12: 0000000000000001 [ 991.190535] R13: 00007ffd5e86535f R14: 00007fad10c5d300 R15: 0000000000022000 [ 991.195841] FAULT_INJECTION: forcing a failure. [ 991.195841] name failslab, interval 1, probability 0, space 0, times 0 [ 991.197407] CPU: 0 PID: 7513 Comm: syz-executor.7 Not tainted 5.10.255 #1 [ 991.198327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.199429] Call Trace: [ 991.199793] dump_stack+0x107/0x167 [ 991.200297] should_fail.cold+0x5/0xa [ 991.200812] ? vm_area_dup+0x78/0x290 [ 991.201332] should_failslab+0x5/0x20 [ 991.201843] kmem_cache_alloc+0x5b/0x310 [ 991.202386] vm_area_dup+0x78/0x290 [ 991.202885] ? __lockdep_reset_lock+0x180/0x180 [ 991.203517] ? mark_lock+0xf5/0x2df0 [ 991.204027] ? lock_acquire+0x197/0x470 [ 991.204557] ? lock_chain_count+0x20/0x20 [ 991.205112] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 991.205733] ? lock_downgrade+0x6d0/0x6d0 [ 991.206286] ? lock_chain_count+0x20/0x20 [ 991.206851] ? vm_area_alloc+0x110/0x110 [ 991.207407] ? __lock_acquire+0x1657/0x5b00 [ 991.207997] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 991.208683] ? SOFTIRQ_verbose+0x10/0x10 [ 991.209216] ? vmacache_find+0x55/0x2a0 [ 991.209751] __split_vma+0xa8/0x4e0 [ 991.210232] __do_munmap+0xfae/0x1260 [ 991.210736] ? arch_get_unmapped_area+0x450/0x450 [ 991.211389] ? lock_release+0x680/0x680 [ 991.211912] mmap_region+0x7cc/0x1500 [ 991.212424] do_mmap+0x868/0x1370 [ 991.212890] vm_mmap_pgoff+0x198/0x1f0 [ 991.213408] ? randomize_page+0xb0/0xb0 [ 991.213941] ksys_mmap_pgoff+0x41c/0x560 [ 991.214477] ? find_mergeable_anon_vma+0x250/0x250 [ 991.215131] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.215829] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.216511] do_syscall_64+0x33/0x40 [ 991.217007] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 991.217680] RIP: 0033:0x7f94c1fe1b19 [ 991.218175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.220632] RSP: 002b:00007f94bf557188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 991.221630] RAX: ffffffffffffffda RBX: 00007f94c20f4f60 RCX: 00007f94c1fe1b19 [ 991.222573] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 991.223532] RBP: 00007f94bf5571d0 R08: 0000000000000003 R09: 0000000000000000 [ 991.224469] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 991.225406] R13: 00007ffc038e631f R14: 00007f94bf557300 R15: 0000000000022000 21:20:23 executing program 4: setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=@gcm_256={{0x303}, "3277f964ee9ad236", "8fdf9e7d6c9c60a710ff1edad585c9973deb1791cd3b00000000000000f600", "e2df7bd7"}, 0x38) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) 21:20:23 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 2) [ 991.294075] FAULT_INJECTION: forcing a failure. [ 991.294075] name failslab, interval 1, probability 0, space 0, times 0 [ 991.295585] CPU: 0 PID: 7522 Comm: syz-executor.7 Not tainted 5.10.255 #1 [ 991.296455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.297530] Call Trace: [ 991.297874] dump_stack+0x107/0x167 [ 991.298339] should_fail.cold+0x5/0xa [ 991.298823] ? create_object.isra.0+0x3a/0xa30 [ 991.299410] should_failslab+0x5/0x20 [ 991.299888] kmem_cache_alloc+0x5b/0x310 [ 991.300403] create_object.isra.0+0x3a/0xa30 [ 991.300948] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.301593] kmem_cache_alloc+0x159/0x310 [ 991.302128] vm_area_dup+0x78/0x290 [ 991.302591] ? __lockdep_reset_lock+0x180/0x180 [ 991.303170] ? mark_lock+0xf5/0x2df0 [ 991.303644] ? lock_acquire+0x197/0x470 [ 991.304144] ? lock_chain_count+0x20/0x20 [ 991.304664] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 991.305269] ? lock_downgrade+0x6d0/0x6d0 [ 991.305819] ? vm_area_alloc+0x110/0x110 [ 991.306335] ? __lock_acquire+0x1657/0x5b00 [ 991.306893] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 991.307557] ? SOFTIRQ_verbose+0x10/0x10 [ 991.308064] ? vmacache_find+0x55/0x2a0 [ 991.308562] __split_vma+0xa8/0x4e0 [ 991.309031] __do_munmap+0xfae/0x1260 [ 991.309529] ? arch_get_unmapped_area+0x450/0x450 [ 991.310165] ? lock_release+0x680/0x680 [ 991.310672] mmap_region+0x7cc/0x1500 [ 991.311156] do_mmap+0x868/0x1370 [ 991.311604] vm_mmap_pgoff+0x198/0x1f0 [ 991.312112] ? randomize_page+0xb0/0xb0 [ 991.312635] ksys_mmap_pgoff+0x41c/0x560 [ 991.313138] ? find_mergeable_anon_vma+0x250/0x250 [ 991.313764] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.314428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.315087] do_syscall_64+0x33/0x40 [ 991.315565] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 991.316211] RIP: 0033:0x7f94c1fe1b19 [ 991.316678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.319004] RSP: 002b:00007f94bf557188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 991.319954] RAX: ffffffffffffffda RBX: 00007f94c20f4f60 RCX: 00007f94c1fe1b19 [ 991.320840] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 991.321723] RBP: 00007f94bf5571d0 R08: 0000000000000003 R09: 0000000000000000 [ 991.322607] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 991.323481] R13: 00007ffc038e631f R14: 00007f94bf557300 R15: 0000000000022000 21:20:39 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) 21:20:39 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 2) 21:20:39 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:20:39 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:20:39 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:20:39 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 1) [ 1007.023549] FAULT_INJECTION: forcing a failure. [ 1007.023549] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.026918] CPU: 1 PID: 7534 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1007.028941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.031339] Call Trace: [ 1007.032133] dump_stack+0x107/0x167 [ 1007.033198] should_fail.cold+0x5/0xa [ 1007.034324] ? create_object.isra.0+0x3a/0xa30 [ 1007.035664] should_failslab+0x5/0x20 [ 1007.036782] kmem_cache_alloc+0x5b/0x310 [ 1007.037970] create_object.isra.0+0x3a/0xa30 [ 1007.039241] kmemleak_alloc_percpu+0xa0/0x100 [ 1007.040555] pcpu_alloc+0x4e2/0x1240 [ 1007.041650] ? io_tctx_exit_cb+0xf0/0xf0 [ 1007.042822] percpu_ref_init+0x31/0x3d0 [ 1007.044094] io_uring_setup+0x47a/0x2980 [ 1007.045220] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1007.046487] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.047776] ? wait_for_completion_io+0x270/0x270 [ 1007.048812] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.049940] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.051052] do_syscall_64+0x33/0x40 [ 1007.051894] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.052982] RIP: 0033:0x7f2d330fab19 [ 1007.053782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.057791] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.059598] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1007.061265] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1007.062790] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1007.064394] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1007.065937] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1007.070860] FAULT_INJECTION: forcing a failure. [ 1007.070860] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.073396] CPU: 0 PID: 7537 Comm: syz-executor.7 Not tainted 5.10.255 #1 [ 1007.074797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.076502] Call Trace: 21:20:39 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/connector\x00') close(r0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='scalable\x00', 0x9) 21:20:39 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 3) [ 1007.077080] dump_stack+0x107/0x167 [ 1007.078014] should_fail.cold+0x5/0xa [ 1007.078796] ? vm_area_alloc+0x1c/0x110 [ 1007.079626] should_failslab+0x5/0x20 [ 1007.080406] kmem_cache_alloc+0x5b/0x310 [ 1007.081249] vm_area_alloc+0x1c/0x110 [ 1007.082027] mmap_region+0x982/0x1500 [ 1007.082831] do_mmap+0x868/0x1370 [ 1007.083562] vm_mmap_pgoff+0x198/0x1f0 [ 1007.084360] ? randomize_page+0xb0/0xb0 [ 1007.085191] ksys_mmap_pgoff+0x41c/0x560 [ 1007.086025] ? find_mergeable_anon_vma+0x250/0x250 [ 1007.087036] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.088127] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.089179] do_syscall_64+0x33/0x40 [ 1007.089933] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.090976] RIP: 0033:0x7f94c1fe1b19 [ 1007.091755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.095519] RSP: 002b:00007f94bf557188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1007.097068] RAX: ffffffffffffffda RBX: 00007f94c20f4f60 RCX: 00007f94c1fe1b19 [ 1007.098534] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 1007.099723] FAULT_INJECTION: forcing a failure. [ 1007.099723] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.099993] RBP: 00007f94bf5571d0 R08: 0000000000000003 R09: 0000000000000000 [ 1007.100007] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1007.100019] R13: 00007ffc038e631f R14: 00007f94bf557300 R15: 0000000000022000 [ 1007.100895] FAULT_INJECTION: forcing a failure. [ 1007.100895] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1007.103157] CPU: 1 PID: 7543 Comm: syz-executor.6 Not tainted 5.10.255 #1 [ 1007.113304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.115565] Call Trace: [ 1007.116298] dump_stack+0x107/0x167 [ 1007.117314] should_fail.cold+0x5/0xa [ 1007.118354] ? create_object.isra.0+0x3a/0xa30 [ 1007.119715] should_failslab+0x5/0x20 [ 1007.120695] kmem_cache_alloc+0x5b/0x310 [ 1007.121749] create_object.isra.0+0x3a/0xa30 [ 1007.122870] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1007.124144] kmem_cache_alloc+0x159/0x310 [ 1007.125060] vm_area_dup+0x78/0x290 [ 1007.125834] ? __lockdep_reset_lock+0x180/0x180 [ 1007.126838] ? mark_lock+0xf5/0x2df0 [ 1007.127646] ? lock_acquire+0x197/0x470 [ 1007.128500] ? lock_chain_count+0x20/0x20 [ 1007.129403] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 1007.130402] ? lock_downgrade+0x6d0/0x6d0 [ 1007.131287] ? lock_chain_count+0x20/0x20 [ 1007.132198] ? vm_area_alloc+0x110/0x110 [ 1007.133081] ? __lock_acquire+0x1657/0x5b00 [ 1007.134029] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.135136] ? SOFTIRQ_verbose+0x10/0x10 [ 1007.136015] ? vmacache_find+0x55/0x2a0 [ 1007.136856] __split_vma+0xa8/0x4e0 [ 1007.137633] __do_munmap+0xfae/0x1260 [ 1007.138448] ? arch_get_unmapped_area+0x450/0x450 [ 1007.139484] ? lock_release+0x680/0x680 [ 1007.140339] mmap_region+0x7cc/0x1500 [ 1007.141174] do_mmap+0x868/0x1370 [ 1007.141927] vm_mmap_pgoff+0x198/0x1f0 [ 1007.142762] ? randomize_page+0xb0/0xb0 [ 1007.143635] ksys_mmap_pgoff+0x41c/0x560 [ 1007.144510] ? find_mergeable_anon_vma+0x250/0x250 [ 1007.145564] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.146694] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.147812] do_syscall_64+0x33/0x40 [ 1007.148614] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.149716] RIP: 0033:0x7fad136e7b19 [ 1007.150515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.154417] RSP: 002b:00007fad10c5d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1007.156027] RAX: ffffffffffffffda RBX: 00007fad137faf60 RCX: 00007fad136e7b19 [ 1007.157547] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 1007.159042] RBP: 00007fad10c5d1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1007.160568] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1007.162085] R13: 00007ffd5e86535f R14: 00007fad10c5d300 R15: 0000000000022000 [ 1007.163635] CPU: 0 PID: 7540 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1007.165088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.166806] Call Trace: [ 1007.167356] dump_stack+0x107/0x167 [ 1007.168129] should_fail.cold+0x5/0xa [ 1007.168922] _copy_from_user+0x2e/0x1b0 [ 1007.169743] io_uring_setup+0x9b/0x2980 [ 1007.170574] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1007.171570] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.172622] ? wait_for_completion_io+0x270/0x270 [ 1007.173611] ? rcu_read_lock_any_held+0x75/0xa0 [ 1007.174578] ? vfs_write+0x354/0xb10 [ 1007.175338] ? fput_many+0x2f/0x1a0 [ 1007.176091] ? ksys_write+0x1a9/0x260 [ 1007.176864] ? __ia32_sys_read+0xb0/0xb0 [ 1007.177703] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.178773] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.179857] do_syscall_64+0x33/0x40 [ 1007.180618] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.181678] RIP: 0033:0x7f606cee6b19 [ 1007.182441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.186256] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.187847] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1007.189292] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1007.190742] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1007.192224] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1007.193695] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1007.204102] kauditd_printk_skb: 72 callbacks suppressed [ 1007.204120] audit: type=1326 audit(1778448039.416:2503): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7530 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.626334] audit: type=1326 audit(1778448057.838:2504): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.630430] FAULT_INJECTION: forcing a failure. [ 1025.630430] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.633734] CPU: 1 PID: 7555 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1025.635388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1025.635434] FAULT_INJECTION: forcing a failure. [ 1025.635434] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.637383] Call Trace: [ 1025.637414] dump_stack+0x107/0x167 [ 1025.637443] should_fail.cold+0x5/0xa [ 1025.641809] ? io_uring_setup+0x258/0x2980 [ 1025.642703] should_failslab+0x5/0x20 [ 1025.643508] kmem_cache_alloc_trace+0x55/0x320 [ 1025.644491] io_uring_setup+0x258/0x2980 [ 1025.645358] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1025.646377] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1025.647441] ? wait_for_completion_io+0x270/0x270 [ 1025.648520] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1025.649631] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1025.650736] do_syscall_64+0x33/0x40 [ 1025.651530] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.652620] RIP: 0033:0x7f606cee6b19 [ 1025.653408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.657314] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1025.658943] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1025.660467] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1025.661990] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1025.663507] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1025.665028] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1025.666601] CPU: 0 PID: 7560 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1025.668054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 21:20:57 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0) close(r0) 21:20:57 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 2) 21:20:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 3) 21:20:57 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) 21:20:57 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:20:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:20:57 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:20:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 4) [ 1025.669790] Call Trace: [ 1025.670628] dump_stack+0x107/0x167 [ 1025.671394] should_fail.cold+0x5/0xa [ 1025.672207] ? create_object.isra.0+0x3a/0xa30 [ 1025.673169] should_failslab+0x5/0x20 [ 1025.673967] kmem_cache_alloc+0x5b/0x310 [ 1025.674830] create_object.isra.0+0x3a/0xa30 [ 1025.675766] kmemleak_alloc_percpu+0xa0/0x100 [ 1025.676712] pcpu_alloc+0x4e2/0x1240 [ 1025.677509] ? io_tctx_exit_cb+0xf0/0xf0 [ 1025.678359] percpu_ref_init+0x31/0x3d0 [ 1025.679204] io_uring_setup+0x47a/0x2980 [ 1025.680064] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1025.681074] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1025.682132] ? wait_for_completion_io+0x270/0x270 [ 1025.683169] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1025.684274] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1025.685363] do_syscall_64+0x33/0x40 [ 1025.686156] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.687224] RIP: 0033:0x7f2d330fab19 [ 1025.688024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.691869] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1025.693460] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1025.694954] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1025.696467] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1025.697950] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1025.699440] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1025.706901] audit: type=1326 audit(1778448057.919:2505): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.716064] FAULT_INJECTION: forcing a failure. [ 1025.716064] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.718546] CPU: 0 PID: 7557 Comm: syz-executor.7 Not tainted 5.10.255 #1 [ 1025.719983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1025.721711] Call Trace: [ 1025.722267] dump_stack+0x107/0x167 [ 1025.723035] should_fail.cold+0x5/0xa [ 1025.723848] ? create_object.isra.0+0x3a/0xa30 [ 1025.724807] should_failslab+0x5/0x20 [ 1025.725601] kmem_cache_alloc+0x5b/0x310 [ 1025.726469] create_object.isra.0+0x3a/0xa30 [ 1025.727385] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1025.728474] kmem_cache_alloc+0x159/0x310 [ 1025.729354] vm_area_alloc+0x1c/0x110 [ 1025.730156] mmap_region+0x982/0x1500 [ 1025.730971] do_mmap+0x868/0x1370 [ 1025.731724] vm_mmap_pgoff+0x198/0x1f0 [ 1025.732547] ? randomize_page+0xb0/0xb0 [ 1025.733400] ksys_mmap_pgoff+0x41c/0x560 [ 1025.734256] ? find_mergeable_anon_vma+0x250/0x250 [ 1025.735286] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1025.736393] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1025.737483] do_syscall_64+0x33/0x40 [ 1025.738273] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.739349] RIP: 0033:0x7f94c1fe1b19 [ 1025.740142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.744007] RSP: 002b:00007f94bf557188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1025.745613] RAX: ffffffffffffffda RBX: 00007f94c20f4f60 RCX: 00007f94c1fe1b19 [ 1025.747103] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 1025.748614] RBP: 00007f94bf5571d0 R08: 0000000000000003 R09: 0000000000000000 [ 1025.750110] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1025.751618] R13: 00007ffc038e631f R14: 00007f94bf557300 R15: 0000000000022000 [ 1025.757987] FAULT_INJECTION: forcing a failure. [ 1025.757987] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.758443] audit: type=1326 audit(1778448057.919:2506): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.760540] CPU: 1 PID: 7564 Comm: syz-executor.6 Not tainted 5.10.255 #1 [ 1025.766322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1025.768083] Call Trace: [ 1025.768647] dump_stack+0x107/0x167 [ 1025.769428] should_fail.cold+0x5/0xa [ 1025.770239] ? vm_area_alloc+0x1c/0x110 [ 1025.771086] should_failslab+0x5/0x20 [ 1025.771900] kmem_cache_alloc+0x5b/0x310 [ 1025.772777] vm_area_alloc+0x1c/0x110 [ 1025.773600] mmap_region+0x982/0x1500 [ 1025.774418] do_mmap+0x868/0x1370 [ 1025.775141] vm_mmap_pgoff+0x198/0x1f0 [ 1025.775276] audit: type=1326 audit(1778448057.919:2507): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.775990] ? randomize_page+0xb0/0xb0 [ 1025.776033] ksys_mmap_pgoff+0x41c/0x560 [ 1025.782042] ? find_mergeable_anon_vma+0x250/0x250 [ 1025.783083] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1025.784212] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1025.785298] do_syscall_64+0x33/0x40 [ 1025.786086] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.787160] RIP: 0033:0x7fad136e7b19 [ 1025.787952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.789242] audit: type=1326 audit(1778448057.919:2508): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.791836] RSP: 002b:00007fad10c5d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1025.791859] RAX: ffffffffffffffda RBX: 00007fad137faf60 RCX: 00007fad136e7b19 [ 1025.791880] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 1025.800893] RBP: 00007fad10c5d1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1025.802397] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1025.803909] R13: 00007ffd5e86535f R14: 00007fad10c5d300 R15: 0000000000022000 21:20:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1025.812572] audit: type=1326 audit(1778448057.919:2509): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.826325] audit: type=1326 audit(1778448057.919:2510): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:20:58 executing program 4: r0 = getpgid(0xffffffffffffffff) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/hci\x00') close(r1) r2 = gettid() r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) io_uring_enter(r4, 