcg_slab_post_alloc_hook+0x1f9/0x3f0 [ 1841.784254] kmem_cache_alloc_bulk+0x182/0x320 [ 1841.785229] io_submit_sqes+0x707f/0x86a0 [ 1841.786131] ? __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1841.787171] __do_sys_io_uring_enter+0xdaa/0x1c00 [ 1841.788196] ? lock_downgrade+0x6d0/0x6d0 [ 1841.789064] ? find_held_lock+0x2c/0x110 [ 1841.789954] ? io_submit_sqes+0x86a0/0x86a0 [ 1841.790885] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1841.791917] ? wait_for_completion_io+0x270/0x270 [ 1841.792936] ? rcu_read_lock_any_held+0x75/0xa0 [ 1841.793950] ? vfs_write+0x354/0xa30 [ 1841.794748] ? fput_many+0x2f/0x1a0 [ 1841.795528] ? ksys_write+0x1a9/0x260 [ 1841.796332] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.797435] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.798510] do_syscall_64+0x33/0x40 [ 1841.799281] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1841.800351] RIP: 0033:0x7fb90a2beb19 [ 1841.801142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.804980] RSP: 002b:00007fb907834188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1841.806560] RAX: ffffffffffffffda RBX: 00007fb90a3d1f60 RCX: 00007fb90a2beb19 [ 1841.808046] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1841.809544] RBP: 00007fb9078341d0 R08: 0000000000000000 R09: 0000000000000000 [ 1841.811026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1841.812507] R13: 00007ffd33432fbf R14: 00007fb907834300 R15: 0000000000022000 [ 1841.830398] FAULT_INJECTION: forcing a failure. [ 1841.830398] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.833293] CPU: 0 PID: 10060 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1841.834749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1841.836470] Call Trace: [ 1841.837030] dump_stack+0x107/0x167 [ 1841.837805] should_fail.cold+0x5/0xa [ 1841.838626] should_failslab+0x5/0x20 [ 1841.839421] __kmalloc_track_caller+0x79/0x3c0 [ 1841.840376] ? sidtab_sid2str_get+0x17e/0x670 [ 1841.841334] kmemdup+0x23/0x50 [ 1841.842015] sidtab_sid2str_get+0x17e/0x670 [ 1841.842914] sidtab_entry_to_string+0x33/0x110 [ 1841.843886] security_sid_to_context_core+0x33d/0x570 [ 1841.844958] selinux_kernfs_init_security+0x234/0x4c0 [ 1841.846063] ? selinux_file_mprotect+0x600/0x600 [ 1841.847037] ? find_held_lock+0x2c/0x110 [ 1841.847897] ? __kernfs_new_node+0x2ad/0x850 [ 1841.848817] ? rwlock_bug.part.0+0x90/0x90 [ 1841.849721] security_kernfs_init_security+0x4e/0xb0 [ 1841.850793] __kernfs_new_node+0x531/0x850 [ 1841.851674] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1841.852678] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1841.853689] ? pcpu_alloc+0x12a/0x12f0 [ 1841.854512] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1841.855605] kernfs_create_dir_ns+0x9c/0x230 [ 1841.856542] cgroup_mkdir+0x318/0xfc0 [ 1841.857367] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1841.858360] kernfs_iop_mkdir+0x14d/0x1e0 [ 1841.859245] vfs_mkdir+0x41f/0x660 [ 1841.859996] do_mkdirat+0x145/0x2a0 [ 1841.860761] ? user_path_create+0xf0/0xf0 [ 1841.861643] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.862741] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.863823] do_syscall_64+0x33/0x40 [ 1841.864603] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1841.865692] RIP: 0033:0x7f5ff7acbb19 [ 1841.866466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.870249] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1841.871821] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1841.873298] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1841.874778] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1841.876266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1841.877759] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:43:53 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 23:43:53 executing program 6: ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'team_slave_1\x00', {0x2, 0x0, @broadcast}}) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1841.926999] device veth0_vlan entered promiscuous mode 23:43:53 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 25) 23:43:53 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 23:43:53 executing program 1: syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0xff, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x21c4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000400)=0x0) r4 