0x10058ab, 0x0, 0x0, 0x0, 0x0) kcmp(r0, r2, 0x5, r3, r4) [ 1025.840695] audit: type=1326 audit(1778448057.928:2511): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.854533] audit: type=1326 audit(1778448057.928:2512): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1025.870052] audit: type=1326 audit(1778448057.928:2513): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7553 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:20:58 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:20:58 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 5) 21:20:58 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:20:58 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 3) 21:20:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x0, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:20:58 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 4) [ 1026.025531] FAULT_INJECTION: forcing a failure. [ 1026.025531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1026.028103] CPU: 0 PID: 7583 Comm: syz-executor.7 Not tainted 5.10.255 #1 [ 1026.029545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.031284] Call Trace: [ 1026.031861] dump_stack+0x107/0x167 [ 1026.032630] should_fail.cold+0x5/0xa [ 1026.033437] _copy_to_user+0x2e/0x180 [ 1026.034249] simple_read_from_buffer+0xcc/0x160 [ 1026.035245] proc_fail_nth_read+0x198/0x230 [ 1026.036172] ? proc_sessionid_read+0x230/0x230 21:20:58 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) [ 1026.037130] ? security_file_permission+0xb1/0xe0 [ 1026.038312] ? proc_sessionid_read+0x230/0x230 [ 1026.039268] vfs_read+0x228/0x620 [ 1026.040010] ksys_read+0x12d/0x260 [ 1026.040747] ? vfs_write+0xb10/0xb10 [ 1026.041534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.042632] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.043720] do_syscall_64+0x33/0x40 [ 1026.044504] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1026.045575] RIP: 0033:0x7f94c1f9469c [ 1026.046353] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1026.050190] RSP: 002b:00007f94bf557170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1026.051786] RAX: ffffffffffffffda RBX: 0000000020ffc000 RCX: 00007f94c1f9469c [ 1026.053283] RDX: 000000000000000f RSI: 00007f94bf5571e0 RDI: 0000000000000004 [ 1026.054772] RBP: 00007f94bf5571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1026.056273] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1026.057776] R13: 00007ffc038e631f R14: 00007f94bf557300 R15: 0000000000022000 [ 1026.069358] FAULT_INJECTION: forcing a failure. [ 1026.069358] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.071830] CPU: 0 PID: 7585 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1026.073264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.075013] Call Trace: [ 1026.075566] dump_stack+0x107/0x167 [ 1026.076348] should_fail.cold+0x5/0xa [ 1026.077149] ? create_object.isra.0+0x3a/0xa30 [ 1026.078118] should_failslab+0x5/0x20 [ 1026.078918] kmem_cache_alloc+0x5b/0x310 [ 1026.079783] create_object.isra.0+0x3a/0xa30 [ 1026.080708] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1026.081781] kmem_cache_alloc_trace+0x151/0x320 [ 1026.082771] io_uring_setup+0x258/0x2980 [ 1026.083630] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1026.084644] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1026.085705] ? wait_for_completion_io+0x270/0x270 [ 1026.086745] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.087854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.088947] do_syscall_64+0x33/0x40 [ 1026.089731] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1026.090805] RIP: 0033:0x7f606cee6b19 [ 1026.091600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.095465] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1026.097072] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1026.098576] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1026.100084] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1026.101575] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1026.103065] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:20:58 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:20:58 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) [ 1026.129412] FAULT_INJECTION: forcing a failure. [ 1026.129412] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.131846] CPU: 1 PID: 7588 Comm: syz-executor.6 Not tainted 5.10.255 #1 [ 1026.133289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.135031] Call Trace: [ 1026.135608] dump_stack+0x107/0x167 [ 1026.136382] should_fail.cold+0x5/0xa [ 1026.137194] ? create_object.isra.0+0x3a/0xa30 [ 1026.138159] should_failslab+0x5/0x20 [ 1026.138960] kmem_cache_alloc+0x5b/0x310 [ 1026.139837] create_object.isra.0+0x3a/0xa30 [ 1026.140766] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1026.141848] kmem_cache_alloc+0x159/0x310 [ 1026.142735] vm_area_alloc+0x1c/0x110 [ 1026.143540] mmap_region+0x982/0x1500 [ 1026.144373] do_mmap+0x868/0x1370 [ 1026.145120] vm_mmap_pgoff+0x198/0x1f0 [ 1026.145951] ? randomize_page+0xb0/0xb0 [ 1026.146810] ksys_mmap_pgoff+0x41c/0x560 [ 1026.147678] ? find_mergeable_anon_vma+0x250/0x250 [ 1026.148714] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.149823] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.150920] do_syscall_64+0x33/0x40 [ 1026.151718] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1026.152802] RIP: 0033:0x7fad136e7b19 [ 1026.153587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.157484] RSP: 002b:00007fad10c5d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1026.159089] RAX: ffffffffffffffda RBX: 00007fad137faf60 RCX: 00007fad136e7b19 [ 1026.160598] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 1026.162108] RBP: 00007fad10c5d1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1026.163621] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1026.165127] R13: 00007ffd5e86535f R14: 00007fad10c5d300 R15: 0000000000022000 [ 1026.173858] FAULT_INJECTION: forcing a failure. [ 1026.173858] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.176297] CPU: 1 PID: 7593 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1026.177751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.179492] Call Trace: [ 1026.180060] dump_stack+0x107/0x167 [ 1026.180834] should_fail.cold+0x5/0xa [ 1026.181646] ? percpu_ref_init+0xd8/0x3d0 [ 1026.182519] should_failslab+0x5/0x20 [ 1026.183326] kmem_cache_alloc_trace+0x55/0x320 [ 1026.184303] ? io_tctx_exit_cb+0xf0/0xf0 [ 1026.185162] percpu_ref_init+0xd8/0x3d0 [ 1026.186011] io_uring_setup+0x47a/0x2980 [ 1026.186882] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1026.187912] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1026.188993] ? wait_for_completion_io+0x270/0x270 [ 1026.190034] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.191143] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.192248] do_syscall_64+0x33/0x40 [ 1026.193036] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1026.194116] RIP: 0033:0x7f2d330fab19 [ 1026.194901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.198792] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1026.200412] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1026.201920] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1026.203425] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1026.204940] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1026.206455] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:20:58 executing program 4: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000), &(0x7f0000000040), 0x2, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r1) [ 1041.031733] FAULT_INJECTION: forcing a failure. [ 1041.031733] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1041.034722] CPU: 1 PID: 7606 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1041.036411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1041.038475] Call Trace: [ 1041.039126] dump_stack+0x107/0x167 [ 1041.040031] should_fail.cold+0x5/0xa [ 1041.040978] __alloc_pages_nodemask+0x182/0x600 [ 1041.042122] ? lock_release+0x680/0x680 [ 1041.043098] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1041.044600] ? lock_downgrade+0x6d0/0x6d0 [ 1041.045086] loop4: detected capacity change from 0 to 135266304 [ 1041.045629] alloc_pages_current+0x187/0x280 [ 1041.047414] kmalloc_order+0x35/0x160 [ 1041.048360] kmalloc_order_trace+0x14/0xa0 [ 1041.049721] io_uring_setup+0x33c/0x2980 [ 1041.050235] tmpfs: Unknown parameter 'euid>00000000000000060929' [ 1041.050715] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1041.052630] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1041.053898] ? wait_for_completion_io+0x270/0x270 [ 1041.055138] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1041.056472] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1041.057778] do_syscall_64+0x33/0x40 21:21:13 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) 21:21:13 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x0, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:13 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:21:13 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 4) 21:21:13 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') [ 1041.058983] entry_SYSCALL_64_after_hwframe+0x67/0xd1 r1 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0xf1bd, 0x8, &(0x7f0000002640)=[{&(0x7f00000001c0)="532235129ecc28984065edb323e853bc0dfd96c5ef7fa431f2191dc1646d7c000508633e75948d323dce1647a0898f710cd616849c0acff138062ada6d12f4c50b2922bf797e1b50c0472ee843a09f2233adde147cc488a93761d621415d3697ea0c08d65b3ed6", 0x67, 0x1}, {&(0x7f0000000340)="77e71a015323bd57ca53e32a513e713f1220842623c76fbab29bc552802481a8d8226fee78ee7a26b400e1fcfc6f21a0695eacdca10f55e3ca5177940cb500ec0b181d14ed585562", 0x48, 0x9}, {&(0x7f00000003c0)="dea2ecc75ceb17fc702605caa226a4064b85b471756c8c14b339fbe4fbd6", 0x1e, 0x7}, {&(0x7f0000000400)="345390e3aa64e117ae11091848904a17666c276796316e5176ff20f4c9104b9bcd6c919251f81df649428d77c5f5ea24ae0e0630818b9166bf1d912c25bb9d10c66861edf33257e594ed9a144bacaf65c59c4e51d7be921c67620fd862237de98c4f38cabe66df4e5f739005fef493f028fb48dff69fcc1fff4346500f1318565c224590efc54f43102a9a36bb72e9fa3e8e4608a0c0e7dc18bdfd96daf33288c142900d2b3f49626a7a5bc2c6e69288d62a18abf91efa3d8a22fb28b0c145eb28bf301d4d986ca83696d0a4ad1cb7e2", 0xd0, 0x7}, {&(0x7f0000000500)="43782ba083b5e9ff8de9b27e147126b2f5a341434461eac2c32b7d", 0x1b, 0x9}, {&(0x7f0000000540)="18eeab947cdae3e3e841153fa76ba6cd953ab9e23e32089567c448821695539aa462608f1a8da00838b2c698887932ff9a779ee8cd5959d27cdda2ed216ec30ea3240843d58c493eebe6e2846ba58e2c98c90afb12f4305a0a40c0d7988da0a7ec9ceaa007a2cc28b5cd4a23fef4e6dcb96868bc4f5904436196b9b927e2a127cc2e6d6c5217c902c7c771783704b9d3232b9a0c1c11ae1b4ca1e9c1e2de6d0574971736c17a4c39b422d33bdd8ffe24b8478d07e6ca480c5d4d60ff6445743cd78d4f88d210b4484fa833fbb9662926cdc29b4ae46e2300a584b9c785f942c978f4073b9828bfb8ea403f4638272e9d3473176bcfea53b0a70948685450043415805564e511e68b9a370f1f6159cfa408c1c6ce046a52d15d0ff51520a36816ee35a3188e1ad417eb4b8e9af9aba1089a906e78ac2e7af95e9abee96a518e461d791a8bb02a4470cfed03a7b8c4946815efaabcb44af9d6529f1fde68667c85abdd9f92b7e22983eaedea24b8b03bb1b004e47aeb1f0839501d637b924f6ae5fdae327807eb2671d5f4e7b2d71e2ce4b444f3635676c6d709f748fc0a9dc4d7644f5155aa2cd8167d39941b18c7735aa089e3c3e52640e98706fa92cefaf6603391a9b184cf569745270cc7dfb3a5e7ccdc8b441bc238af912f9fd3c7d9656c6c1ed1ae623acb454535737e16c90a6d64aeaf792593674dfff3e0002e143fec9bca4d0b9d58ab9641b53587b2b7bb7f8fd8473cf66de710a445302e199fe3f1a031728813ef9312027b5c8d82c9dafee792e3c0cf70a9d6801dfaeeb63d24cca81d4657783a182c77720be49c60f5cf8961da044d7455c1cd538a0af6384bad57c0842697982ee21768dec64a0f3411c065bfddc5bf789048337001ba0b4ae0141094fe078b2740ec17b6ecf5c44e055d9c9600d161bda24f77e209209b2cd009bc87c9efa0b4b2bdeb7cb4a298ca5da06f4b644ada87e2573d102da8b86e60f68a29eb65b24ff6b6d229f886b4d7b0c89b4df80a8913b82dffe033a981da71153a49dd5ce5c5ff7602a8d6d881ac8998072beebf115617e72ff7555d84cf7e057be571f472cd1c70d32ebe8f2c38f73329d134d6e66408e3a2b49acd26f4920cdf60194caab636b9d740ea9443c5b1b43b7b56f637f03996bb42e287c49252f2eece7ce98f299316bf643215e4db5840c0891642cbebbf36bfdb6035a1940a50dfc6bf1533fff0f8dd72eb63c5dc536e1e8e8891e96a8cf10c7eff6ab2262347637d4ef899d764dbd7ce69ac5b13e4718289402c818485dbaa00213e830b6c7e7827462a16d18d8f521f9acdb50342bfb4793c14e9770751dccae51b1e1e763a40010347735e72d04262c9dde46a1e64db04140a6deca0141a4ebb48f099d45efa1455e430fbe9ac15b1b751d6658eb6099d9f5322bccef7bfffb2749c5911d8ea5cd51a9727d3517c4b0f1dd1de6f07e83fca97355c55226a65fcb9858d6b88dcda56042c7eaa30f06a934d720dc16f98237cdc8559476659ab08c3faaf32cf85e9de91c17c366f0a3959ab9132f701a268f40f51dd2886f7bf924754d076228ecc266eee612d746c478d18f02024e2971bbc2dfd44a436280b8c8b47b77d84e0a6a27824fc6c074e9a00c844b00db52b244dbfa16f5882d6c584a7d028bc02b7da017b44aefcf8e78f9d82335394ce587d74bb7fd79fe0195d15d218625b0244da10d542cb8f702fa314f54f30dedbfa1ec6c3bf04a7a640431cd427c57f2ff8d90ba032aed8b7cb07448097f5f770f5fbe6b6a2d34a608e1ed2537ea66f4b3ed38d4008d479ba7373a14b3ff9fa80244ea7b0a2797f1161a9f4c88b31d5f931d4a47de72b12274b63ebb090365507d6d5e4e018e4aca91023131427e423fcb8758061a184d0490e2f838970834839fa73a8f0e7d86465666097dd7b0f3773e6135d67dd6d4efbb4b54ebf804c03a0f4c2a20dd3f745cf290715b30d822d0343b16766e333fe7c7712a0cf51f86bb800379cd9695d93274a3021c55b96a2fb84a70ddde8348618e609da698228697c8bce1ccd6604e5bcd348c43e163ea373941893a8bb70d07c5205c1dbaf6cd17991cd6bfa3fcfbd9cee2f0dc61b727842594816609a23e07e74aaf078e80c3701b839068d25b88a82b8ed45c78b03746f973c25fc882f629d7f29ec8757c06623c57be776b710265684598ebf69b5343a8227951b0f144ac1742b87d932aa96b1fe46de126987402d7607acdc4a6595501c2cb915db0191c15bc875ea7ab69a2d9a57c9a31d707c8f48c0a41fe3815c3296d08e4018bb29e0b1757d68bcea1720b2b1ab92c3328fb961b16fd44cebd5e07a4ac6ce8b7d273539bc5487c1cef2c527bf8decc02a9a57277fd69a7e84c7f0a1dfc85d569fcc9d61a4dcb2f85298456479b75eba11bb7dd779502e3af94bf749b23c0a2e937852046161b55f3a213b8e504590ed5fa6f988de9108922cf1b11f344690f7abd70b36eff751762828a367a708b8d0f3a5b644f951c1a1a40eefdbbab54b3b21b07211556f781a20d2cdec0cf7a5d4270f7cfb95fc04eab2c3aafed5502a42478055f9994edef048912e5849ea551fb6ba8a0591ffaf9fb1d98f8a09e611c1413e0b34ba8843d142d58b4c02e35be8266120e02d1cf390e902d9002798d278972bf002ea0ce319dd0280803e8031ba97cd8b8aa63d089992e449f4562f92bed65adb1c4d62000ba2f3abb55f2adeb3372738584dd17b6ce4cbaa3ba7202f719174a887aa09461ec7bdc2644ad0b036ba0532fef88157c22fc67e58c1e094cb080d70332638d17b3e993fb9ebbf0f017463a15919156e388c3e64ecf6b728c3ebdb1d0c29aee200fde5f1e9bb0dafee8ad3213c57b553e81924ad4b7484f1ed560b8cc01e62d3ea0a219abdf8871b4f21de84bad69485b6be9366e580b5b215a4a46282bc70ab71bb2b55776ad08ffaffe36f84075f6951688bea776fa98578ff342f34f609e7bbd6b392c991970cc94bc4f7f97982144746b26dc871ff6c8b4bc3e149ccb573b4f60dc754e89d50e29eedb04991a976994d1784a816598f46045942b6117f70b33043e28fd369981afe03d0e2c929ad65a1f30fd86e7406e044f98301ce374b3207116502044a3da0ee21bc692ccaecc87af95492f38be86c609bb6a87b603e42da5078300454a3c65ac16e21a2fb85bd501e138980ba4b8d29a99d5eada1d63d2a51652379e378535e43039de2c32c67c8ee87d1b219634eba2834c5180aada6805f882602d33e02a8d4e305114d9ccc35016a4cf903b6afc873e2e51b8bf4c0d7f922b62b10a212bb9d2d4114c402d8626d4a89befac73bd10a195f7c59d691790bf2927f2779781eb6792886b7aa8ccac58f4c7edcd22d79bdd54d68f29c3419139f7abf16d4939bc7be7646d1a02577a00c9da413df9763f4e749976f9abe2a7b70cd926b7846018e5ed3b6c01e228cbfceec76e42ada590a388a6b0cfbf03b2c3f12bbca5c2c4164d9b11dc2c73534e0128c9ad6c2d5cbde23a6750fe3c9cafb7a921325457f3aec255ce584fad0262345cf5f9712792136debb84a20727b0fcd373b45f6d82b56102ea2f290dba08d48c0c44a95509c706caada729e2f4258a53d1a163501e53ed262c4770ccdd6cffb84a06979f470f18080a3ee2c8db6674bb550c09042a136accfbfa8ac380fe3ce5196e54d48eedd9aa56eff7c500bd545706966de8510ef2467015cf41f0b5275667167014d083ab76978b5aa1b5ae648387d49a2cf40cfe78abe1eea95bc87ff81f2f722c7938fd4a7be7f1435c50cd18766d340ddf7ad379efa901c0024a15f3e07717e4787b30c354dc9e7cf5d51f885f8382ae759e5004b20c7f5441a2a8f4b0122755a7f023aea6669076bd42fc34fa2aebb961c27c27b550eca830e14fa390eba36b49d97ca337dc56372a1409b31838f8b1117df119a7e53108a91bc0d442e7bb3fb17c3862d0227a5c14cc6dd691578249432a8470f67794f15ced791d465d8acfb1ba0a96a18d85b3a62de42fbc9eaa5efa097e39aa06c49f18f979fe3b0f57962ed3b0c87a9cd1c7edd264605ffde6a732d1f0768c1a1c5e8eee44260920fabba37942b85f7ac275c24f3e4d593a5573bda466b187e52827d7b618b17c8a8b49f467eee49436d6af8154eb36232fd184e817663e5e40eacaa5ca9b56d671356fdee99432f5487f923a0e3ca77308f090022ef458490c872b46bb656c063c55b02733749d6ca4a9b36d544122b4c7e6bbf16faf9af47807b5ee5e4e9ad90d0a821c55aac5bf25eaaad3ac521d35fb64ea6cd7374f59f7fa78c3eae2f529fd62d20a1cb57c84b4e02143d55ad3900c43e8811655e97f92eab091f5defa70681a5715224e2be6065a5dbc58670c316ba2090a9edf677c258856dac972b38e53b0237f30e73abe4d0dec4f14ccecb39b7dda4c8fd69bf8a4aa8cd0c15e71a40953f06e399b9e1eb6fc1083184116c76c71190f919f6fffd047a0e2c2078854f0d99c83d5ac71f069ad038d4c726ebe868fb55d5e34e9de1efa56adbd3a04a477035f72c1c1bc2e5605ea88fa21a2ec445a877ed0300447c58a6f486264a3bde31cc114aea58be3a3ae3cd9ab3eec40a0684abc26ab1f7f5b4d057bed4d615226f35ff4eeba2b81e6bb6306bb77c5070d1ae9fdf0ce996ec0e6edf5e89f32944ddfdd659c9b8c2cf873ef4de3724278acabd8715a206888030821c4ecca0be5b862ebd8a4c5fc501009a8f28d29d8255c217b19914a047bd2af8b3f0cfbf7f8d5d7ebe286411643d25cb26ae37d8bec8604c2a170498f1fef56b60710e90ed46eda2f5684f1a6bd7300bf583d97f0c82652971bf3a99216b2a759fdfc368873513c22d3192741fc8583edcec6f1c327fe4fd3a6010f5777b408c6fc064aae7e161dbd890d27af86b0e5e728121d9a028b1f363162384dd74ab493d9cd202ac3e7fffd01c188907f0a3b4cbe87afbede1357d9667b5f2c700bca85f3f25cbb77cbea5db1aa0a3f56550ace596723719024abdb765a2d196b6bb1612da2114e363d7df8d39122c4e1ee5320fb328f123a85dee20b59f5e498b423baaab34f797ece5dd30ce5f88d0c32b77576060f7fd3cc73535a883eb97557c6f706412702e62fde3ed1c3560929667d8238912931f35cbf43c31ad69b0e3e4a209d4cd8a6894f590fde56eccd43ff11998c62e3791b17565b45ac6d7139a72391b437380858e37d67b96a1e8f98711064b1650968f4165b46c1b381a36684dc5eb7407a8017d722ce038d3bcda585a058dac9f3fe49fbf0694d5fa91f53303cb6a88783c1a3557c8e6fcc015603d45a37ac1be3e89734000f8fa0308860c7ab1d0fc51004afb7b0daaf12ec4f961e0f57d165611b41078148bce694e95d50acb88c946cc8e894841d9d38175b6f7056395b4f44fe9290c4fcc903966a8a6b5d9b8260d54df65746f290b1e5d98846f1fc65e99f9019e71819f9b70577e85a373362c46761a5c72c684115b3c0a031bbcdb37e072f100019dc2e9f5dc5c90f54726bd7c3bd7fd23a24df5ea60393822e98030f8e51533427ca6afebf75d14b21d585576dc9317d032fff0ba9bd82424f161fdd105d647a5f97f9036e9a6248fc4f70ad5d013dcb013ecd02cac476c337464134cc66071c99c33f4d1c5abdfb3ba868c3d8c76d232b47ed3f06669354ef94f440784be8f6ec9781185f1708ab2e5834e3a35739d457d429b7e22c0de4b479e400893702fe8b56dbbe6a63039fe40b5e1c13", 0x1000, 0xffffffffffffff80}, {&(0x7f0000001540)="4338d4caa92e6e5307cab580d685eea5230430067b7a07e6928ec5bd52931675c5b81c23321eb4614d31ac6defdd56e453cce4efc2a4175c0445cac404f75ccdf329919a8635f88551a3a3c26f2e1e2c5192e86fc5cc3d6c8ef9ec6d51643eb31c304fa4fbeafe435db4457ed5433fb8b73cd94b53890d1fb00833af628ccca889c198db94d64195a5d15eb83ec41e15483a565846e0f68d43b9305b500c9801dfca34e09ade505efd0ec459a49ed802c0e3d4931adb55b5612b781a2c1a5f5ace95c80a4c3df3dfc47f71f45bb13f0db6e5a3cc2c49d02f655ea5029fa8f7881910e0be3d4c986d951b1888aa5b48b1e9426cba5e81a00f25cd8ee3178b10e8a4f7bfd5521b5ddb21c8126bfe04ea4ad5f9e05c4d6bd2c3d0953982812c89c3005bb14bea63113ce7a11e66eddaf4dd20e3c7e23337cd6b1127e0bf593e7475f4ab9d4a50dde61fdd4c01b158ed55ac79acb525064e1d8d096e40dbd9ca9d8f838aed38b4c45fce318ac2f004bceeaa10b8b3af7a48e155895044f664aecc85a9b4a2c2ebe3a3f537ca02ebb5d97426dfbc235c43f67c08c10d13736cff6450d015edd45f76f1f7a61fe8cfb815d6a75552360ca4585d229822ee2300a8325b3158e7e4226b2e8add2b9576d9a1ecab7ca41b1f78156e71e3f47f7c9d1933825dcc0581dc8aae4b8efd57a971390a3f8468818d1b3f8a636fd4e91b526ed10be83084a186c489bda8e80cdb0072490b244c6083ad1a88800669b6517165973e3a6aed21d49953c8b0681752e1983535f1599095ef429de593bbcbd5481ae8d8929ac7c86b6a3accf767039f29bd421359ff0aba5e300f45e4e8a2e647738699e44e765f5474a22557bfef1661c870c194b39169b2bcaaf25cf74714831a32b4632ddbe5ce2ea92f8636bd33d4ba9320518ea36567033fa73a018f06e211a668507157aa913b7bcdab64cf82a18b2bb5e2b985b3a19de37ff0938d3933f7c8f3d7a4f631f7a29bbbd7dea0c3673f60e9980aa33a6d308bdf9211dbf703a549756c1480b0f5b9aa134241acbd40bc2e7cbcb3244b61d217f104be58a7b6093bea0ab9491b6c6c9d8772342d8db92b7192efbdc49f7ddb7aeae8210338f660cc17a1ec56acc0a1fa4c00775d1102b1734d24dd361a6aa5c8b926566ab6fad9204e46d117cee187af3300ac44753191cbd21bff54264a0c795f99854b1a2b3aa5e60a18d55dd5bb0c300df654a1ea31bd5c92c5aac4cb273872bb91417043eb8b711c46fe7bcdc3f892937a5d35ee78f853972b0f0e1c9b9abb5667f51772482f87cbefd8f4434d221df43cb2e8f338be201406975df8afc8853cec40a94d3e1bae40d0f13977006b1409b28391f622a2d9ab8a547179d8f8240b1bd5047133c50a9e3bcc8f1e1025c2aa95fc90d177cc29329071c3a671c16c2055b419bca50cff92aa8883c152c9be11ec8e10bc8cb1903c40c6ee73c98f35a961572d36ec86a2ead7a1e60aac6657167e98dcdae30b49bcbc0ccec12e13dd407ff4fb2b3533d01a295f12a418f156b67dffdbf00518a5b7c75f330d6beb1f07e9c796e3029db302a0a0daebd3c92248a5614c8c7446ca336a9c83775d3c129ac448c506826ff7c680e77f5e1fefe9dad3e3220979217ccaaddbedbd6aa98b4d5e50a64fd6518aed5ff37a79566791235a061fd5b55b8987d6aa3624529206069623fa5b7ad1a36e8b66ebd29bd520442b03a171be00af61d13aa3f522f2c80c51c607ab29d605078770229f23087f5bc94fa9bf0454179842a033925eb860c4399bdfa178e01d9a893a03ff223e6dd1f0d855a4e85befb8175d2920a4d2b9519e26c108858089353371bd910f8566134a24bf6d97d61fac8e120f16958bf869f1769b822458775e3c6c01876c42551eed3d34b759b2ef843e74c1e5bc0af5140e25b5e52bef235f00e3cba0abf25d53357781c255948c71c63f1db665beb2434bde58ac598ce7b78a175c2472aa3c8af7d64a7679cf93d5fc9b512526d8163f4589defb2ac8674ee27bbc746d9eaa3792d481371aa96c8941853e87f2b600176f7431597a9c66a25c337ff23083a0fd5a380d2b19d66468194f31130b0e91b2859b468cfc2f1df55f4d0767edb486426a86b57fa37c6d3016968dbe3adf5ee650e1c2f2ef8b20067136e481b47cad9d77218e186098f42432e633b2c8a77b5911992594bf979cbfaa50d52a8cb9db6cd42f1de4aa5f2b1489a4eb9689349182e94f96f332a1745a791e30203c58358d658248134f4d8b07cf00127349d862abd306fadac459449a0cc23614af7a1be2a31fe24296bb2c6425ef57952fe09cbfab63ae6d49f77f6313ad4ac91cbdd430db28b83bb7a348a4c359d88b374feabb7ef30180aa4aeabd340f3f6a167d8f943f217ae314cf7f2fad158927608ca594ff28b784d5ceab0c2a1c71115014fea679bb01a59f45cfd13edfabdd2e431d6445203f909b119ce44f98ae5002f4e96495a7a5c0ad79f9cad04d0a71117902e59310d58cd02e6acd24910fe425cb02b9ec70b6774e7813f6b0a85a3713bb8244c0717c09e90306808a1eb9ce88e9eca65cb20ae3956ff86df94e46f81d54c52c32dcdb46baaf66b384ab440f9f088f5bd2930e9b47493ab6fbadb08fd99c1d6e294524c0f36de81442d20035b2b6a9538429aae236b3125bf835e3dbe668cbb909642767c21ff05fd6e380671a96f4e6e36ad0454368a40e7522c3e0551526c6a676abdc942f018510c4e044cd8d6ed8f9b3ab5b329ace2832f6f4fb740c929eb9f507a5d3372f801378b5341abee0db0c80ea0c19613f724c48d2d7d002574984d2685b3187fc59e89a041d876ace153b8f97b95f2fe69980a1bed42919332eee74a3cf8815c7db468dc2780fbbb194b91548f0353db8ab536218019a26e3712d1eca3113b41a6f2a309a8bbab4b8dd7cce9d95df4d6b1fd0bc31c4dc199b7242a33f0713b26458ba01b634ada39730b3e85c7fc327e07c49116a7feefeefdf3d9485fd266750abece02e650b86399490b85d8459e8911afb7585c9dd2d10bbecaabe6a79d273bcacce5f6f95c1d4a0e92748d1c7ee337a04c17a099bac19dd35795d03e7b8c31d2ca643ff388aa38c48ee89fa292036d18523382a1d303941def38e6fb47734daeb680aa4758fef35be9b379d61ff9c556f6b0de515b67d8b3ebaee340499c5521f9611ee94a43233723d0d1ffe7a2bbfb2c1253c6d72264d093c1041034aec1ba9bf0bd552b8ad72506858b79f084475f1cfb52205b550b1bd71991dbee04ae2c7c474681698cd5c2d2fc36a76e286584fd50dc8ced818fdfdbb5e38a67b32bbb87e0d34b8c57d311ae764ec810c7d35a5c572c7aeb0892a4189742cae2ef5040d59f6904bf0b7dc50f30bd4753a5d0154471741208ecaf9060dc1478760681b38b4440db2c9d36d6df78d53d972406d0bf3c67cc35bee077dc56e03812da2b82648d119122a07eb714415a54d216ebfcbdc351d9c56f9ccd26caf7d68123478a48658eae1c683bd6b89d5c423c6d22d10ce44f00c4149f99ae503fabd525e7239f0d2287c099d61f60fff329ca8a73b75e2776704bb6ad9a91d19a24effff3c849305f3c9db4a1f00b49842dcd2731e119ebb80e2e4576767570d2befce8857eda704cfe0e5915c31a87eb37ffe53962b9a9b456b6ee2522e958af5f1733c6ef353f394339cee538d9474be678d15b25d7752364debf46ba5bdb6ec0249e8c3c2683e82835f4442408979a96a66da4867265a90b72e62e5fa1a251e8990a98832eed2d2f5d86b47c7a3a3a094f38038d8697820274e3c1511adffa0053ecafb6ec12774205b8ba2efd944312b61aaecca90c7bf17020a4480f6413c0c9ecd5b9ff94141a3d5ea8a8530f10865f92c2fee294f3517f1826f6729f34f9797837ffb703ed9b2e1e23320e3b7cae9f1cc6234b3f96dd496e7d3db5413e7ea60c6d4e2b9e2b0f2a747b3c8331843c285d0855fbcbe2223021d28128f244cb910ac5e871b423110d11a15039ff56f2a8b23f8c3fb8d19865d71d01720dc824c4550722d3d8930e99da1548f3cb5886f1d32ef2f188f600659e9f8909ed6780853a9be72684ca5effb5e44d4fd7555f546bed993788a4338d31002b4daa7388ab449a10ddc8e7128848b8f14bd859c010fe8f85d3fb7a1ab0ed6680225db4a1cc7af39b6e59d31e6a57f56fd759a80ad827370c1e189d524a985cc2b6405f35f2066b845c02012b0cede5a388ccbb7766a9f21a2b63b62cf6ecff09746777869cd1565e4323702ffeb5fef67f57ccdc2d7058e72c1ed0235a1e95ff88ee638f88ba9f3ab05cd0c97dc825817f0fa6008591f91b018d67f06eb741a2077b08055f7fe750bb8a79fe9a6c088b2e85447138c3dbd2dcb0c4e7259cbb5fb069ab2c189fd5ce89523092324be68df1752792bf480c655a4a48deb54774b71a8df04886e59b683350c593b5178eaac28e0b24a7b72ba5c2de92e8a4762c69ce22964247e9eac8098476b29c93042ab328d2736dd4a743ca922f9df0ad6ba259fb3770f3e7ddb4c51d4ea3d9a6264fd77e342d7317a0cb0091beb1cda112514b3629cca954636d9ff640c3568ecc656a50d70593969cedea050d74112b4d8755daa54471ff2d2107589313a3ab597933ae60c6ce906edce5d535e503b01709d6696820b8dd373509a350d5dc043d9383dc0119aa377748473c4e50ea120024f592c06ffd6b4be8af2597a54f076f94a118015798227ed9f5bedbf916b1627b1a638ebdf960c382d6ba5be30548deb98b2d183a48eec3110e202f89f0bf799bdf3fe3cd9f2c8637f3754963533083f7e89eca28959f4b97341582f5b58798b7ad0759ac3f7d9f9d69e5ef900a45c6665915154ef487661a70db1cec99b99476287b5da6c874f78b1c5d90b97815e66f6da272294422dadf4dbb1db432792f302d4f0eb9681f0ec75fcaf0be67b1fe523890957e2886fd9ae63439ce0466ba1a0fedd9824a3db76ab6d11795ccca2c896fafaac6330185011c716344011a3b8bd6f8503d41b22bdd26c8e3903cf92fee637e743057ffd9455d96f59b7e38d6f3d3e302032005bbc34a48674b4ecfc598e1a11a2719ff75775c65428e924e10e3fc28ae9e38ee70b1fd65dedaaf15b7e1d2e73fac3e4257efa1a6dda5f1ab485797febca0f4e829836deef9ad421640f8ab7540695f983797b56b75a82a94e29b72e09429a88ceff711be141d61ce12c74ce18882701b506c5e2edd152cb59576d004413ddeca55ff7cb17d5f28804795eb401e1cfed4da51c5652c5600fccd00fd6deaf91eef9b1e20034ec2cbc123e1be3863b67083c4c1a5e2b39524941bcc74ced2ed58135ef71f6ce6d66108916d42d2514756f18181fcd67f1833386c767497209eae10c65a2e6b154cea276a130a0b15c344e28d2c7ee57ab1414f5a6b248d3b1d94cb5d693b9e6a5c2a4a9e3144aae8a5a9bce3a5c857cc88768c571b7396f59c2647107cdfef78f639ebb744826cef6d3e97bb6687235ae28ab62f9e4b3b17e87965775193028ca9ba3f3ecc33a90856d87c2060cfbc3fe3bf424b369b6be53dc4ab80e6cd4d00c4bf8a3983a374483c4c1756d5b5fda73adec4493d2acb9f71f333ae2726aa11e26dfb7f2093e84e9a2ca1eb541f9c3b7e0ea22c16c5cf1dbd39750cddd71ec88f9694e4a5afb79680885a76cf23a309045a6478c0f917e4a32410212eb79572cdeafafa74d18a0dc764ce3ddfd23c497080057eb9e8a08929bc5e7", 0x1000, 0x6}, {&(0x7f0000002540)="997da18f6c064b188f014153c1f57b60957875208c48dd243b9dcf76fa3e2634fa1830bca0b63a4826643ad756c6eb2e4649e2f1e3d22e36117aa86efed99429315b6cb1e6d389dab582cfe33337a1075779e3ce29a212f6a74e22f7ac397dbbaa4830ccf7b7fd852aad4f898ae0ad2912302bf45ac385c944f7aa937077eb374eb3ce7b582ff2d4a22dd5c0fdb9302c06e35ac5212712accd9544b94c8464096a61c145a67cdb45b234fddf450138da653071f408933724625594319397d944faac79c06387d45711cb2394cc6e3147920579643e13f0d7851887d47c06ad27d2bc", 0xe2, 0x5dfd9f48}], 0x84, &(0x7f0000002700)={[{@mode={'mode', 0x3d, 0x2}}], [{@euid_gt={'euid>', 0xee01}}, {@hash}, {@context={'context', 0x3d, 'root'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@fsname={'fsname', 0x3d, 'setgroups\x00'}}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, '#.['}}]}) readv(r1, &(0x7f0000000140)=[{&(0x7f00000027c0)=""/143, 0x8f}, {&(0x7f0000000240)=""/233, 0xfffffffffffffec8}], 0x2) close(r0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmmsg(r2, &(0x7f0000002680)=[{{0x0, 0x0, &(0x7f0000002540)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x40002060, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r2, 0x89f6, &(0x7f0000002880)={'syztnl0\x00', &(0x7f0000000040)={'ip6gre0\x00', r3, 0x29, 0x0, 0x0, 0x8, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x8, 0x8, 0x6, 0x1}}) 21:21:13 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:21:13 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 5) 21:21:13 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1041.060706] RIP: 0033:0x7f606cee6b19 [ 1041.061803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1041.066315] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1041.068187] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1041.069942] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1041.071687] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1041.073477] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1041.074547] FAULT_INJECTION: forcing a failure. [ 1041.074547] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1041.075216] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1041.077426] CPU: 0 PID: 7612 Comm: syz-executor.6 Not tainted 5.10.255 #1 [ 1041.078205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1041.079157] Call Trace: [ 1041.079466] dump_stack+0x107/0x167 [ 1041.079898] should_fail.cold+0x5/0xa [ 1041.080340] _copy_to_user+0x2e/0x180 [ 1041.080785] simple_read_from_buffer+0xcc/0x160 [ 1041.081377] proc_fail_nth_read+0x198/0x230 [ 1041.082125] ? proc_sessionid_read+0x230/0x230 [ 1041.082648] ? security_file_permission+0xb1/0xe0 [ 1041.083208] ? proc_sessionid_read+0x230/0x230 [ 1041.083737] vfs_read+0x228/0x620 [ 1041.084151] ksys_read+0x12d/0x260 [ 1041.084552] ? vfs_write+0xb10/0xb10 [ 1041.084985] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1041.085584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1041.086174] do_syscall_64+0x33/0x40 [ 1041.086604] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1041.087188] RIP: 0033:0x7fad1369a69c [ 1041.087612] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1041.089750] RSP: 002b:00007fad10c5d170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1041.090618] RAX: ffffffffffffffda RBX: 0000000020ffc000 RCX: 00007fad1369a69c [ 1041.091432] RDX: 000000000000000f RSI: 00007fad10c5d1e0 RDI: 0000000000000004 [ 1041.092253] RBP: 00007fad10c5d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1041.093068] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 1041.093886] R13: 00007ffd5e86535f R14: 00007fad10c5d300 R15: 0000000000022000 [ 1041.104728] FAULT_INJECTION: forcing a failure. [ 1041.104728] name failslab, interval 1, probability 0, space 0, times 0 [ 1041.106881] CPU: 0 PID: 7620 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1041.107669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1041.108635] Call Trace: [ 1041.108938] dump_stack+0x107/0x167 [ 1041.109356] should_fail.cold+0x5/0xa [ 1041.109790] ? create_object.isra.0+0x3a/0xa30 [ 1041.110318] should_failslab+0x5/0x20 [ 1041.110754] kmem_cache_alloc+0x5b/0x310 [ 1041.111231] create_object.isra.0+0x3a/0xa30 [ 1041.111733] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1041.112325] kmem_cache_alloc_trace+0x151/0x320 [ 1041.112857] ? io_tctx_exit_cb+0xf0/0xf0 [ 1041.113327] percpu_ref_init+0xd8/0x3d0 [ 1041.113786] io_uring_setup+0x47a/0x2980 [ 1041.114254] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1041.114811] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1041.115390] ? wait_for_completion_io+0x270/0x270 [ 1041.115973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1041.116577] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1041.117172] do_syscall_64+0x33/0x40 [ 1041.117598] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1041.118187] RIP: 0033:0x7f2d330fab19 [ 1041.118612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1041.120728] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1041.121603] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1041.122421] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1041.123239] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1041.124062] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1041.124874] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1041.152473] kauditd_printk_skb: 41 callbacks suppressed [ 1041.152483] audit: type=1326 audit(1778448073.365:2555): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7604 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.155711] audit: type=1326 audit(1778448073.365:2556): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7604 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:13 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:21:13 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x0, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:13 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4004, 0x100000e, 0x13, r0, 0x0) 21:21:13 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1041.303134] audit: type=1326 audit(1778448073.515:2557): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.305693] audit: type=1326 audit(1778448073.516:2558): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.308697] audit: type=1326 audit(1778448073.516:2559): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:13 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 5) [ 1041.333183] audit: type=1326 audit(1778448073.516:2560): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.335981] audit: type=1326 audit(1778448073.516:2561): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.339560] loop4: detected capacity change from 0 to 135266304 [ 1041.340682] tmpfs: Unknown parameter 'euid>00000000000000060929' 21:21:13 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:21:13 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x0, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:13 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1041.386452] audit: type=1326 audit(1778448073.516:2562): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.388993] audit: type=1326 audit(1778448073.516:2563): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.399205] audit: type=1326 audit(1778448073.516:2564): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7634 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1041.426240] FAULT_INJECTION: forcing a failure. [ 1041.426240] name failslab, interval 1, probability 0, space 0, times 0 [ 1041.427664] CPU: 0 PID: 7643 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1041.428467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1041.429414] Call Trace: [ 1041.429724] dump_stack+0x107/0x167 [ 1041.430146] should_fail.cold+0x5/0xa [ 1041.430589] ? create_object.isra.0+0x3a/0xa30 [ 1041.431111] should_failslab+0x5/0x20 [ 1041.431549] kmem_cache_alloc+0x5b/0x310 [ 1041.432022] create_object.isra.0+0x3a/0xa30 [ 1041.432530] ? kasan_unpoison_shadow+0x33/0x50 [ 1041.433053] kmalloc_order+0xfe/0x160 [ 1041.433493] kmalloc_order_trace+0x14/0xa0 [ 1041.433984] io_uring_setup+0x33c/0x2980 [ 1041.434454] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1041.435006] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1041.435593] ? wait_for_completion_io+0x270/0x270 [ 1041.436167] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1041.436766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1041.437358] do_syscall_64+0x33/0x40 [ 1041.437783] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1041.438369] RIP: 0033:0x7f606cee6b19 [ 1041.438793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1041.440905] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1041.441771] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1041.442585] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1041.443396] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1041.444219] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1041.445028] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:21:30 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x200000, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 6) 21:21:30 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x0, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:30 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4002, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='setgroups\x00') syz_open_procfs(0x0, &(0x7f0000000040)='limits\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0x9, 0x8) close(r0) 21:21:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:21:30 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) [ 1058.399924] FAULT_INJECTION: forcing a failure. [ 1058.399924] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.400169] FAULT_INJECTION: forcing a failure. [ 1058.400169] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1058.402385] CPU: 0 PID: 7664 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1058.406274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.408011] Call Trace: [ 1058.408570] dump_stack+0x107/0x167 [ 1058.409432] should_fail.cold+0x5/0xa [ 1058.410372] ? io_uring_setup+0x40b/0x2980 [ 1058.411410] should_failslab+0x5/0x20 [ 1058.412359] kmem_cache_alloc_trace+0x55/0x320 [ 1058.413485] io_uring_setup+0x40b/0x2980 [ 1058.414382] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1058.415381] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.416442] ? wait_for_completion_io+0x270/0x270 [ 1058.417462] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.418569] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.419643] do_syscall_64+0x33/0x40 [ 1058.420429] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.421485] RIP: 0033:0x7f606cee6b19 [ 1058.422262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.426076] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.427659] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1058.429140] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1058.430622] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1058.432110] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.433593] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1058.435104] CPU: 1 PID: 7666 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1058.436559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.438298] Call Trace: [ 1058.438859] dump_stack+0x107/0x167 [ 1058.439623] should_fail.cold+0x5/0xa [ 1058.440438] __alloc_pages_nodemask+0x182/0x600 [ 1058.441424] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1058.442701] ? cap_capable+0x1cd/0x230 [ 1058.443525] alloc_pages_current+0x187/0x280 [ 1058.444451] __get_free_pages+0xc/0xa0 [ 1058.445271] io_uring_setup+0xe27/0x2980 [ 1058.446127] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.447185] ? wait_for_completion_io+0x270/0x270 [ 1058.448239] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.449330] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.450428] do_syscall_64+0x33/0x40 [ 1058.451204] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.452286] RIP: 0033:0x7f2d330fab19 [ 1058.453062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.456890] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.458475] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1058.459966] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1058.461470] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1058.462958] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.464449] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:21:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1058.527789] kauditd_printk_skb: 26 callbacks suppressed [ 1058.527808] audit: type=1326 audit(1778448090.740:2591): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7658 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='schedstat\x00') ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000100)={&(0x7f0000000040)=""/178, 0xb2, 0x400, 0x19}) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r2 = syz_io_uring_setup(0x6e2b, &(0x7f00000002c0)={0x0, 0x2656, 0x0, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000180), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) lseek(r2, 0xde7a, 0x3) close(r0) 21:21:30 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4004, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7fffdf003000, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:21:30 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x0, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:30 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 7) 21:21:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:21:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) 21:21:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) kcmp(0x0, 0x0, 0x4, r0, r0) 21:21:30 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7ffffffff000, 0x100000e, 0x13, r0, 0x0) [ 1058.712864] FAULT_INJECTION: forcing a failure. [ 1058.712864] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.715380] CPU: 1 PID: 7687 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1058.716840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.718587] Call Trace: [ 1058.719147] dump_stack+0x107/0x167 [ 1058.719921] should_fail.cold+0x5/0xa [ 1058.720739] ? create_object.isra.0+0x3a/0xa30 [ 1058.721703] should_failslab+0x5/0x20 [ 1058.722504] kmem_cache_alloc+0x5b/0x310 [ 1058.723373] create_object.isra.0+0x3a/0xa30 [ 1058.724305] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.725375] kmem_cache_alloc_trace+0x151/0x320 [ 1058.726375] io_uring_setup+0x40b/0x2980 [ 1058.727236] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1058.728266] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.729326] ? wait_for_completion_io+0x270/0x270 [ 1058.730367] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.731488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.732580] do_syscall_64+0x33/0x40 [ 1058.733364] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.734451] RIP: 0033:0x7f606cee6b19 [ 