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x104d4f, &(0x7f0000000080)={0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000003c0)) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r4, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_setup(0x731d, &(0x7f0000000840)={0x0, 0xfffffffe}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r6, r7, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r8}}, 0x7f) syz_io_uring_submit(r2, r7, &(0x7f00000005c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x4000, @fd_index=0xa, 0xff, &(0x7f0000000540)=[{&(0x7f0000000700)=""/265, 0x109}, {&(0x7f0000000180)=""/89, 0x59}, {&(0x7f0000000240)=""/107, 0x6b}, {&(0x7f0000000340)=""/55, 0x37}, {&(0x7f0000000380)=""/39, 0x27}, {&(0x7f0000000640)=""/104, 0xa4}, {&(0x7f0000000440)=""/195, 0xc3}], 0x7, 0x10, 0x0, {0x0, r8}}, 0x200) 23:43:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x30f}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x16d6, 0x70c5, 0x3, &(0x7f0000000040), 0x8) recvmsg(r0, &(0x7f00000017c0)={&(0x7f0000000340)=@alg, 0x80, &(0x7f0000001700)=[{&(0x7f00000003c0)=""/238, 0xee}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)}, {&(0x7f0000001500)=""/66, 0x42}, {&(0x7f0000001580)=""/132, 0x84}, {&(0x7f0000001640)=""/125, 0x7d}, {&(0x7f00000016c0)=""/46, 0x2e}], 0x7, &(0x7f0000001780)=""/24, 0x18}, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r4, 0x7, &(0x7f00000014c0), 0x1) r5 = socket$inet_tcp(0x2, 0x1, 0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r6}}, 0x7f) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r6}}, 0x4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) ioctl$FIONCLEX(r0, 0x5450) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:43:53 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) [ 1842.193849] device veth0_vlan entered promiscuous mode [ 1842.289379] FAULT_INJECTION: forcing a failure. [ 1842.289379] name failslab, interval 1, probability 0, space 0, times 0 [ 1842.292298] CPU: 1 PID: 10086 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1842.293581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1842.295154] Call Trace: [ 1842.295649] dump_stack+0x107/0x167 [ 1842.296338] should_fail.cold+0x5/0xa [ 1842.297074] ? create_object.isra.0+0x3a/0xa20 [ 1842.298037] should_failslab+0x5/0x20 [ 1842.298943] kmem_cache_alloc+0x5b/0x360 [ 1842.299910] ? sidtab_sid2str_get+0x65/0x670 [ 1842.300955] create_object.isra.0+0x3a/0xa20 [ 1842.301998] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1842.303216] __kmalloc_track_caller+0x177/0x3c0 [ 1842.304226] ? sidtab_sid2str_get+0x17e/0x670 [ 1842.305094] kmemdup+0x23/0x50 [ 1842.305734] sidtab_sid2str_get+0x17e/0x670 [ 1842.306678] sidtab_entry_to_string+0x33/0x110 [ 1842.307543] security_sid_to_context_core+0x33d/0x570 [ 1842.308506] selinux_kernfs_init_security+0x234/0x4c0 [ 1842.309469] ? selinux_file_mprotect+0x600/0x600 [ 1842.310348] ? find_held_lock+0x2c/0x110 [ 1842.311111] ? __kernfs_new_node+0x2ad/0x850 [ 1842.311928] ? rwlock_bug.part.0+0x90/0x90 [ 1842.312716] security_kernfs_init_security+0x4e/0xb0 23:43:53 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1842.313657] __kernfs_new_node+0x531/0x850 [ 1842.314643] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1842.315521] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1842.316408] ? pcpu_alloc+0x12a/0x12f0 [ 1842.317141] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1842.318100] kernfs_create_dir_ns+0x9c/0x230 [ 1842.318919] cgroup_mkdir+0x318/0xfc0 [ 1842.319630] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1842.320500] kernfs_iop_mkdir+0x14d/0x1e0 [ 1842.321266] vfs_mkdir+0x41f/0x660 [ 1842.321931] do_mkdirat+0x145/0x2a0 [ 1842.322612] ? user_path_create+0xf0/0xf0 [ 1842.323390] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1842.324361] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1842.325343] do_syscall_64+0x33/0x40 [ 1842.326040] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1842.326994] RIP: 0033:0x7f5ff7acbb19 [ 1842.327688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1842.331091] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1842.332467] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1842.333762] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1842.335055] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1842.336345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1842.337653] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:43:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:07 