1058.735231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.739125] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.740719] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1058.742208] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1058.743696] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1058.745190] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.746686] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1058.844646] audit: type=1326 audit(1778448091.057:2592): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7684 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1058.849437] audit: type=1326 audit(1778448091.057:2593): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7684 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.206483] FAULT_INJECTION: forcing a failure. [ 1074.206483] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.208155] CPU: 0 PID: 7706 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1074.209101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.210281] Call Trace: [ 1074.210644] dump_stack+0x107/0x167 [ 1074.211142] should_fail.cold+0x5/0xa [ 1074.211663] ? create_object.isra.0+0x3a/0xa30 [ 1074.212297] should_failslab+0x5/0x20 [ 1074.212808] kmem_cache_alloc+0x5b/0x310 [ 1074.213364] create_object.isra.0+0x3a/0xa30 [ 1074.213961] kmemleak_alloc_percpu+0xa0/0x100 [ 1074.214581] pcpu_alloc+0x4e2/0x1240 [ 1074.215096] ? io_tctx_exit_cb+0xf0/0xf0 [ 1074.215645] percpu_ref_init+0x31/0x3d0 [ 1074.216233] io_uring_setup+0x47a/0x2980 [ 1074.216783] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1074.217453] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.218147] ? wait_for_completion_io+0x270/0x270 [ 1074.218821] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.219533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.220248] do_syscall_64+0x33/0x40 [ 1074.220760] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.221447] RIP: 0033:0x7f606cee6b19 [ 1074.221951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.224440] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.225495] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1074.226460] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1074.227416] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1074.228391] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.229348] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:21:46 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) 21:21:46 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x200000, 0x100000e, 0x13, r0, 0x0) 21:21:46 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x0, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:21:46 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x13, r0, 0x0) 21:21:46 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:21:46 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) 21:21:46 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) 21:21:46 executing program 4: syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r1 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x1, &(0x7f0000000080)=[{&(0x7f00000001c0)="cd0f92aa130bace70fd7c77a9ca1453e2d49408caa433a8c19d00d8c2b1cd7d88ff36cd3d1982eacdc743a43bcd2e7d163ab6fb600213e81fff720cf81a093058588ff3b74a0032a0de15af2f69af7487f1253f5082f4943a1a6ee79ad82df2a7cde56ba7bd1a4d1cb44b40a7f38f87591c28630e99ae5a39ddc69acc176303355d75803e3a1f4c1b98588b0d657a56ead84c2bec5e1a109baa07c4806cc29fa152806384269608fd6c07e78f8b8560c2f33b0935321ce7428a08472c4552326bf1de751aff3d0ffbd03ba4c1a23763dc71b467511943a7426ee1b253e99c92a8cc540b477b218403e364320f07f231252881e47180bfac6ebf9c8928b06c4", 0xff, 0xfffffffffffffffe}], 0x9000, &(0x7f0000000300)={[{@dmode={'dmode', 0x3d, 0x100000000}}, {@nocompress}, {}, {@cruft}, {@hide}, {@check_strict}, {@gid={'gid', 0x3d, 0xffffffffffffffff}}, {}], [{@smackfsdef={'smackfsdef', 0x3d, 'setgroups\x00'}}, {@uid_lt={'uid<', 0xee01}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/@!#--'}}, {@euid_lt={'euid<', 0xee01}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@hash}]}) close(r1) [ 1074.281112] audit: type=1326 audit(1778448106.493:2594): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.291237] audit: type=1326 audit(1778448106.504:2595): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.291480] FAULT_INJECTION: forcing a failure. [ 1074.291480] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1074.296826] CPU: 1 PID: 7715 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1074.298279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.300029] Call Trace: [ 1074.300604] dump_stack+0x107/0x167 [ 1074.301376] should_fail.cold+0x5/0xa 21:21:46 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1074.302189] __alloc_pages_nodemask+0x182/0x600 [ 1074.303290] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1074.304576] ? cap_capable+0x1cd/0x230 [ 1074.305409] alloc_pages_current+0x187/0x280 [ 1074.306331] __get_free_pages+0xc/0xa0 [ 1074.307159] io_uring_setup+0xf9a/0x2980 [ 1074.308019] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.309086] ? wait_for_completion_io+0x270/0x270 [ 1074.310128] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.311225] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.312314] do_syscall_64+0x33/0x40 [ 1074.313104] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.314182] RIP: 0033:0x7f2d330fab19 [ 1074.314964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.318829] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.320428] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1074.321948] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1074.323446] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1074.324941] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.326431] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1074.328636] audit: type=1326 audit(1778448106.541:2596): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.331653] audit: type=1326 audit(1778448106.541:2597): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.334905] audit: type=1326 audit(1778448106.541:2598): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:46 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) [ 1074.349329] loop4: detected capacity change from 0 to 8388096 21:21:46 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1074.364370] audit: type=1326 audit(1778448106.541:2599): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:46 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) [ 1074.398269] FAULT_INJECTION: forcing a failure. [ 1074.398269] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.400663] CPU: 1 PID: 7725 Comm: syz-executor.5 Not tainted 5.10.255 #1 21:21:46 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7fffdf003000, 0x100000e, 0x13, r0, 0x0) [ 1074.402100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.403997] Call Trace: [ 1074.404573] dump_stack+0x107/0x167 [ 1074.405345] should_fail.cold+0x5/0xa [ 1074.406150] ? create_object.isra.0+0x3a/0xa30 [ 1074.407107] should_failslab+0x5/0x20 [ 1074.407908] kmem_cache_alloc+0x5b/0x310 [ 1074.408786] create_object.isra.0+0x3a/0xa30 [ 1074.409719] kmemleak_alloc_percpu+0xa0/0x100 [ 1074.410668] pcpu_alloc+0x4e2/0x1240 [ 1074.410691] audit: type=1326 audit(1778448106.541:2600): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.411476] ? io_tctx_exit_cb+0xf0/0xf0 [ 1074.415012] percpu_ref_init+0x31/0x3d0 [ 1074.415866] io_uring_setup+0x47a/0x2980 [ 1074.416732] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1074.417746] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.418817] ? wait_for_completion_io+0x270/0x270 [ 1074.419864] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.420981] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.422069] do_syscall_64+0x33/0x40 [ 1074.422855] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.423939] RIP: 0033:0x7f606cee6b19 21:21:46 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) [ 1074.424732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.428726] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.429644] audit: type=1326 audit(1778448106.541:2601): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.430325] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1074.430338] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1074.430355] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1074.437449] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.438959] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1074.446578] audit: type=1326 audit(1778448106.541:2602): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1074.460417] audit: type=1326 audit(1778448106.544:2603): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7703 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:21:46 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x0, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1074.472108] FAULT_INJECTION: forcing a failure. [ 1074.472108] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.473527] CPU: 0 PID: 7734 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1074.474356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.475353] Call Trace: [ 1074.475677] dump_stack+0x107/0x167 [ 1074.476130] should_fail.cold+0x5/0xa [ 1074.476594] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1074.477265] should_failslab+0x5/0x20 [ 1074.477723] kmem_cache_alloc_trace+0x55/0x320 [ 1074.478284] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1074.478943] io_uring_setup+0x14f6/0x2980 [ 1074.479449] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.480057] ? wait_for_completion_io+0x270/0x270 [ 1074.480660] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.481301] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.481925] do_syscall_64+0x33/0x40 [ 1074.482380] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.482992] RIP: 0033:0x7f2d330fab19 [ 1074.483442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.485653] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.486562] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1074.487420] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1074.488296] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1074.489148] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.490005] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:21:46 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4) 21:21:46 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7ffffffff000, 0x100000e, 0x13, r0, 0x0) 21:22:00 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) 21:22:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x0, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:00 executing program 4: syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) close(r2) 21:22:00 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) [ 1088.644248] FAULT_INJECTION: forcing a failure. [ 1088.644248] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.647356] CPU: 1 PID: 7749 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1088.649169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 21:22:00 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) [ 1088.651581] Call Trace: 21:22:00 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x13, r0, 0x0) [ 1088.652503] dump_stack+0x107/0x167 [ 1088.653666] should_fail.cold+0x5/0xa [ 1088.654758] ? percpu_ref_init+0xd8/0x3d0 [ 1088.655964] should_failslab+0x5/0x20 [ 1088.657087] kmem_cache_alloc_trace+0x55/0x320 [ 1088.658401] ? io_tctx_exit_cb+0xf0/0xf0 [ 1088.659581] percpu_ref_init+0xd8/0x3d0 21:22:00 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:00 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8) [ 1088.660766] io_uring_setup+0x47a/0x2980 [ 1088.662085] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1088.663507] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1088.665013] ? wait_for_completion_io+0x270/0x270 [ 1088.666469] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1088.667996] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1088.669521] do_syscall_64+0x33/0x40 [ 1088.670616] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1088.672118] RIP: 0033:0x7f606cee6b19 [ 1088.673219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.678571] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1088.680775] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1088.682833] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 21:22:00 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x2) [ 1088.684912] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1088.687124] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1088.689205] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1088.708842] FAULT_INJECTION: forcing a failure. [ 1088.708842] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.711471] CPU: 0 PID: 7755 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1088.713047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.715012] Call Trace: [ 1088.715633] dump_stack+0x107/0x167 [ 1088.716507] should_fail.cold+0x5/0xa [ 1088.717416] ? create_object.isra.0+0x3a/0xa30 [ 1088.718467] should_failslab+0x5/0x20 [ 1088.719392] kmem_cache_alloc+0x5b/0x310 [ 1088.720515] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1088.722036] create_object.isra.0+0x3a/0xa30 [ 1088.723123] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1088.724442] kmem_cache_alloc_trace+0x151/0x320 [ 1088.725453] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1088.726584] io_uring_setup+0x14f6/0x2980 [ 1088.727453] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1088.728522] ? wait_for_completion_io+0x270/0x270 [ 1088.729558] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1088.730656] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1088.731722] do_syscall_64+0x33/0x40 [ 1088.732507] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1088.733569] RIP: 0033:0x7f2d330fab19 [ 1088.734346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.738160] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1088.739736] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1088.741221] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1088.742706] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1088.744192] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1088.745676] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1088.796014] kauditd_printk_skb: 29 callbacks suppressed [ 1088.796032] audit: type=1326 audit(1778448121.008:2633): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.805637] audit: type=1326 audit(1778448121.018:2634): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.823078] audit: type=1326 audit(1778448121.025:2635): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.848068] audit: type=1326 audit(1778448121.025:2636): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:01 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) 21:22:01 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10) [ 1088.873321] audit: type=1326 audit(1778448121.026:2637): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:01 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4) [ 1088.895605] audit: type=1326 audit(1778448121.029:2638): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.914136] audit: type=1326 audit(1778448121.029:2639): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:01 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1088.936895] audit: type=1326 audit(1778448121.029:2640): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.951324] audit: type=1326 audit(1778448121.029:2641): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1088.968417] audit: type=1326 audit(1778448121.032:2642): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7757 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:17 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) 21:22:17 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:17 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:17 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8) 21:22:17 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) 21:22:17 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) 21:22:17 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60) 21:22:17 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4]}, 0x8, 0x800) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="00000000000043a3d6c0313f592e88c0f4157d8600002e2f66696c6530003eb57f621253cd"]) semtimedop(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x4}, {0x1, 0x7ff, 0x1800}, {0x4, 0x8, 0x1800}, {0x4, 0xff, 0x800}, {0x0, 0xf800, 0x800}, {0x3, 0xd7b, 0x800}, {0x2, 0x5, 0x1000}, {0x4, 0x7, 0x1400}], 0x8, &(0x7f0000000200)={0x77359400}) setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8000, 0xe9, 0x1f, 0x3f}]}, 0x10) r4 = syz_open_dev$rtc(&(0x7f0000000240), 0xffffffff8f9b1ec9, 0x340201) fsync(r4) close(r0) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r2, 0xc4009420, &(0x7f0000000d00)={0x4, 0x4, {0x9, @usage, 0x0, 0x3ff, 0x1f, 0x8, 0xac4, 0x10001, 0x59, @struct={0x414, 0x4}, 0x4, 0x0, [0x5, 0x401, 0x6, 0x6a]}, {0x1800000000, @usage=0xdb, 0x0, 0x6b, 0x2, 0x334f, 0x2, 0x1, 0x41, @usage=0x2, 0x401, 0x6, [0x4, 0xc, 0xfffffffffffffffc, 0x3ff, 0x4]}, {0x3ff, @struct={0xc6, 0x7d25}, 0x0, 0x1, 0x6, 0x9, 0x8000, 0x80, 0x4, @struct={0x5, 0x8}, 0x1, 0x7ff, [0xffff, 0x40, 0x75e5800, 0x7, 0x5, 0x4]}, {0x800}}) pipe2(&(0x7f00000002c0), 0x8800) ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f0000001100)={r6, "2982f95d254012126b6df4ffce7759af"}) [ 1105.134585] FAULT_INJECTION: forcing a failure. [ 1105.134585] name failslab, interval 1, probability 0, space 0, times 0 [ 1105.136111] CPU: 0 PID: 7786 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1105.137050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1105.138112] Call Trace: [ 1105.138461] dump_stack+0x107/0x167 [ 1105.138932] should_fail.cold+0x5/0xa [ 1105.139424] ? create_object.isra.0+0x3a/0xa30 [ 1105.140015] should_failslab+0x5/0x20 [ 1105.140522] kmem_cache_alloc+0x5b/0x310 [ 1105.141049] create_object.isra.0+0x3a/0xa30 [ 1105.141614] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1105.142294] kmem_cache_alloc_trace+0x151/0x320 [ 1105.142895] ? io_tctx_exit_cb+0xf0/0xf0 [ 1105.143419] percpu_ref_init+0xd8/0x3d0 [ 1105.143938] io_uring_setup+0x47a/0x2980 [ 1105.144472] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1105.145105] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1105.145769] ? wait_for_completion_io+0x270/0x270 [ 1105.146409] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1105.147084] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1105.147754] do_syscall_64+0x33/0x40 [ 1105.148233] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1105.148912] RIP: 0033:0x7f606cee6b19 [ 1105.149394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1105.151766] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1105.152760] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1105.153678] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1105.154596] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1105.155522] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1105.156444] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1105.168309] kauditd_printk_skb: 24 callbacks suppressed [ 1105.168320] audit: type=1326 audit(1778448137.381:2667): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.172381] audit: type=1326 audit(1778448137.381:2668): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.182208] audit: type=1326 audit(1778448137.390:2669): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.183111] FAULT_INJECTION: forcing a failure. [ 1105.183111] name failslab, interval 1, probability 0, space 0, times 0 [ 1105.187735] audit: type=1326 audit(1778448137.391:2670): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.188105] CPU: 1 PID: 7797 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1105.192289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1105.193192] audit: type=1326 audit(1778448137.391:2671): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.194412] Call Trace: [ 1105.194443] dump_stack+0x107/0x167 [ 1105.194472] should_fail.cold+0x5/0xa [ 1105.197229] audit: type=1326 audit(1778448137.392:2672): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.197683] ? create_object.isra.0+0x3a/0xa30 [ 1105.198711] audit: type=1326 audit(1778448137.392:2673): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.198924] should_failslab+0x5/0x20 [ 1105.198945] kmem_cache_alloc+0x5b/0x310 [ 1105.198973] create_object.isra.0+0x3a/0xa30 [ 1105.202090] audit: type=1326 audit(1778448137.392:2674): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.202608] kmemleak_alloc_percpu+0xa0/0x100 [ 1105.210138] audit: type=1326 audit(1778448137.392:2675): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.212270] pcpu_alloc+0x4e2/0x1240 [ 1105.212310] ? io_async_queue_proc+0x80/0x80 [ 1105.213767] audit: type=1326 audit(1778448137.392:2676): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7787 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1105.217323] percpu_ref_init+0x31/0x3d0 [ 1105.217350] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1105.217373] io_uring_setup+0x14f6/0x2980 [ 1105.226007] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1105.227075] ? wait_for_completion_io+0x270/0x270 [ 1105.228117] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1105.229226] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1105.230317] do_syscall_64+0x33/0x40 [ 1105.231099] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1105.232178] RIP: 0033:0x7f2d330fab19 [ 1105.232968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1105.236910] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1105.238522] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1105.240042] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1105.241565] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1105.243072] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1105.244584] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:22:17 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, 0xffffffffffffffff, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xa, 0x20010, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, {0x40}, 0x1, {0x0, r3}}, 0x4) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) io_uring_enter(r4, 0x10058ab, 0x0, 0x0, 0x0, 0x0) finit_module(r4, &(0x7f0000000000)='setgroups\x00', 0x1) 21:22:17 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) 21:22:17 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000) 21:22:17 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1105.308360] FAULT_INJECTION: forcing a failure. [ 1105.308360] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1105.310502] CPU: 0 PID: 7804 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1105.311342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1105.312344] Call Trace: [ 1105.312688] dump_stack+0x107/0x167 [ 1105.313139] should_fail.cold+0x5/0xa [ 1105.313607] __alloc_pages_nodemask+0x182/0x600 [ 1105.314172] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1105.314910] ? cap_capable+0x1cd/0x230 [ 1105.315393] alloc_pages_current+0x187/0x280 [ 1105.315932] __get_free_pages+0xc/0xa0 [ 1105.316407] io_uring_setup+0xe27/0x2980 [ 1105.316921] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1105.317535] ? wait_for_completion_io+0x270/0x270 [ 1105.318128] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1105.318758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1105.319374] do_syscall_64+0x33/0x40 [ 1105.319817] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1105.320427] RIP: 0033:0x7f606cee6b19 [ 1105.320884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1105.323062] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1105.323966] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1105.324861] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1105.325722] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1105.326588] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1105.327445] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:22:17 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10) 21:22:17 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) r3 = openat2(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x4180, 0x2, 0x8}, 0x18) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f00000000c0)={0x0, 0xca47313240f115e1, r0, 0xe614}) openat$cgroup_devices(r0, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0) 21:22:17 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60) 21:22:17 executing program 3: syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) close(r2) [ 1120.537169] kauditd_printk_skb: 31 callbacks suppressed [ 1120.537188] audit: type=1326 audit(1778448152.749:2708): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.547753] audit: type=1326 audit(1778448152.750:2709): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:32 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) 21:22:32 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:32 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:32 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000) 21:22:32 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:32 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) 21:22:32 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000) 21:22:32 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='personality\x00') r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) semctl$SEM_STAT_ANY(0xffffffffffffffff, 0x0, 0x14, &(0x7f00000001c0)=""/122) ioctl$BTRFS_IOC_BALANCE(r2, 0x5000940c, 0x0) sendmsg$IPSET_CMD_RENAME(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x5, 0x6, 0xd04, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x34}}, 0x40050) close(r0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/prev\x00') [ 1120.559388] FAULT_INJECTION: forcing a failure. [ 1120.559388] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1120.561964] CPU: 0 PID: 7837 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1120.563385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.564438] FAULT_INJECTION: forcing a failure. [ 1120.564438] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.565133] Call Trace: [ 1120.565161] dump_stack+0x107/0x167 [ 1120.565186] should_fail.cold+0x5/0xa [ 1120.569563] __alloc_pages_nodemask+0x182/0x600 [ 1120.570549] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1120.571818] ? cap_capable+0x1cd/0x230 [ 1120.572653] alloc_pages_current+0x187/0x280 [ 1120.573573] __get_free_pages+0xc/0xa0 [ 1120.574402] io_uring_setup+0xf9a/0x2980 [ 1120.575261] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1120.576330] ? wait_for_completion_io+0x270/0x270 [ 1120.577383] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.578479] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.579567] do_syscall_64+0x33/0x40 [ 1120.580344] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1120.581429] RIP: 0033:0x7f606cee6b19 [ 1120.582211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.586071] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1120.587704] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1120.589214] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1120.590719] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1120.592221] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1120.593748] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1120.595234] CPU: 1 PID: 7838 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1120.596637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.598311] Call Trace: [ 1120.598849] dump_stack+0x107/0x167 [ 1120.599588] should_fail.cold+0x5/0xa [ 1120.600363] ? create_object.isra.0+0x3a/0xa30 [ 1120.601086] audit: type=1326 audit(1778448152.756:2710): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.601300] should_failslab+0x5/0x20 [ 1120.601328] kmem_cache_alloc+0x5b/0x310 [ 1120.607231] create_object.isra.0+0x3a/0xa30 [ 1120.608140] kmemleak_alloc_percpu+0xa0/0x100 [ 1120.609084] pcpu_alloc+0x4e2/0x1240 [ 1120.609886] ? io_async_queue_proc+0x80/0x80 [ 1120.610776] percpu_ref_init+0x31/0x3d0 [ 1120.611509] audit: type=1326 audit(1778448152.756:2711): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.611585] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1120.617003] io_uring_setup+0x14f6/0x2980 [ 1120.617884] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1120.618940] ? wait_for_completion_io+0x270/0x270 [ 1120.619954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.621025] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.621063] audit: type=1326 audit(1778448152.756:2712): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.622092] do_syscall_64+0x33/0x40 [ 1120.622113] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1120.622132] RIP: 0033:0x7f2d330fab19 [ 1120.629266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.633089] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1120.634547] audit: type=1326 audit(1778448152.759:2713): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.634661] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1120.634680] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1120.642126] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1120.643611] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1120.645116] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1120.645188] audit: type=1326 audit(1778448152.759:2714): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:32 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000) 21:22:32 executing program 4: sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x198, 0x13, 0x1, 0x70bd25, 0x25dfdbfc, {0xb, 0x81, 0x9, 0x4, {0x4e23, 0x4e24, [0x3, 0x7, 0x3, 0x9], [0x80000000, 0x4, 0x1, 0x5], 0x0, [0x9, 0x1]}, 0x3ff, 0x8}, [@INET_DIAG_REQ_BYTECODE={0xe2, 0x1, "e5d951f2efd4e45650bdd1f45309fcec6c8206722cf13631c89fb2df4e84889f9c16cb9d989ceb8cb3fa21e3e96ef8d4efbade8fd5b8997db8befc5275ec43318a396a306cb18cef0644fc89c18d918ee1274e4f4c43d3e0273eb24a8b4b3fccfe796ce9dc1b2cb2f23114a18302723b97c36deaa1aa39ed0292e0dca96a098799cbb5fdbfeae8f67d29e6a15f5c97abc9248e533fdea7e2f8791413d4fcd599a51c7b07ad82ca043c09f394ad6e14689ef15e7c3a88fc8e633c1240868c4348c076c4cbb475169b65cc0253b3d485b8a76a0de4b4351302caccab421498"}, @INET_DIAG_REQ_BYTECODE={0x5f, 0x1, "05f529e36531d5a999e72438738fbb7a72dcd935aef29267077cf055a25efd07a71a987ce56b4956c507f45a53871fc8aad406863bae9b52310ba0ff87e72a97655383f26aaff04261253865fdc6236f7bb83806dccdbf160503c2"}, @INET_DIAG_REQ_BYTECODE={0x7, 0x1, "cff0b8"}]}, 0x198}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000014) close(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xc8, 0x0, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xa2, 0xa8, @random="c35d3528e871c4df318f32c84e1b7a257ee33f65fdfc98a573646b7dbc979a90e8d777cf8d068fe5720c8701aba8a52d502ff11534a3ddf01a2178d0fed8fc23f0714c574d5c958277336240dbc9fb4e1a2e8dda1e68676c606692806fd7bafa3146ee074bd81a09ba7544a0a7ad05b152a741c8fc0a19da4ee6966834b3f39f38788cd5b344d9eed4df9e1ea253aa56efd9496a33e6a6a3b14f57ff08d4"}]}, 0xc8}, 0x1, 0x0, 0x0, 0x20040000}, 0xc7d4ee6a612b8e17) [ 1120.706677] audit: type=1326 audit(1778448152.759:2715): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:32 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1120.729892] audit: type=1326 audit(1778448152.763:2716): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1120.749852] audit: type=1326 audit(1778448152.763:2717): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7824 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:32 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:32 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) 21:22:32 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:33 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000) [ 1120.939441] FAULT_INJECTION: forcing a failure. [ 1120.939441] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.942001] CPU: 0 PID: 7854 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1120.943425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.945158] Call Trace: [ 1120.945718] dump_stack+0x107/0x167 [ 1120.946482] should_fail.cold+0x5/0xa [ 1120.947280] ? percpu_ref_init+0xd8/0x3d0 [ 1120.948140] should_failslab+0x5/0x20 [ 1120.948947] kmem_cache_alloc_trace+0x55/0x320 [ 1120.949904] ? io_async_queue_proc+0x80/0x80 [ 1120.950820] percpu_ref_init+0xd8/0x3d0 [ 1120.951660] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1120.952830] io_uring_setup+0x14f6/0x2980 [ 1120.953704] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1120.954756] ? wait_for_completion_io+0x270/0x270 [ 1120.955785] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.956893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.957963] do_syscall_64+0x33/0x40 [ 1120.958748] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1120.959810] RIP: 0033:0x7f2d330fab19 [ 1120.960586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.964462] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1120.966045] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1120.967526] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1120.969010] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1120.970482] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1120.971959] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:22:50 executing program 4: ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0xffffffffffffff80) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = syz_open_pts(r0, 0x0) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) 21:22:50 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000) 21:22:50 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) 21:22:50 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 1) 21:22:50 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:22:50 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x7, &(0x7f0000001080)=[{0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:50 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000) 21:22:50 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) [ 1138.553878] FAULT_INJECTION: forcing a failure. [ 1138.553878] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.556463] CPU: 0 PID: 7875 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1138.558021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.559897] Call Trace: [ 1138.560504] dump_stack+0x107/0x167 [ 1138.561347] should_fail.cold+0x5/0xa [ 1138.562216] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1138.563473] should_failslab+0x5/0x20 [ 1138.564336] kmem_cache_alloc_trace+0x55/0x320 [ 1138.564650] FAULT_INJECTION: forcing a failure. [ 1138.564650] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1138.565390] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1138.565421] io_uring_setup+0x14f6/0x2980 [ 1138.569279] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1138.570417] ? wait_for_completion_io+0x270/0x270 [ 1138.571542] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1138.572719] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1138.573900] do_syscall_64+0x33/0x40 [ 1138.574733] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1138.575885] RIP: 0033:0x7f606cee6b19 [ 1138.576719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.580852] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1138.582566] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1138.584167] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1138.585778] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1138.587378] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1138.588993] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1138.590639] CPU: 1 PID: 7877 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1138.591681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.592915] Call Trace: [ 1138.593312] dump_stack+0x107/0x167 [ 1138.593858] should_fail.cold+0x5/0xa [ 1138.594426] _copy_from_user+0x2e/0x1b0 [ 1138.595010] io_uring_setup+0x9b/0x2980 [ 1138.595591] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1138.596292] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1138.596913] FAULT_INJECTION: forcing a failure. [ 1138.596913] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.597072] ? wait_for_completion_io+0x270/0x270 [ 1138.597098] ? rcu_read_lock_any_held+0x75/0xa0 [ 1138.600921] ? vfs_write+0x354/0xb10 [ 1138.601463] ? fput_many+0x2f/0x1a0 [ 1138.601991] ? ksys_write+0x1a9/0x260 [ 1138.602549] ? __ia32_sys_read+0xb0/0xb0 [ 1138.603156] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1138.603918] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1138.604670] do_syscall_64+0x33/0x40 [ 1138.605222] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1138.605961] RIP: 0033:0x7f38f4330b19 [ 1138.606501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.609177] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1138.610317] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1138.611360] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1138.612390] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1138.613438] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1138.614466] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1138.615538] CPU: 0 PID: 7872 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1138.617094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.618954] Call Trace: [ 1138.619558] dump_stack+0x107/0x167 [ 1138.620387] should_fail.cold+0x5/0xa [ 1138.621257] ? percpu_ref_init+0xd8/0x3d0 [ 1138.622198] should_failslab+0x5/0x20 [ 1138.623063] kmem_cache_alloc_trace+0x55/0x320 [ 1138.624093] ? io_async_queue_proc+0x80/0x80 [ 1138.625088] percpu_ref_init+0xd8/0x3d0 [ 1138.625996] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1138.627213] io_uring_setup+0x14f6/0x2980 [ 1138.628160] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1138.629310] ? wait_for_completion_io+0x270/0x270 [ 1138.630435] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1138.631614] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1138.632787] do_syscall_64+0x33/0x40 [ 1138.633642] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1138.634827] RIP: 0033:0x7f2d330fab19 [ 1138.635664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.639793] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1138.641519] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1138.643128] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1138.644922] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1138.646521] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1138.648109] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1138.668250] kauditd_printk_skb: 49 callbacks suppressed [ 1138.668269] audit: type=1326 audit(1778448170.881:2767): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.675792] audit: type=1326 audit(1778448170.881:2768): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:50 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000) 21:22:50 executing program 4: syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') syz_io_uring_complete(0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_submit(r2, r1, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x3, 0x4000, @fd=r0, 0x9, &(0x7f0000000000)="37b240ff4bc01471c353d80d74974066147024b0c1be4e43ef41e3371e6ef040dee11b34b0faa4b3aed5f98dd165c6f7725f33c99dc7c4456d12c33a18df378ef9629169bcbd6052ded438bb502a068b971b8a20e060150b6e56df87ecce4325d71f4fc49040b4cb4db187e3eb82ed2ed6dd96a85ce3c1e0e83e96a568cca8985a8b71d3abf96aac6144c9981abbef0cd820891cddbb6c3d4fb1ce1b56a1bfc59ac331da611da4a3da09a92eb15f64e478603f61d4f203a28b7408e5057d", 0xbe, 0x18, 0x1}, 0x1) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) close(r4) [ 1138.698030] audit: type=1326 audit(1778448170.883:2769): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.717317] audit: type=1326 audit(1778448170.883:2770): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:50 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x0, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:22:50 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff) [ 1138.727579] audit: type=1326 audit(1778448170.883:2771): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:50 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) 21:22:50 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000) [ 1138.746776] audit: type=1326 audit(1778448170.883:2772): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.754566] audit: type=1326 audit(1778448170.885:2773): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.765150] audit: type=1326 audit(1778448170.885:2774): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.776603] audit: type=1326 audit(1778448170.885:2775): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1138.788534] audit: type=1326 audit(1778448170.885:2776): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7878 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:22:51 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000100) 21:22:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_names\x00') r1 = socket$packet(0x11, 0x2, 0x300) close(r1) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f00000016c0)={'wg2\x00', {0x2, 