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 26) 23:44:07 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:44:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r5 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r5, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x9) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:07 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 23:44:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x40000, &(0x7f0000000280)=[{&(0x7f00000006c0)="ff33ad1311a646aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xf0}], 0x1, 0x7, 0x0, {0x0, r3}}, 0x7f) syz_io_uring_setup(0x7ae6, &(0x7f00000004c0)={0x0, 0x71ba, 0x2, 0x0, 0xc3}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000540), &(0x7f0000000580)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000480)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x8, 0x3, 0x0, 0x9, 0x0, 0x0, {0x0, r3}}, 0x40) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000440)=@IORING_OP_SEND={0x1a, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)="511535dfa086f33e2fd90d46464828a9eecb110635c8c55ad9c6f610e58e0957207907d69e9f0f0989ab30f95032fd042a1eb968bd9fe21cd45b533bf5825d6767eda9eeeb2ea15dc175e6fa2e0495d07051f65b38091cb2ad2e33982d5a3a373901e710ef1009e0b680b2656caa4afd11a4c740131638158473c674f9ea4c2bca1618e725484b4c2f8ba7be788f2e06aa8b279c0bc0574760da698d2aac723570aca4f682e745ccaa3fc1862c7704e49171d5bfbff3c6ba7077e185cebb37", 0xbf, 0x4000000, 0x1}, 0x9) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000008c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd, 0xffff, 0x0, 0x6, 0x0, 0x1}, 0x5) r7 = syz_io_uring_setup(0x362c, &(0x7f0000000040)={0x0, 0xc7f0, 0x1, 0x1, 0x7f, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000180)) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000340)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)=0x80, &(0x7f0000000240)=@isdn, 0x0, 0x800, 0x1, {0x0, r9}}, 0x9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) pread64(r7, &(0x7f00000005c0)=""/255, 0xff, 0x6) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000001, 0x810, r0, 0x8000000) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r5 = syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x50a4, 0x0, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r4}}, 0x7f) syz_io_uring_submit(r3, 0x0, &(0x7f0000000080)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, r4}}, 0x3) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x1) r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8, 0x1010, r5, 0x10000000) syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) r11 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(r9, r10, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r12, r10, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r11, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000340)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000100)={0x10002000}, r11, 0x3, 0x0, 0x1, {0x0, r7}}, 0xffff525b) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:07 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:07 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:44:07 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 23:44:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1856.403904] device veth0_vlan entered promiscuous mode [ 1856.405739] FAULT_INJECTION: forcing a failure. [ 1856.405739] name failslab, interval 1, probability 0, space 0, times 0 [ 1856.408618] CPU: 1 PID: 10127 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1856.410032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1856.411717] Call Trace: [ 1856.412259] dump_stack+0x107/0x167 [ 1856.412998] should_fail.cold+0x5/0xa [ 1856.413781] ? __kernfs_iattrs+0xbc/0x470 [ 1856.414624] should_failslab+0x5/0x20 [ 1856.415392] kmem_cache_alloc+0x5b/0x360 [ 1856.416221] __kernfs_iattrs+0xbc/0x470 [ 1856.417039] kernfs_xattr_set+0x2b/0x80 [ 1856.417857] selinux_kernfs_init_security+0x268/0x4c0 [ 1856.418896] ? selinux_file_mprotect+0x600/0x600 [ 1856.419855] ? find_held_lock+0x2c/0x110 [ 1856.420688] ? __kernfs_new_node+0x2ad/0x850 [ 1856.421597] ? rwlock_bug.part.0+0x90/0x90 [ 1856.422462] security_kernfs_init_security+0x4e/0xb0 [ 1856.423482] __kernfs_new_node+0x531/0x850 [ 1856.424329] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1856.425290] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1856.426262] ? pcpu_alloc+0x12a/0x12f0 [ 1856.427051] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1856.428090] kernfs_create_dir_ns+0x9c/0x230 [ 1856.428979] cgroup_mkdir+0x318/0xfc0 [ 1856.429760] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1856.430709] kernfs_iop_mkdir+0x14d/0x1e0 [ 1856.431546] vfs_mkdir+0x41f/0x660 [ 1856.432266] do_mkdirat+0x145/0x2a0 [ 1856.432999] ? user_path_create+0xf0/0xf0 [ 1856.433845] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1856.434892] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1856.435930] do_syscall_64+0x33/0x40 [ 1856.436683] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1856.437705] RIP: 0033:0x7f5ff7acbb19 [ 1856.438477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1856.442089] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1856.443615] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1856.445042] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1856.446498] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1856.447918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1856.449338] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1856.599263] device veth0_vlan entered promiscuous mode 23:44:22 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 23:44:22 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000100)=0x1) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) 23:44:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x3a4}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x13, r0, 0x8000000) r4 = pidfd_open(0xffffffffffffffff, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = socket$inet(0x2, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r7, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r6, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000380)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)='./file0\x00', 0xa9e4e8b0ea9c7de2, 0x41400, 0x12345, {0x0, r5}}, 0x20) syz_io_uring_setup(0x2, &(0x7f0000000040)={0x0, 0x50a6, 0x4, 0x0, 0x1a7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f0000000140), 0x0) syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="ff33ad46aaa09104729f3e65cc61c454dd10e80ee5cacfe8c37ab071cbf5cb251588ec3237705c8c84a09ee3cc427ece0c6c828ee04423c99c7efd80f95b79ce13750fbb3d65c116ab74b7d312984f90c0fcd10261b8e552b01b7183acbbe57a41011b0abf326f298bd24359245194c91a1a1541982a128eb286c639a8d8cf50f57702911ae9ac1c90243e042029db3fd6c8e96961760f1075ba39d8ff76485999b3daec4902a33143391dafb32aecbfc3f707730f03a9746aac9bffbba8059fb866c228fe3cd89f6873702a030d861db15090592dc5bddea73a81b2418a587955998eea4b63ec5521fcbb0562", 0xed}], 0x1, 0x7, 0x0, {0x0, r5}}, 0x7f) syz_io_uring_submit(r3, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x2, 0x4004, @fd=r4, 0x7, &(0x7f0000000040)="a20cbd1ced15a4e06445ec39be9f4310e35f3a7c83f25c82e6befb03ca614f584693d96df32e796438d62bc1a34f40b5605c620e5eadae0feaba", 0x3a, 0x10, 0x1, {0x0, r5}}, 0x1f) flock(0xffffffffffffffff, 0xb) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 27) 23:44:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) 23:44:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x2, 0x1, &(0x7f0000000040)="3dd8c6bcd5f17f7b00b07a02b61e0fc79d141dbc57008d3ba224465ec465b73af850", 0x1, 0x0, 0x0, {0x2}}, 0xfffff274) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x5, 0x0, r3, 0x80, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @empty}, 0x4, 0x2, 0x3, 0x1}}}, 0x3f) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 5: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x0) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) syz_open_dev$hiddev(&(0x7f0000000140), 0xb5, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1870.682363] FAULT_INJECTION: forcing a failure. [ 1870.682363] name failslab, interval 1, probability 0, space 0, times 0 [ 1870.684126] CPU: 0 PID: 10154 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1870.684947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1870.685940] Call Trace: [ 1870.686272] dump_stack+0x107/0x167 [ 1870.686704] should_fail.cold+0x5/0xa [ 1870.687161] ? create_object.isra.0+0x3a/0xa20 [ 1870.687709] should_failslab+0x5/0x20 [ 1870.688170] kmem_cache_alloc+0x5b/0x360 [ 1870.688657] ? find_held_lock+0x2c/0x110 [ 1870.689139] create_object.isra.0+0x3a/0xa20 [ 1870.689665] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1870.690268] kmem_cache_alloc+0x159/0x360 [ 1870.690779] __kernfs_iattrs+0xbc/0x470 [ 