0x0, @multicast2}}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(r2, &(0x7f0000001680)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001640)={&(0x7f0000000140)=ANY=[@ANYBLOB="fc220000", @ANYRES16=0x0, @ANYBLOB="200028bd7000fedbdf252d00000008000300", @ANYRES32=r3, @ANYBLOB="0c009900070000006d000000650045006fb22a222f1fcaa01e77e7abfd50aa263424f4a20635fb51d2c3d5b18508b6f19807e9e48267c801a1e83d83b3c20c4b1336c4a699e119e574e830da8d75c832336d8e924b4319577c2faa188ebcbdf2d2b784a042dd8c618e6ddd5eba288e147f0000006a0045008b8add801c04a14c9a63622e88f2725a4b60bbff3d037d5ef966e88fe7e5c2cb1abdcd496f9962ec4366b7278d71a31f621fae04e9fb0616be7066eefaea35a743b7fc5d521dca0e0cffab2a766f6e052ab3b13e15d3953ddd6807c564e473696996ac0df8b80000b9004500dec02ef5a1f612ad0f0ea62046b3ace50526ccfd4b5119442834c81f71e3e4aea65b4b5adcb8e7ab7e1da25da4a14d3579d8fe76edc3e94eed62a1c925c735aa9c8163e86767e3bc54bdc08ac3066cb3ee05989eb80f3215b386bdc3071c9f9281000c88a962b6f3acda924af919575c9cc5e8a5aa2528b47d8c1558b4b5209c6470e1eb763a3e109357246125be7b50df2bb4b0385bf8193fa284c0a9cf6f3b980803084447f61ad0ced3bda23b2328c84b234cbb00000004104500ab1059cacd08472424a00cc06fd4e3a147f2c1a8b4bfebdfec8529f8021485ee042e11b5c9779a517ec527552879f9d5ac53310ac8bb240af7273ca97289b25653b064e7dd7ff65a8b436f8271b0919eefd66f6d88642be37454fdabbcd51bcfa33500c8dd6464a066d7982f13ac558df30872cb9b76312642ae233a114ee7b619c740b95c08096c2b8d252d8283c22299bebdab3a771017b541c3b91a021a119e64ead4e03fed042aa38b731205c68309664faf8ab82b1b062010f092b2d160c5a7eeb34e3fde02b0eb4565b55cb9e076c867df42cc843a8109ed21e90ee3024b964ab31e5714270682fb30aa9f47597659b0b954be00d104aa2c857ace92da1ed1d900cac1a96509c0a498dfec4f10dfde7ee75d184b617ba0d0b7d9fd91a1931aa94648f79c78417af20757bd3c1402845dd29d436400dc08a3a8712d1a466f10b55f93bb2d7e5557e23ce67607114fba99f4cfc342c2744810b8f10a127de2558e96fbfa074a4694030295b8dc328e149beec3c7990be41ed4f6813177639af3b49c420ae43750f560624fe4e3259382ce051e417c73d5c23933263b0fc445cc897389fba606b9ab5371c928a93a585110cfda070ceb4f7cbdd09c46cde6f5ec4afd55e50486f7be08bb6eaf552e0467f5232d273d55f074d5945217fe82063efe117cc3306ca2e9ecaa76a7ce6ec55102fea223efb2e015b511e4315c0a6192f9433b54cb887a676020315460dcd43828359d8fa94f102ee958166b01a8c494ff1a4ccdf937d7b5dee04a3022f2c75296f92574ab4cb09c730c47f941fdbdd1f3996ba5466d4423ffbd784000d8e8ab33dd27dfdf793abe5b42162e22b222a98466fd17e766628009808dd5ab5a70a3fe4355e6daf3cf6f8c06161aa6e1609fca65655d1818d10b73fc6f7b0723b7cbfd7c576715db5e8d9ed3ec023a37d5f769ac85159b07b74445abe3b7d9ff9bb43a12d8b5df1a5bb7571047e5f84d6f581aee333fa773c2e8abd17df1d4c1ef67b8e673870b46341bf9190956666ef54420512c369369e215a15817153a9841c3e939898cdbe6ae65a207ad91b96cd2af26e33d8f281a566b89c816abb46571b04283fc666fd1a98b58f3d302b42684c2ec77757c925a3b56939eb5cf4b78702c7341e6d0087b40c5d7c8ee2d326d891106b451399bb1cfaccd1dab8e53b7576d8b47576b764b1771a97a8b0b1b1ea9c2acfd9ed145e83ade573a2e653e0191a090e27e497863063238e37e1e773f7419ea473af15e1b6ec177e3c3532fa865be7267a8c95df52174b4e52a8ac176336d2a913784e56b3241ca8549f3148af16fec396fc7d71050c7fd37b5f535bc54294b350cdfff25ae5fbaecc8231886610b46ddb5cd4b8b9196de2c02f4556fb4a304fbf158be5c3b957d49feed7bf9f0c44a3e92a8aa682c1c49c79427da7f64cb3773343093959202d66c2f56cb11bee37e01ea4a7a7896133c250ee491aa52bcae976800ed6790b146c6a32831b98e79e6199eb2d182ce11eae6b6b45251b76f3eef05173daa642d6f4e6fbd9cf7bf8c10a8d740ec7bc784bdb24e0798b44a50b0c69c22f3f1b27891dacfece8ef56d2f7498d4821551623376da5300e039690bbddb078805019e5138214a0113e920b130fbbe63e0fb7e1cdbedd0450ec7a5857dd0def36a21921322d252a62aa22674a527016fe20298e83e0b36ca6363476d5e950572e3a9159488a0d6150a560526da11ce7d3cf953b65d1076e0478262c71ab3bcee51c9704934ea809170c3ab21f5b6206331deada686a4c392451f15a70d0532eaf61ad71c72d7f6e2676349fdd0f28144aef4ce9121d5228a33b69d9d1b24092bd3c6041e5b916e3a680120ba2221f744621838acb501d099727feafca1250311cb4986f6901fcf04c9415a0a8c77ce1fdeb1007341cdf292a6ea7e66f4e37ff5a43e7504cd45d036d0a658cd4ad2d0bf49c7c0a6b65dd84136cb243496cc51fa25dabaac2ec3cf0a97f2f09d2a2aeb8f4c115f1ad02b0460e9a5099bf644957980ebc85fe794d30bca75a05a0af48843a4d13c29bbe3840490c6cce65e924b5fe38fe81c9b146f16e38d7c5585432c9ba346dc93dc7a984a0c5bf4a99a7937b0242910d1f2824361669379894197599c407904ce9bdd869804b79654357df4871665eb560b25d60c315c0de93e0982b3eff29aaa87d23b52a7b9f80d4eaef283af94e07d6da416aae0547afb787808b1e4ed33f6ee7ad6b525b241607937addd182b700d3c93d980387eb48ed5dbafa9a48d1e237fe29d670b15f4c13ddf810768fede6746473aa3ae95225e75a98b277f15624755bb9eeaec0c613243cad1a73854dc3d10e8d0e3ea2e5985ce71f97a2706e959078a08f4260ee6df9d7b9eb6358ef853f1dbf4c3ece26604196a535d35f937a374d80e6e506f80bcc3cd23b75edc6a59c6bab202fa0de6417f231460b155c35ee6ee254f404c992a208cdb319d419804b5168bac233d0d359558ed18aba235fcbfd2d752391c28e76a108ac3cde28c3790ee73a14a2b3c4b8b46ede689bf5e195131e0497f88b96c7e437c665cf597134b5de735b8acd0d21f0d2c3f7cf35b3d8dd4845e2d532b85bf25566a8b653668d16f1c5778d0d44726a9aaefbbc5d1f6a200262eaf5e25c19418b6a5b47ba990fb76c4f4ca4503d5c3cf142ffc378ff04c68d17e6a3c223d828ed56efd8323bdd8b3f606fc0cb683543b1f43cf60f1913ef1824353c51b0aaac193c4c3ae0d8978c68ec235701963575b8b6d6736024a21e46eabae5b496ae79960078baafe04f9450eef04a92ccb8f948c7d8f1f7310a79efbf8ce1e327d1dd12d3a3b6bf1f212b5f8cd3240d9b3450c1c1742fc5c783fb98765513cc8f38a2ac26e0473f22d8182de91d7d96633ebe2543fa4fa0c481b24f3147817018aedc6a6d17671cbe93dc058c3c6ebde4ebfaadf2fbd3989738dd3a7e381ad467b4b46bd40588dd55dcfc145faf196dc6d1d08c1a6d39033d2465807210f1f2519b51b20b155971bdd1c880c677aad3763db16cc96a85f26316326c96caec2425284b642c3c4dca4fda45303b1d2d537aaa58b30ba5c217a0238bf692bb93d6d3fcb0218377f3f7e3e251871bac21853e0d64a6b3851e1d18d6c063d99e82a415742d862e45c35ad48815c980d30d0b9cf0472b0ef1cfde243c0883feaeb65db7096514bb4c26b5c94098882d6172793f0ff175b444114c5097c2baa2ecc2910772ed3c241a64b504e44347d6457b740e25ded87f8573c1766f58fe13ef1588629f10fa9a30c0f53d2f2dd27ed125e6880adf227583749c0b2c7530fa9105015fedb8adc7c61553e4e8a098fcb208ee2ebc4386f68f28e7a852097138f071a8e367da7cc8f895fc7c4c0ca09414c3b6ab060a301ba70a3a06d1f0cc18be03409a5a7478d299c4f62619f4a6c72198fa4616fa0e5bfc7200a22d228b13104fe6ae6d00be5cc2f829a4b615506e1fc9d7483d965e1c3fd4136203e5b372108e7e9e8098ce02fb3fb72ccf4210b07defc00051657085f2bec35f9a152daf249630e4c4dd9d1be6240bbcaf7b68f3bf7a1f93fabb5a50b25b3fc8b858bcbe6ab22224eb282dc2ef24e9e4dd00afdef9ed58c77d2ba412987b8857232b2d02bcf9122288bcde513a3553110bc046ef5d82e2405ce8d7d38c27f100b71fec5f60b44db8661db3c62c4293be378c01041e9ea036b0ae7a22f68cdcd7e08017ed107f9726d16969663ece4bbfc180f38fb587d4e7a28d1d7718995a7e2f9b3de71585dc648770774782c4c8cde3d67d09877be72c95076673a5325b2f045373dee2f500affa82ce13e4d9c7dd9f41823a2d7e15b87ff91b2c95c5364d0936876160121a739aefa27375b092e52a83ab2b1ce305bb50ed623887eda2cd5f3cd9da9da214e84cb692add2bc0d9da5ca514add7711db3d78e943ddfdc42f47a60d2487964d1b431c3ed144a93e221a407468dfeff12f8892dcb3e00c3cbfa440d94d619e03ccf4035ae9d6f24f106decac010fc896026ab4cad02019598f198ebff5a5bb39eba670a423f941f132983f4d4dd1daf35ca9dbd2f7d879932a81f22eeec6afa61323ecd39586ab91c11a27575d69848dbd04a9e9efd90045bb18c093e2a53eea74f79d274e370dd689ab021a0e0dfc0de643aae6fabb1ecff54314d00e0e88dbd4e442ce2d88f91643d09c5025e7d024bdf280795d3ccb8119e6117a73acd5627d92fcc113c19142825aaacb9c2516bd217ecb0b497eb0b763d5f79c6a2e5d7e6030c8bffbfc7e14bcc10504fa7397e82be25a118e1fd35e3ac030dd629ac3267edcfbd4ab3c06a17b4498152ded5fdf8ab1a2387da5570b4107ceb285f75e8e71c85794d8f297390c02b4f1573d219e543265884ca89a51ea269a9cd09840ad5be008cfb0f42cd6090b82817e6fc54e34a600c1567f390aa98b54fdb700f4fedf84d79ec11cc15d702a30d028dc1f77233fc7ff6b100e03b4ec482a14567ba7167ae3fb23242d11507b5faff065877f465dcf70b476290e8ea998617ac35ab47404f771123d4edd07814518eeadafbe8c835f65c5ba64d1f6c4e88a60a57ff7f5265ce6b72c888b4399d9a02ffa81bc050ab073daac1c10711d9791e121017a4591f6128d0d467e9a39530023e616891368973b652e58ad190f35e3e6f07346e3adb16ef667e6b1fd7c436b0ae0b07ba678f72769707254abb1ccf9764008d27a7a5416ae2e383c35c5b3f9cf69fd19de5f2a901bc595649848db8f8efa5109ea0ac5125b08b537f6b578e57a48a91cead3c94bacadb95b1db019a60915bce09250e5d205ffbe5b25ea00bddda7f1238771618a7ece588102b1047e31c6dfec6c2699b1d65e601f71a0994a39dded7e11ca44b41b3d7ebd2adf3b5455ac9f7325b601f369f6675ba6cdf6e63354b6b65d4fd6ef498bd0795ef9b034df9e53c3e27956f4eb714b26eb1e1b45f3e5333dfc9f0f4cc0b77143a3042dbc456de5f6b4a232feaae883a6bc7337a69edd2fe8bef077f0ceacdd3bc2ae0a610facc1eb6e5636c4c45f459b7eb6605bcbb714303863260fabc1e900970ff6b617e0432d0ea33a0be9fbb2f4af557c681e8cfe295145859d945ee59b122d611e282ce85d4aa61f268d99da51269d4dd60326e37dec451c53322f67eff82792da803d6f28f8e6a87588b34e34a0b5c5479468f44692348862785c0bff63f39c85b53b3563ebde05397d15076584b7a25bbb5365341fd1afe55970b04a460b3d69e27a8a485e199af5a9481388c9ad61bac31afbd31a26775773a30110e6fbcbaee62753953b35ed970b0be941a38fcad910ff167702aa78c205fa75ff1334482f9c6f8c49b7e09a3371eec8c2bf03b41e22cced2b538412e774d3f6114f54d4b269f991a3ecb6618a2e1c8ae4bd08c7f90fbf6a4d6ecdbbfc7f29303b5f6640c1004aaf0a579549de3c334d2c9a71af26b1999d4837bf1614b8050b231147e65d8a200743ba475813abdadd80d4652d85043fb6fcc5e1e28454e547f3615b8133c6776dc62a9eb412ba19e0656c3b939dbb30b916a0f00e12e6fa08fae66caf3b879c3b6ec0e64a3790b09940c516ed6befb25513c2156f21ff127aa0ae604731560d5d503ee4e40bee0fa8a7ffbef1b7b28c96741c286547a263a33138e2546acf80fb8d23fff87d5731fe27fae6b8a955d74bda069cc06c66648decf2a80dfc9ff0ec829d9c5c4e206519e6a0ac7e820c89ed9e14fb94b671efabf3a1fa580acac140e1004500dc2f9cdf463a080720afeef3c2a5ab16ff95e8dd6e3ca79762834dc6c5c2a76eca4f1b5a7bac34a63387aba967e10a95ae77f131c72ef493968f52ea69bdc1fc3babc79749ed853bba08c634323826bf88169f2fdfc73d31c62a2452fca6a6e39981c6aac2b64cebdba7a62951ad60d4a319787462f1ab7efe5dc8b9dafcf70d98efb74f62d5cec885c58cb44684de96764bab6e27341698d70f9fbae13cfcbad964a03efb364a57398a4a955b38163a56ffa0ce929871f522b48f5bc49dedfbf19743e6fe29e8d2c4c78ec1ac6170d96231611a976c6de58a3b36b90c00000015004500a39404c94f05240b534d81b5bfd1af60f2000000d60045004bb8aef13efe847775a002b51c24c5955a395aaceb1fdfec1597aaf520305ab5ea24e15ab0b6ff403978a8474da6add985f83f88c7a1e3c96250a2aa48a3337c3e8b439b52f85e7036f4e5e550c180c2e2d6fd503295f24cfb1b6cfb577ecc5df47c96bc6642496dd4a7f7d8d6fc9c1499f20ef825cf14d5e02dea83b6969ae5ff3b7330e99321d0b4e92488a3441b469587cfeeb4fd19bc01fe36c060eecfc980d30c592fb973f620119bad39564fd3d4819c6690e202cdc6fcbf2efdc1c5ffb5e84a6df22f1bbc6bdb612f54a2ae3855800000ef0045007db0963ab1850d3387750ce4f22072a3f67808035b203a9efe4c282dd550fc0f7771ebc65ad7ac5562f0375870c46778af1ee395c8ee930cee731df693a1a1b5b057f56c849c2053b85931d7041c1e06e7fc50534af87b35bc87e44dc01443ec33e185a4e73d93307721548ea82cbbc96a0fcf25b7d290d2913a20fa0c41a45212304cefb0110293a4374e792e0ec48f2b42567402772ebb51b72141d266d8324b43e49e70397fe9da5eb4b567ef1e302f5cd91e2aea1e458f661c7dc6970a12017b18191c39d36e31ff4591ebefa9e0534aecbbfb1af695fdb30b3219b8d01326ffd8d9deff807426d127007b00450089b30c1ad9696b290795aa4296499331cdcc0dae520076f1307c61e41cd7ba3ae0856402374b9ae7cef9eb7a696c1e111ead1f9b322fda58df8925e7afb59d4d72a8351e9461f6ebbd294e93c7c3074641b7558aeba32367b2110bf18539e59cae81de3f4963af1565bba2b0664d7f217f68be39d533b200"], 0x14fc}, 0x1, 0x0, 0x0, 0x841}, 0x8000) fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r4 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611) 21:22:51 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 21:23:07 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000) 21:23:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x0, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:23:07 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:23:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 2) 21:23:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r1 = perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x80, 0xe4, 0x5, 0x2, 0x0, 0x8001, 0x24, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000380)}, 0x401, 0x5c1d, 0x55e, 0x8, 0x9, 0x7, 0x6, 0x0, 0x6, 0x0, 0x418}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0xa) close(r1) close(r0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x1, 0xfc, 0x8, 0x78, 0x2, 0x3e, 0x7, 0x227, 0x40, 0x273, 0x3, 0xff, 0x38, 0x1, 0x482e, 0x8}, [{0x7, 0xf7e9, 0x7, 0xf, 0x4, 0x9, 0x703, 0xffffffffffffffff}], "95c7b4b5bfede0e2ab9939fcd027ed78274145c912a164426754c4942e21b0a5d0e840d7ad6730c4e83a79045a5faa9eb189e888e14bd10b7c7f704e78d74a0b7d6b8c9ab773530b6847823f557ac7c82c22c322f12952729949b7c50e49d600322569f9cd7f232928b3fd48794fd871b5682ae92dfae9e5ad7b52a74fb125940adf25bdeb451b8750a115bf4e975e5ce55211e39ec53da771cb608930adec90d9f4950e260cd43794ec754ad4a904fb222698e65ad285127e84cbe1c67adeef2ec2d215c1971fbca16734dd5a63b27d61a92c73df1696c68edfc9ed991972772b042f47629e", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x65e) r2 = getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x3f, 0x9, 0x9, 0x3, 0x0, 0x7fff, 0x1, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xce, 0x4, @perf_bp={&(0x7f0000000000), 0xf}, 0x52000, 0xfffffffffffffffc, 0x7, 0x8, 0x6, 0x6, 0x6, 0x0, 0x7, 0x0, 0x80000000}, r2, 0xe, r1, 0x8) 21:23:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000) 21:23:07 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) 21:23:07 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) [ 1154.899367] FAULT_INJECTION: forcing a failure. [ 1154.899367] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1154.901921] CPU: 1 PID: 7907 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1154.903311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1154.905037] Call Trace: [ 1154.905581] dump_stack+0x107/0x167 [ 1154.906346] should_fail.cold+0x5/0xa [ 1154.907155] _copy_to_user+0x2e/0x180 [ 1154.907970] io_uring_setup+0x11b5/0x2980 [ 1154.908845] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1154.909914] ? wait_for_completion_io+0x270/0x270 [ 1154.910964] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1154.912055] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1154.913156] do_syscall_64+0x33/0x40 [ 1154.913945] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1154.915019] RIP: 0033:0x7f2d330fab19 [ 1154.915801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1154.919661] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1154.921262] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1154.922761] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1154.924272] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1154.925774] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1154.927263] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1154.936086] FAULT_INJECTION: forcing a failure. [ 1154.936086] name failslab, interval 1, probability 0, space 0, times 0 [ 1154.938472] CPU: 1 PID: 7915 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1154.939901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1154.941659] Call Trace: [ 1154.942221] dump_stack+0x107/0x167 [ 1154.942994] should_fail.cold+0x5/0xa [ 1154.943797] ? create_object.isra.0+0x3a/0xa30 [ 1154.944765] should_failslab+0x5/0x20 [ 1154.945580] kmem_cache_alloc+0x5b/0x310 [ 1154.946436] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1154.947710] create_object.isra.0+0x3a/0xa30 [ 1154.948637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1154.949714] kmem_cache_alloc_trace+0x151/0x320 [ 1154.950701] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1154.951835] io_uring_setup+0x14f6/0x2980 [ 1154.952719] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1154.953792] ? wait_for_completion_io+0x270/0x270 [ 1154.954841] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1154.955941] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1154.957038] do_syscall_64+0x33/0x40 [ 1154.957816] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1154.958891] RIP: 0033:0x7f606cee6b19 [ 1154.959668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1154.963697] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1154.965401] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1154.966967] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1154.968474] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1154.969989] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1154.971598] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1154.979851] kauditd_printk_skb: 24 callbacks suppressed [ 1154.979864] audit: type=1326 audit(1778448187.192:2801): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1154.986483] audit: type=1326 audit(1778448187.198:2802): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1154.990438] audit: type=1326 audit(1778448187.202:2803): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1154.995016] FAULT_INJECTION: forcing a failure. [ 1154.995016] name failslab, interval 1, probability 0, space 0, times 0 [ 1154.996503] CPU: 0 PID: 7922 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1154.997371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1154.998402] Call Trace: [ 1154.998744] dump_stack+0x107/0x167 [ 1154.999199] should_fail.cold+0x5/0xa [ 1154.999686] ? io_uring_setup+0x258/0x2980 [ 1155.000215] should_failslab+0x5/0x20 [ 1155.000695] kmem_cache_alloc_trace+0x55/0x320 [ 1155.001276] io_uring_setup+0x258/0x2980 [ 1155.001791] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1155.002399] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1155.003037] ? wait_for_completion_io+0x270/0x270 [ 1155.003660] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1155.004320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1155.005019] do_syscall_64+0x33/0x40 [ 1155.005489] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1155.006132] RIP: 0033:0x7f38f4330b19 [ 1155.006599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1155.008892] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1155.009850] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1155.010740] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1155.011634] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1155.012527] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1155.013423] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1155.027387] audit: type=1326 audit(1778448187.202:2804): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1155.041818] audit: type=1326 audit(1778448187.206:2805): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1155.053598] audit: type=1326 audit(1778448187.207:2806): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1155.070559] audit: type=1326 audit(1778448187.207:2807): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1155.083620] audit: type=1326 audit(1778448187.207:2808): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8000000) 21:23:07 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff) [ 1155.093544] audit: type=1326 audit(1778448187.228:2809): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1155.104245] audit: type=1326 audit(1778448187.228:2810): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7918 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x0, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:23:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 3) 21:23:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) writev(r0, &(0x7f0000000980)=[{&(0x7f00000006c0)="dc583fa68de67413dff35dcefafdcc8edfb10b0c24b64865c45da219c2f4c3bc5774685694181d15b35161cf48c9c1ecaa4464d473d4641cbc2886e0e97f9d1c1e8eeead1d172408c3a49add30cdd0bb083f589a647fb3f1593157eb945bd684f1fe7daebfc1ad4feb71b6c3978e35a120a7211092c065e66132d1978b3f7d948af78fa110db1e489f263233b3f2f347446946363359da9b6b5c3e6b59bf2e2e086f03b463195b03cbbae10fe2eb2a8586505f5d639c71a005354881c011672ee7fb4d6890f2c0bbd5eb328f2ccea06178bdc1e15cc10db39ebdf24dd4a2d1654f06cc74ce92c734a72e57f8ca03f7eda6921c2d7aeba7d4", 0xf8}, {&(0x7f00000007c0)="c59dc16e4e6222ca3fa6f5d2deb64817650d0f3a803a9026f0361d31b27762c1eec6d88a4fe8c9fb2d407371991a54fe16c726d84b8c97770e4bed5c0d0d7151869c35276c17598657dbbca2f14bb2ffedfd76c48347b4673780e2ff6a8849890e8aea1a51784838efae6a93298700b64e5ad61a39627844d85b", 0x7a}, {&(0x7f0000000840)="9b8c54e517c92b304f7d5c7fd9dcc1bad40944ecae031c7c253010b967e7bc39678730dea524dd5cb8b61787a729a7", 0x2f}, {&(0x7f0000000880)="400020da24f28affb202090ac6782b2ebe862459ea429b6a77b6421abfd1b8bdca08afe46e321e3c4a138bc5e65b5b38a06e8be24a7fad4f244e46859f767d84081424c99ff093116a66fb4fb7155347b56063aac7f6d5946236de3a73f9038f15123231aaf98f8b652c8799b1a1be4f6649e9fbd75a999e7ff1b9cdceaac3e8906e25e3b5d78d1b799cccc395c35f5ba1a225488b62ea3a079667a84ebad600bcc40149ae38c5cc25d4a6b468960b26dd04eb396ea0dc875bf41ef4f6df5de618840b5679fa0384545da5f6d058862a1979421d9271adcaced9f17890", 0xdd}], 0x4) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r3 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x110, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_CONNECT={0x10, 0x5, 0x0, r0, 0x80, &(0x7f00000009c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x40}, 0x2}, 0x0, 0x0, 0x1}, 0x8001) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_io_uring_submit(r2, r5, &(0x7f00000000c0)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x4004, @fd=r7, 0x1, 0x7, 0x3c3, 0x1, 0x1, {0x2}}, 0xbfd) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) pwritev(r1, &(0x7f0000000600)=[{&(0x7f0000000000)="4a34007dd11d9fb1cb8ff61ed8c4e10acf14de8b85d54463adb7190d18d8de4bda085ecca4", 0x25}, {&(0x7f0000000040)="c1090ea7f93068656059a1cd6f54708dc0b5b26a353136cba8c3e5a3c19107545abc5876a50d907aebdaa3503eba3cc9ddad0da622ce6d814ce897fcc42f83432b175d", 0x43}, {&(0x7f0000000140)="1e68d476d74f94fa43b40012734dcc7fed623fbd34cc98fd22116995cafb33beb45ef29041c2ae19cd09a90c6c529d77da62ef1e3db0b3ea96ab748725c25bdd74e678e7c7432864219cc84b8e9c519575ace0281d14871ed9c2c9469bd80d6c92014c3200db5082b2d03afc4dec730138ab844fface8372d8a7c4e911c7a34d1638caf66db373e3aaae1ace0235ff180f29c7a01ef091c26207a3ee68293468677d2622e7be9e0c45f2f51332cb3f8ba5da2a5038a7c8f7af824101f5418c5fd276d5457467fdba2fb8e472bc94862e3dcafe48c5376e0229bc8b8fab27b8ade2be149f6c41f64335b72eed923529", 0xef}, {&(0x7f0000000240)="ec0b3fe47c2d81b861d3627f0ac932886a198bdcd6dd3ab1abfd166e624d0d938ca2b15482a113c4994bb579de82204ddc9c7e45cb8c84a0cb7c19455f30bc30aeb7d2c4eb962c84309b164632e4edd69ebe5aff7ec0657b1ca8c6396071a83fab08643b7df3f295", 0x68}, {&(0x7f00000002c0)="aa25ebc35226302ea320dbb019fc4469cc0d234f05e89aa6bee840260d26b7f3312af2d6d28fa2a197b2740473bdafadbdb57a92d689ded928830d7d7e7337376b88a08e431212f02c22d2f5dfe483e69ab3c9", 0x53}, {&(0x7f0000000340)="0c5147c3705b35626b1540461d12e224bda0ad9debc98056968ac7cd32055a453b51aef20eeca78b4c27769679585c51e808cd33205c9734905794d7d7d32cf3141c3e5e95f40146250c6afa0b43607dca96c5b9c0912e6f7ae17a58e9150d90c8e530b31321fcbbbaa40f9fcab36eec2e7020a8f22fd47a4cb5eaab144dc811c2403fd6d3e0df5d24f2be53efaaa80a5208107f276009323d413915a0663abf35bb1f2e020390937913b8297fd97db58258f836c0a8f2a83789202a124e02105bfdc7a042ec1aafc7409c8ac1814196295c54d7b54ad019930990a90454c6f0cd535582491f79", 0xe7}, {&(0x7f0000000440)="089a29610bbd5022018ca5aa46ca02d48900fd4d6f6b2f26784bfb95bf257f5cf40746cb5732e8e8a1ca76419631b05888427ec897311e8b241f75938d69675e2e15e36bd051b3efc5929dbc06768e82278fa6a220fc6fd99990962800859cba8cfc3f55f94fdad2ba4aa388ea1478f14bf5", 0x72}, {&(0x7f00000004c0)="b1b5715ebd6943d22f65bc6dda2a5fea52052fe3ebe2cc056e774f2a3edc94b1b6b265df22d2afba6325736e988dd361687e0336830c8a0fccef5a1cf7e45796b34a36843e00e0c1dd94bd4c034828d0544b1191fc69b4ae8da9e775053712661f67d7db9a4985423e5db168a24a", 0x6e}, {&(0x7f0000000540)="8ea0c95325e3b896c80c9fcd47f230f969ee48eb043a7a6b30da3c7597dbf3844bccd215e8c43c21c11dd37a43690c13228b9ff57f3a6e821dadf975c35074a09ad34653fb1592038f4b6917574cb4f1d8a6d0e1f183674e25e1827a18515839d3b53e9823e9503d172413a8a7b9f4ae2adb72d30f1c303eaef90ac81de9b533ec9cfc6c85750c836c376d56063f3d06a122962ba6d8ea552ab937690882", 0x9e}], 0x9, 0x3f, 0x4) close(r0) [ 1155.145521] FAULT_INJECTION: forcing a failure. [ 1155.145521] name failslab, interval 1, probability 0, space 0, times 0 [ 1155.146925] CPU: 0 PID: 7932 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1155.147762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1155.148784] Call Trace: [ 1155.149126] dump_stack+0x107/0x167 [ 1155.149582] should_fail.cold+0x5/0xa [ 1155.150057] ? create_object.isra.0+0x3a/0xa30 [ 1155.150631] should_failslab+0x5/0x20 [ 1155.151109] kmem_cache_alloc+0x5b/0x310 [ 1155.151620] create_object.isra.0+0x3a/0xa30 [ 1155.152168] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1155.152808] kmem_cache_alloc_trace+0x151/0x320 [ 1155.153403] io_uring_setup+0x258/0x2980 [ 1155.153911] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1155.154508] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1155.155135] ? wait_for_completion_io+0x270/0x270 [ 1155.155744] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1155.156388] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1155.157034] do_syscall_64+0x33/0x40 [ 1155.157490] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1155.158120] RIP: 0033:0x7f38f4330b19 [ 1155.158584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1155.160841] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1155.161787] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1155.162665] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1155.163547] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1155.164417] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1155.165307] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:23 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000100) 21:23:23 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) 21:23:23 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = accept$unix(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/48, 0x30}, {&(0x7f0000000240)=""/105, 0x69}, {&(0x7f0000000340)=""/129, 0x81}, {&(0x7f0000000400)=""/241, 0xf1}], 0x4) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) fcntl$lock(r2, 0x25, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x7fffffff, 0xffffffffffffffff}) [ 1171.337889] kauditd_printk_skb: 28 callbacks suppressed [ 1171.337909] audit: type=1326 audit(1778448203.550:2839): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.358732] FAULT_INJECTION: forcing a failure. [ 1171.358732] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.361686] CPU: 1 PID: 7952 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1171.363444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.365763] Call Trace: [ 1171.366453] dump_stack+0x107/0x167 [ 1171.367385] should_fail.cold+0x5/0xa [ 1171.368358] ? create_object.isra.0+0x3a/0xa30 [ 1171.369567] should_failslab+0x5/0x20 [ 1171.370539] kmem_cache_alloc+0x5b/0x310 [ 1171.371577] create_object.isra.0+0x3a/0xa30 [ 1171.372699] kmemleak_alloc_percpu+0xa0/0x100 [ 1171.373857] pcpu_alloc+0x4e2/0x1240 [ 1171.374827] ? io_async_queue_proc+0x80/0x80 [ 1171.375944] percpu_ref_init+0x31/0x3d0 [ 1171.376960] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1171.378346] io_uring_setup+0x14f6/0x2980 [ 1171.379411] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.380685] ? wait_for_completion_io+0x270/0x270 [ 1171.381957] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.383285] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.384594] do_syscall_64+0x33/0x40 [ 1171.385535] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.386600] RIP: 0033:0x7f606cee6b19 [ 1171.387392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.391214] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.392809] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1171.394305] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.395792] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.397288] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.398788] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1171.403212] audit: type=1326 audit(1778448203.615:2840): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.409351] audit: type=1326 audit(1778448203.621:2841): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:23 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 4) 21:23:23 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000) 21:23:23 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x0, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:23:23 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) 21:23:23 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1171.416536] FAULT_INJECTION: forcing a failure. [ 1171.416536] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.419023] CPU: 1 PID: 7955 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1171.419624] audit: type=1326 audit(1778448203.621:2842): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.420465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.420474] Call Trace: [ 1171.420501] dump_stack+0x107/0x167 [ 1171.420524] should_fail.cold+0x5/0xa [ 1171.420547] ? __d_alloc+0x2a/0x990 [ 1171.420565] should_failslab+0x5/0x20 [ 1171.420584] kmem_cache_alloc+0x5b/0x310 [ 1171.420613] __d_alloc+0x2a/0x990 [ 1171.430424] ? find_held_lock+0x2c/0x110 [ 1171.431304] d_alloc_pseudo+0x19/0x70 [ 1171.432079] alloc_file_pseudo+0xce/0x250 [ 1171.432965] ? trace_hardirqs_on+0x5b/0x180 [ 1171.433873] ? alloc_file+0x5a0/0x5a0 [ 1171.434695] anon_inode_getfile+0xc8/0x1f0 [ 1171.434999] audit: type=1326 audit(1778448203.621:2843): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.435583] io_uring_setup+0x138b/0x2980 [ 1171.439415] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.440464] ? wait_for_completion_io+0x270/0x270 [ 1171.441505] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.442642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.443983] do_syscall_64+0x33/0x40 [ 1171.444937] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.446231] RIP: 0033:0x7f2d330fab19 [ 1171.447179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.449070] audit: type=1326 audit(1778448203.621:2844): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.451239] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.451262] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1171.451281] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.458793] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.460321] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.461805] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:23 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000) [ 1171.474534] FAULT_INJECTION: forcing a failure. [ 1171.474534] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1171.474634] audit: type=1326 audit(1778448203.621:2845): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.477269] CPU: 1 PID: 7959 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1171.481393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.483131] Call Trace: [ 1171.483699] dump_stack+0x107/0x167 21:23:23 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x0, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1171.484476] should_fail.cold+0x5/0xa [ 1171.485421] __alloc_pages_nodemask+0x182/0x600 [ 1171.486414] ? lock_release+0x680/0x680 [ 1171.487240] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1171.488494] ? lock_downgrade+0x6d0/0x6d0 [ 1171.489459] alloc_pages_current+0x187/0x280 [ 1171.490405] kmalloc_order+0x35/0x160 [ 1171.491255] kmalloc_order_trace+0x14/0xa0 [ 1171.492128] io_uring_setup+0x33c/0x2980 [ 1171.493028] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1171.494139] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.495274] ? wait_for_completion_io+0x270/0x270 [ 1171.495368] audit: type=1326 audit(1778448203.622:2846): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.496365] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.496391] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.501577] do_syscall_64+0x33/0x40 [ 1171.502406] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.503545] RIP: 0033:0x7f38f4330b19 [ 1171.504369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.508428] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.510110] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1171.511689] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.513294] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.514859] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.516433] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1171.520704] FAULT_INJECTION: forcing a failure. [ 1171.520704] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1171.522343] CPU: 0 PID: 7963 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1171.523273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.524403] Call Trace: [ 1171.524766] dump_stack+0x107/0x167 [ 1171.525272] should_fail.cold+0x5/0xa [ 1171.525803] _copy_from_user+0x2e/0x1b0 [ 1171.526349] io_uring_setup+0x9b/0x2980 [ 1171.526889] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1171.527545] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.528239] ? wait_for_completion_io+0x270/0x270 [ 1171.528907] ? rcu_read_lock_any_held+0x75/0xa0 [ 1171.529551] ? vfs_write+0x354/0xb10 [ 1171.530061] ? fput_many+0x2f/0x1a0 [ 1171.530556] ? ksys_write+0x1a9/0x260 [ 1171.531075] ? __ia32_sys_read+0xb0/0xb0 [ 1171.531632] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.532338] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.533041] do_syscall_64+0x33/0x40 [ 1171.533562] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.534263] RIP: 0033:0x7ff29b41cb19 [ 1171.534764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.537263] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.538303] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1171.539259] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.540221] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.541202] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.542180] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1171.544385] audit: type=1326 audit(1778448203.622:2847): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1171.549040] audit: type=1326 audit(1778448203.629:2848): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7944 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:23 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x2000000) 21:23:23 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0) flock(r1, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = socket$inet_icmp(0x2, 0x2, 0x1) sendmsg$nl_generic(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x44c, 0x42, 0x400, 0x70bd29, 0x25dfdbfd, {0x6}, [@generic="2ea556b1adbc7dbb77a8305a1e972ed206bf1c409fc546d2e414d9826fa620a0d5cab41552f2ef1bd3861591aea814fdd18f0b8ca35b45e14b0ac24bcdada09e7834a1a5b2baff76d91b6e6c721dd2a540a0812fbe6391e30ee5ea15d6f307a9c1ae682a1992c7ae67b9d0cc3211f7c9214b002d4ced964343a7773ca8be78ba440347e186dc1d165eef734c243495dc", @typed={0x8, 0x9, 0x0, 0x0, @fd=r3}, @generic="a4717eda6a687c7e4469842743908181d8a5840c606557b420b190c44bd49364de6b6b62ce024dd7d1d69a9a391f92551093bc82030e4ef11233172300c449be3bbce3ca2778abf806c2478e00bba7a7eb371b26037f213177e7d83c9948354f0e42104017e2c0bef85e0d7e0085200272753882332c771321fe72d198d31bdf02b90883", @nested={0x319, 0x5c, 0x0, 0x1, [@generic="dcb899daafdbd9c64a612163b08385a54d03486f8c7c335cdc4daf05aae397766e7d1b473076d2f2dda4fc8de3ad987b19d3946355e031ca75c6c7560b8e85745bde5531d24fed652fc2bcf1795c72e021148a12c614362f1e36de96860404908557d4caa4c26b861cace7abbda45043758f1cad27ea647597d605c8e239c4b5c74f5a7b3b231785fffe1afa7286bcf313d2c93756fb8a7eaa4482787e0fd8d0aade0f2c073842828b", @typed={0xe, 0x95, 0x0, 0x0, @str='setgroups\x00'}, @generic="7f4e6ca54c6374ef4054451b9d3098e5f95641a085ed775fab6037e1f1a0b6cb20ff9f47b6b8b89346e6d7fe2c7f38bf6536ed021523893c8fa8ccfce131fa10e26fb1ef851948d82a52242e9e262b928837c5ae5359dd8ab6203d0d628a361304768411e9ca3c8898a32beb31fcafe4dddeab00944533eb3893ef60d1f18a0b77024d00ee38415fa578782e62a17095679d21c0a4d8674bfa29b7e8e09b0e43bf8d8184e9153c67f5d61d895f", @generic="d556cb28a9b64a85ceaee6132fdda4ee51274b3fd40ea706732b9211003a689e7fc6774a64dd478efdc1350cf04997f7c83b4672b308e0aa150ddfce37333d22fec77bc5f05facc7f46e1b7a8567b720c8d7a92b182d1a0d7cf44e4f4adcd918e1f416f049bde24f59a8d1c45f06b4bf298ad8c2782b7184c010b7ec02a3317b17f593032622231b614834aed0021ad3f885c94312a8df0c409ef7be0f14491d10a7b9702a42fd1300a3fd1d35616eba9243df6c9a8a75038e35426e844a62", @typed={0xe7, 0x88, 0x0, 0x0, @binary="900a2de463fead720a7db51f650a0382d0635ba34a1d2d03a740c4e96245d6b2372ab27a96d2c26a80910025a90491ae2afd30a770100729371984d6825250e53c518cc47f3a639f183466ccfe24b8050c82a07c35d4e4bbeee13b6ac80bc4db750030f58b55fdbfc0bc9dc0d01122711f0b53e94198b853d51c6bbcdc2115fd56691bb985cb7f5675b6819299318601a2139ecb867cfa6f8ebd36baa3dfb3c5e2b2dee1c32edba6110d3cca95cce8495f05cfb99b1094b68cfd3bbc170c416bace7b4f496046cd4d0003348688177315bee780adc89dcb1b68df81e09d3dfd630c1c8"}, @typed={0x8, 0x85, 0x0, 0x0, @pid}]}]}, 0x44c}, 0x1, 0x0, 0x0, 0x10}, 0x815) 21:23:23 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x45e00fff) 21:23:23 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x0, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:23:23 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:23:23 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) 21:23:23 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 5) [ 1171.687090] FAULT_INJECTION: forcing a failure. [ 1171.687090] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.688498] CPU: 0 PID: 7976 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1171.689324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.690311] Call Trace: [ 1171.690635] dump_stack+0x107/0x167 [ 1171.691077] should_fail.cold+0x5/0xa [ 1171.691535] ? io_uring_setup+0x258/0x2980 [ 1171.692045] should_failslab+0x5/0x20 [ 1171.692501] kmem_cache_alloc_trace+0x55/0x320 [ 1171.693061] io_uring_setup+0x258/0x2980 [ 1171.693559] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1171.694144] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.694745] ? wait_for_completion_io+0x270/0x270 [ 1171.695337] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.695960] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.696576] do_syscall_64+0x33/0x40 [ 1171.697020] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.697635] RIP: 0033:0x7ff29b41cb19 [ 1171.698081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.700261] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.701163] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1171.702015] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.702864] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.703709] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.704555] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1171.731206] FAULT_INJECTION: forcing a failure. [ 1171.731206] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.732640] CPU: 0 PID: 7978 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1171.733445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.734404] Call Trace: [ 1171.734715] dump_stack+0x107/0x167 [ 1171.735146] should_fail.cold+0x5/0xa [ 1171.735594] ? create_object.isra.0+0x3a/0xa30 [ 1171.736132] should_failslab+0x5/0x20 [ 1171.736582] kmem_cache_alloc+0x5b/0x310 [ 1171.737065] create_object.isra.0+0x3a/0xa30 [ 1171.737585] ? kasan_unpoison_shadow+0x33/0x50 [ 1171.738124] kmalloc_order+0xfe/0x160 [ 1171.738571] kmalloc_order_trace+0x14/0xa0 [ 1171.739066] io_uring_setup+0x33c/0x2980 [ 1171.739540] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1171.740102] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.740690] ? wait_for_completion_io+0x270/0x270 [ 1171.741288] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.741893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.742499] do_syscall_64+0x33/0x40 [ 1171.742930] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.743528] RIP: 0033:0x7f38f4330b19 [ 1171.743969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.745304] FAULT_INJECTION: forcing a failure. [ 1171.745304] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.746094] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.746108] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1171.746115] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.746122] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.746138] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.752608] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1171.753457] CPU: 1 PID: 7980 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1171.754910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1171.756657] Call Trace: [ 1171.757228] dump_stack+0x107/0x167 [ 1171.758001] should_fail.cold+0x5/0xa [ 1171.758810] ? create_object.isra.0+0x3a/0xa30 [ 1171.759774] should_failslab+0x5/0x20 [ 1171.760583] kmem_cache_alloc+0x5b/0x310 [ 1171.761459] create_object.isra.0+0x3a/0xa30 [ 1171.762384] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1171.763461] kmem_cache_alloc+0x159/0x310 [ 1171.764346] __d_alloc+0x2a/0x990 [ 1171.765079] ? find_held_lock+0x2c/0x110 [ 1171.765947] d_alloc_pseudo+0x19/0x70 [ 1171.766751] alloc_file_pseudo+0xce/0x250 [ 1171.767623] ? trace_hardirqs_on+0x5b/0x180 [ 1171.768532] ? alloc_file+0x5a0/0x5a0 [ 1171.769371] anon_inode_getfile+0xc8/0x1f0 [ 1171.770272] io_uring_setup+0x138b/0x2980 [ 1171.771154] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1171.772222] ? wait_for_completion_io+0x270/0x270 [ 1171.773272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1171.774374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1171.775466] do_syscall_64+0x33/0x40 [ 1171.776253] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1171.777340] RIP: 0033:0x7f2d330fab19 [ 1171.778126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1171.782008] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1171.783615] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1171.785117] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1171.786632] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1171.788133] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1171.789649] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:23 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000) 21:23:41 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x45e03fff) 21:23:41 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) 21:23:41 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) 21:23:41 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 6) [ 1188.921981] kauditd_printk_skb: 32 callbacks suppressed [ 1188.921994] audit: type=1326 audit(1778448221.134:2881): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1188.927346] audit: type=1326 audit(1778448221.140:2882): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:41 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') pread64(r0, &(0x7f0000000000)=""/224, 0xe0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002ac0)={&(0x7f0000000040)={0x1c, r3, 0x709, 0x0, 0x0, {{0x5}, {@void, @val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, 0x0, 0x8, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x3a}}}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xfbff}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x4f}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x80000000}]}, 