1870.691260] kernfs_xattr_set+0x2b/0x80 [ 1870.691753] selinux_kernfs_init_security+0x268/0x4c0 [ 1870.692372] ? selinux_file_mprotect+0x600/0x600 [ 1870.692937] ? find_held_lock+0x2c/0x110 [ 1870.693428] ? __kernfs_new_node+0x2ad/0x850 [ 1870.693975] ? rwlock_bug.part.0+0x90/0x90 [ 1870.694480] security_kernfs_init_security+0x4e/0xb0 [ 1870.695086] __kernfs_new_node+0x531/0x850 [ 1870.695596] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1870.696170] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1870.696741] ? pcpu_alloc+0x12a/0x12f0 [ 1870.697208] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1870.697842] kernfs_create_dir_ns+0x9c/0x230 [ 1870.698368] cgroup_mkdir+0x318/0xfc0 [ 1870.698823] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1870.699391] kernfs_iop_mkdir+0x14d/0x1e0 [ 1870.699885] ? kcov_remote_stop+0x310/0x310 [ 1870.700407] vfs_mkdir+0x41f/0x660 [ 1870.700823] do_mkdirat+0x145/0x2a0 [ 1870.701245] ? user_path_create+0xf0/0xf0 [ 1870.701749] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1870.702352] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1870.702958] do_syscall_64+0x33/0x40 [ 1870.703390] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1870.703996] RIP: 0033:0x7f5ff7acbb19 [ 1870.704437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1870.706591] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1870.707503] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1870.708338] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1870.709188] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1870.710044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1870.710888] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 23:44:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 23:44:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r4, r5, &(0x7f00000006c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_setup(0x46b3, &(0x7f0000000180)={0x0, 0xc5b8, 0x2, 0x0, 0x2ab, 0x0, r3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000240)=0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000000)=@IORING_OP_FSYNC, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 0: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) 23:44:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) flock(0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = creat(&(0x7f0000000040)='./file0\x00', 0xb6a3b67e2b56f4a2) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) flock(0xffffffffffffffff, 0xf) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0xfffffffffffffff7, 0x0, 0x0, 0x6, 0x1}, 0xfff) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8000) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) 23:44:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE, 0x8000) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000005, 0x20010, r3, 0x0) r4 = syz_io_uring_setup(0x731d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000002a40)) io_uring_enter(r4, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x65fb, &(0x7f0000000180)={0x0, 0x552, 0x8, 0x0, 0xa1, 0x0, r4}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000240)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x401}}, './file0\x00'}) openat(r3, &(0x7f00000000c0)='./file0\x00', 0xa00, 0x34) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x0, 0x0) syz_io_uring_setup(0x642b, &(0x7f0000000080)={0x0, 0xc1d, 0x0, 0x0, 0x4d, 0x0, r4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:44:22 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r3, 0x71d7b000) rmdir(&(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r4, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 28) [ 1870.959967] device veth0_vlan entered promiscuous mode [ 1871.064428] FAULT_INJECTION: forcing a failure. [ 1871.064428] name failslab, interval 1, probability 0, space 0, times 0 [ 1871.067080] CPU: 1 PID: 10203 Comm: syz-executor.4 Not tainted 5.10.172 #1 [ 1871.068498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1871.070173] Call Trace: [ 1871.070727] dump_stack+0x107/0x167 [ 1871.071473] should_fail.cold+0x5/0xa [ 1871.072253] ? kvmalloc_node+0x119/0x170 [ 1871.073084] should_failslab+0x5/0x20 [ 1871.073865] __kmalloc_node+0x76/0x4b0 [ 1871.074663] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1871.075646] kvmalloc_node+0x119/0x170 [ 1871.076440] simple_xattr_alloc+0x43/0xa0 [ 1871.077283] simple_xattr_set+0x75/0x610 [ 1871.078142] kernfs_xattr_set+0x50/0x80 [ 1871.078959] selinux_kernfs_init_security+0x268/0x4c0 [ 1871.080000] ? selinux_file_mprotect+0x600/0x600 [ 1871.080959] ? find_held_lock+0x2c/0x110 [ 1871.081687] device veth0_vlan entered promiscuous mode [ 1871.081848] ? __kernfs_new_node+0x2ad/0x850 [ 1871.083408] ? rwlock_bug.part.0+0x90/0x90 [ 1871.084438] security_kernfs_init_security+0x4e/0xb0 [ 1871.085668] __kernfs_new_node+0x531/0x850 [ 1871.086693] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1871.087838] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1871.088992] ? pcpu_alloc+0x12a/0x12f0 [ 1871.089957] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 1871.091117] kernfs_create_dir_ns+0x9c/0x230 [ 1871.092014] cgroup_mkdir+0x318/0xfc0 [ 1871.092789] ? cgroup_destroy_locked+0x6f0/0x6f0 [ 1871.093769] kernfs_iop_mkdir+0x14d/0x1e0 [ 1871.094598] vfs_mkdir+0x41f/0x660 [ 1871.095334] do_mkdirat+0x145/0x2a0 [ 1871.096064] ? user_path_create+0xf0/0xf0 [ 1871.096892] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1871.097954] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1871.098981] do_syscall_64+0x33/0x40 [ 1871.099719] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1871.100728] RIP: 0033:0x7f5ff7acbb19 [ 1871.101468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1871.105427] RSP: 002b:00007f5ff5041188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1871.107206] RAX: ffffffffffffffda RBX: 00007f5ff7bdef60 RCX: 00007f5ff7acbb19 [ 1871.108865] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000008 [ 1871.110536] RBP: 00007f5ff50411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1871.112193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1871.113883] R13: 00007ffffb68f3ef R14: 00007f5ff5041300 R15: 0000000000022000 [ 1884.787994] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff8880469c54e0 (size 144): comm "syz-executor.4", pid 10203, jiffies 4296538083 (age 22.187s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 d6 1d 09 64 00 00 00 00 ...........d.... 3b 77 c0 23 00 00 00 00 d6 1d 09 64 00 00 00 00 ;w.#.......d.... backtrace: [<00000000b07ff7e1>] __kernfs_iattrs+0xbc/0x470 [<0000000096bebd86>] kernfs_xattr_set+0x2b/0x80 [<0000000009b7aafe>] selinux_kernfs_init_security+0x268/0x4c0 [<000000004b4c1469>] security_kernfs_init_security+0x4e/0xb0 [<00000000847bc553>] __kernfs_new_node+0x531/0x850 [<0000000022461321>] kernfs_create_dir_ns+0x9c/0x230 [<000000005f0c466f>] cgroup_mkdir+0x318/0xfc0 [<00000000e021c393>] kernfs_iop_mkdir+0x14d/0x1e0 [<00000000a8cc3710>] vfs_mkdir+0x41f/0x660 [<000000002eb29865>] do_mkdirat+0x145/0x2a0 [<000000003ad743ff>] do_syscall_64+0x33/0x40 [<00000000eb519550>] entry_SYSCALL_64_after_hwframe+0x61/0xc6 BUG: leak checking failed VM DIAGNOSIS: 23:44:45 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=0000000000000002 RCX=1ffffffff0cf6baa RDX=fffffbfff0cf32e6 RSI=0000000000000008 RDI=ffffffff867b5d50 RBP=ffff88804a860000 RSP=ffff888046936f38 R8 =0000000000000000 R9 =ffffffff8679972f R10=fffffbfff0cf32e5 R11=0000000000000001 R12=0000000000000002 R13=dffffc0000000000 R14=ffff88804a8608b8 R15=0000000000000000 RIP=ffffffff812666a4 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdc92a89020 CR3=00000000092fc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004190b3fca0000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=0000000000004000 RCX=ffffffff8135a7ea RDX=1ffffffff09c6458 RSI=ffffffff8135a800 RDI=ffffffff84e322c0 RBP=ffffffff84e322c0 RSP=ffff888034be76e0 R8 =0000000000000001 R9 =ffff88806ce3c207 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=ffff88804864cd40 R15=0000000000000001 RIP=ffffffff811dfec0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c0002f6410 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffeca516ff8 CR3=00000000092fc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000414981d7341530fa XMM01=00000000000000003f847ae147ae147b XMM02=00000000000000000000000000000000 XMM03=00000000000000003f7376ef0fe5658a XMM04=00000000000000003fd44dcdd16fcf82 XMM05=000000c0069e9530000000c006979e00 XMM06=00000000000000003fd3333333333333 XMM07=00000000000000003fd0000000000000 XMM08=00000000000000003fc089ffd0e92810 XMM09=0000000000000000bfd48f2da4a5aac6 XMM10=00000000000000003fa95e93972e0990 XMM11=000000c006b8ee40000000c006b8ec80 XMM12=000000c006b8f240000000c006b8f080 XMM13=000000c006b8f380000000c006b8f300 XMM14=000000c006b8f4c0000000c006b8f440 XMM15=000000c006bc3350000000c006bc32f0