0x40}, 0x1, 0x0, 0x0, 0x84}, 0x5) close(r0) 21:23:41 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8000000) 21:23:41 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:23:41 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x0, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1188.955582] FAULT_INJECTION: forcing a failure. [ 1188.955582] name failslab, interval 1, probability 0, space 0, times 0 [ 1188.956055] audit: type=1326 audit(1778448221.168:2883): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1188.958041] CPU: 1 PID: 7993 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1188.962266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1188.964016] Call Trace: [ 1188.964575] dump_stack+0x107/0x167 [ 1188.965344] should_fail.cold+0x5/0xa [ 1188.966163] ? create_object.isra.0+0x3a/0xa30 [ 1188.967122] should_failslab+0x5/0x20 [ 1188.967920] kmem_cache_alloc+0x5b/0x310 [ 1188.968784] create_object.isra.0+0x3a/0xa30 [ 1188.969726] kmemleak_alloc_percpu+0xa0/0x100 [ 1188.970677] pcpu_alloc+0x4e2/0x1240 [ 1188.971484] ? io_async_queue_proc+0x80/0x80 [ 1188.972424] percpu_ref_init+0x31/0x3d0 [ 1188.973270] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1188.974420] io_uring_setup+0x14f6/0x2980 [ 1188.974804] audit: type=1326 audit(1778448221.168:2884): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1188.975298] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1188.975321] ? wait_for_completion_io+0x270/0x270 [ 1188.980153] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1188.981261] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1188.982363] do_syscall_64+0x33/0x40 [ 1188.983160] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1188.984239] RIP: 0033:0x7f606cee6b19 [ 1188.985028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1188.985094] audit: type=1326 audit(1778448221.168:2885): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1188.988890] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1188.988913] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1188.988925] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1188.988942] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1188.997779] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1188.999281] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1189.013213] audit: type=1326 audit(1778448221.168:2886): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1189.021640] audit: type=1326 audit(1778448221.168:2887): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:23:41 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x0, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1189.026920] FAULT_INJECTION: forcing a failure. [ 1189.026920] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.029948] CPU: 1 PID: 7999 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1189.031117] audit: type=1326 audit(1778448221.168:2888): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1189.031390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.035794] Call Trace: [ 1189.036355] dump_stack+0x107/0x167 [ 1189.037124] should_fail.cold+0x5/0xa [ 1189.037955] ? create_object.isra.0+0x3a/0xa30 [ 1189.038914] should_failslab+0x5/0x20 [ 1189.039715] kmem_cache_alloc+0x5b/0x310 [ 1189.040577] create_object.isra.0+0x3a/0xa30 [ 1189.040740] audit: type=1326 audit(1778448221.171:2889): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1189.041506] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1189.041535] kmem_cache_alloc_trace+0x151/0x320 [ 1189.046205] io_uring_setup+0x258/0x2980 [ 1189.047066] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1189.048087] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.049148] ? wait_for_completion_io+0x270/0x270 [ 1189.050203] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.051306] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.052394] do_syscall_64+0x33/0x40 [ 1189.053176] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.054255] RIP: 0033:0x7ff29b41cb19 [ 1189.055035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.058895] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.060487] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1189.061995] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.063487] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.064980] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.066487] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1189.069959] FAULT_INJECTION: forcing a failure. [ 1189.069959] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.072437] CPU: 1 PID: 8000 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1189.072760] audit: type=1326 audit(1778448221.171:2890): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=7990 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1189.073897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.073904] Call Trace: [ 1189.073925] dump_stack+0x107/0x167 [ 1189.073949] should_fail.cold+0x5/0xa [ 1189.073968] ? __alloc_file+0x21/0x320 [ 1189.073986] should_failslab+0x5/0x20 [ 1189.074005] kmem_cache_alloc+0x5b/0x310 [ 1189.074031] __alloc_file+0x21/0x320 [ 1189.074051] alloc_empty_file+0x6d/0x170 [ 1189.074072] alloc_file+0x5e/0x5a0 [ 1189.074096] alloc_file_pseudo+0x16a/0x250 [ 1189.074114] ? alloc_file+0x5a0/0x5a0 [ 1189.074153] anon_inode_getfile+0xc8/0x1f0 [ 1189.074178] io_uring_setup+0x138b/0x2980 [ 1189.074209] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.074225] ? wait_for_completion_io+0x270/0x270 [ 1189.074273] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.074294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.074318] do_syscall_64+0x33/0x40 [ 1189.074338] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.074350] RIP: 0033:0x7f2d330fab19 [ 1189.074368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.074378] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.074399] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1189.074410] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.074422] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.074433] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.074445] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1189.102352] FAULT_INJECTION: forcing a failure. [ 1189.102352] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.104835] CPU: 1 PID: 8008 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1189.106286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.108028] Call Trace: [ 1189.108587] dump_stack+0x107/0x167 [ 1189.109356] should_fail.cold+0x5/0xa [ 1189.110179] ? io_uring_setup+0x40b/0x2980 [ 1189.111075] should_failslab+0x5/0x20 [ 1189.111883] kmem_cache_alloc_trace+0x55/0x320 [ 1189.112852] io_uring_setup+0x40b/0x2980 [ 1189.113723] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1189.114744] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.115810] ? wait_for_completion_io+0x270/0x270 [ 1189.116848] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.117955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.119043] do_syscall_64+0x33/0x40 [ 1189.119830] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.120906] RIP: 0033:0x7f38f4330b19 [ 1189.121691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.125566] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.127161] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1189.128656] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.130165] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.131655] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.133152] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:41 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x46603fff) 21:23:41 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) 21:23:41 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000) 21:23:41 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x0, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1189.224320] FAULT_INJECTION: forcing a failure. [ 1189.224320] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.225748] CPU: 0 PID: 8016 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1189.226539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.227497] Call Trace: [ 1189.227808] dump_stack+0x107/0x167 [ 1189.228232] should_fail.cold+0x5/0xa [ 1189.228677] ? create_object.isra.0+0x3a/0xa30 [ 1189.229206] should_failslab+0x5/0x20 [ 1189.229654] kmem_cache_alloc+0x5b/0x310 [ 1189.230129] create_object.isra.0+0x3a/0xa30 [ 1189.230634] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1189.231224] kmem_cache_alloc+0x159/0x310 [ 1189.231707] __alloc_file+0x21/0x320 [ 1189.232141] alloc_empty_file+0x6d/0x170 [ 1189.232612] alloc_file+0x5e/0x5a0 [ 1189.233031] alloc_file_pseudo+0x16a/0x250 [ 1189.233530] ? alloc_file+0x5a0/0x5a0 [ 1189.233985] anon_inode_getfile+0xc8/0x1f0 [ 1189.234477] io_uring_setup+0x138b/0x2980 [ 1189.234969] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.235554] ? wait_for_completion_io+0x270/0x270 [ 1189.236124] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.236728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.237326] do_syscall_64+0x33/0x40 [ 1189.237757] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.238345] RIP: 0033:0x7f2d330fab19 [ 1189.238772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.240870] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.241779] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1189.242600] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.243424] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.244243] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.245066] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:41 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) [ 1189.271301] FAULT_INJECTION: forcing a failure. [ 1189.271301] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.272688] CPU: 0 PID: 8019 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1189.273436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.274382] Call Trace: [ 1189.274690] dump_stack+0x107/0x167 [ 1189.275108] should_fail.cold+0x5/0xa [ 1189.275551] ? percpu_ref_init+0xd8/0x3d0 [ 1189.276022] should_failslab+0x5/0x20 [ 1189.276458] kmem_cache_alloc_trace+0x55/0x320 [ 1189.276977] ? io_async_queue_proc+0x80/0x80 [ 1189.277483] percpu_ref_init+0xd8/0x3d0 [ 1189.277943] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1189.278527] io_uring_setup+0x14f6/0x2980 [ 1189.279005] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.279554] ? wait_for_completion_io+0x270/0x270 [ 1189.280120] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.280691] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.281284] do_syscall_64+0x33/0x40 [ 1189.281698] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.282281] RIP: 0033:0x7f606cee6b19 [ 1189.282688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.284783] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.285608] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1189.286371] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.287133] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.287899] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.288663] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:41 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:23:41 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 7) 21:23:41 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0fe045) [ 1189.322976] FAULT_INJECTION: forcing a failure. [ 1189.322976] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1189.325634] CPU: 1 PID: 8026 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1189.327081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.328290] FAULT_INJECTION: forcing a failure. [ 1189.328290] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.328823] Call Trace: [ 1189.328850] dump_stack+0x107/0x167 [ 1189.328876] should_fail.cold+0x5/0xa [ 1189.332249] __alloc_pages_nodemask+0x182/0x600 [ 1189.333242] ? lock_release+0x680/0x680 [ 1189.334100] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1189.335370] ? lock_downgrade+0x6d0/0x6d0 [ 1189.336260] alloc_pages_current+0x187/0x280 [ 1189.337194] kmalloc_order+0x35/0x160 [ 1189.338007] kmalloc_order_trace+0x14/0xa0 [ 1189.338904] io_uring_setup+0x33c/0x2980 [ 1189.339772] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1189.340793] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.341870] ? wait_for_completion_io+0x270/0x270 [ 1189.342912] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.344016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.345105] do_syscall_64+0x33/0x40 [ 1189.345900] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.346978] RIP: 0033:0x7ff29b41cb19 [ 1189.347775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.351653] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.353244] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1189.354740] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.356242] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.357747] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.359255] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1189.360781] CPU: 0 PID: 8027 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1189.361575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1189.362518] Call Trace: [ 1189.362822] dump_stack+0x107/0x167 [ 1189.363238] should_fail.cold+0x5/0xa [ 1189.363683] ? create_object.isra.0+0x3a/0xa30 [ 1189.364203] should_failslab+0x5/0x20 [ 1189.364647] kmem_cache_alloc+0x5b/0x310 [ 1189.365121] create_object.isra.0+0x3a/0xa30 [ 1189.365602] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1189.366181] kmem_cache_alloc_trace+0x151/0x320 [ 1189.366691] io_uring_setup+0x40b/0x2980 [ 1189.367161] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1189.367685] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1189.368259] ? wait_for_completion_io+0x270/0x270 [ 1189.368794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1189.369358] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1189.369951] do_syscall_64+0x33/0x40 [ 1189.370362] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1189.370908] RIP: 0033:0x7f38f4330b19 [ 1189.371308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1189.373261] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1189.374079] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1189.374840] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1189.375598] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1189.376357] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1189.377114] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:41 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000) 21:23:55 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) 21:23:55 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:23:55 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:23:55 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000640)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000002c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000840)={{}, r3, 0x4, @unused=[0x3, 0x2, 0x2, 0x2], @devid}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000840)={{}, r3, 0x4, @unused=[0x3, 0x5, 0x2, 0x2], @devid}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000140)={{r1}, r3, 0x4, @unused=[0x4, 0x4, 0x94, 0x3], @devid}) 21:23:55 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f6046) 21:23:55 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) 21:23:55 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x45e03fff) 21:23:55 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) [ 1203.662297] FAULT_INJECTION: forcing a failure. [ 1203.662297] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.664720] CPU: 1 PID: 8036 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1203.666171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1203.667904] Call Trace: [ 1203.668463] dump_stack+0x107/0x167 [ 1203.669228] should_fail.cold+0x5/0xa [ 1203.670045] ? security_file_alloc+0x34/0x170 [ 1203.670984] should_failslab+0x5/0x20 [ 1203.671787] kmem_cache_alloc+0x5b/0x310 [ 1203.672656] security_file_alloc+0x34/0x170 [ 1203.673563] __alloc_file+0xb7/0x320 [ 1203.674344] alloc_empty_file+0x6d/0x170 [ 1203.675189] alloc_file+0x5e/0x5a0 [ 1203.675942] alloc_file_pseudo+0x16a/0x250 [ 1203.676821] ? alloc_file+0x5a0/0x5a0 [ 1203.677656] anon_inode_getfile+0xc8/0x1f0 [ 1203.678560] io_uring_setup+0x138b/0x2980 [ 1203.679455] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1203.680528] ? wait_for_completion_io+0x270/0x270 [ 1203.681586] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1203.682701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1203.683803] do_syscall_64+0x33/0x40 [ 1203.684591] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1203.685688] RIP: 0033:0x7f2d330fab19 [ 1203.686485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1203.690378] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1203.691995] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1203.693503] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1203.695065] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1203.696587] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1203.698108] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1203.711361] FAULT_INJECTION: forcing a failure. [ 1203.711361] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.713870] CPU: 1 PID: 8045 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1203.715320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1203.717080] Call Trace: [ 1203.717649] dump_stack+0x107/0x167 [ 1203.718425] should_fail.cold+0x5/0xa [ 1203.719236] ? create_object.isra.0+0x3a/0xa30 [ 1203.720200] should_failslab+0x5/0x20 [ 1203.721007] kmem_cache_alloc+0x5b/0x310 [ 1203.721886] create_object.isra.0+0x3a/0xa30 [ 1203.722815] ? kasan_unpoison_shadow+0x33/0x50 [ 1203.723787] kmalloc_order+0xfe/0x160 [ 1203.724603] kmalloc_order_trace+0x14/0xa0 [ 1203.725515] io_uring_setup+0x33c/0x2980 [ 1203.726402] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1203.727438] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1203.728506] ? wait_for_completion_io+0x270/0x270 [ 1203.729562] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1203.730671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1203.731763] do_syscall_64+0x33/0x40 [ 1203.732546] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1203.733629] RIP: 0033:0x7ff29b41cb19 [ 1203.734412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1203.736257] FAULT_INJECTION: forcing a failure. [ 1203.736257] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.738278] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1203.738300] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1203.738312] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1203.738332] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1203.746327] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1203.747828] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1203.749366] CPU: 0 PID: 8047 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1203.750559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1203.752171] Call Trace: [ 1203.752616] dump_stack+0x107/0x167 [ 1203.753221] should_fail.cold+0x5/0xa [ 1203.753874] ? create_object.isra.0+0x3a/0xa30 [ 1203.754614] should_failslab+0x5/0x20 [ 1203.755248] kmem_cache_alloc+0x5b/0x310 [ 1203.755932] create_object.isra.0+0x3a/0xa30 21:23:55 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fe045) [ 1203.756674] kmemleak_alloc_percpu+0xa0/0x100 [ 1203.757613] pcpu_alloc+0x4e2/0x1240 [ 1203.758255] ? io_tctx_exit_cb+0xf0/0xf0 [ 1203.758929] percpu_ref_init+0x31/0x3d0 [ 1203.759588] io_uring_setup+0x47a/0x2980 [ 1203.760267] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1203.761068] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1203.761899] ? wait_for_completion_io+0x270/0x270 [ 1203.762705] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1203.763560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1203.764394] do_syscall_64+0x33/0x40 [ 1203.765009] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1203.765847] RIP: 0033:0x7f38f4330b19 [ 1203.766450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1203.769419] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1203.770661] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1203.771830] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1203.772994] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1203.774154] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1203.775303] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1203.797769] FAULT_INJECTION: forcing a failure. [ 1203.797769] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.800297] CPU: 1 PID: 8051 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1203.801747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1203.803495] Call Trace: [ 1203.804058] dump_stack+0x107/0x167 [ 1203.804832] should_fail.cold+0x5/0xa [ 1203.805646] ? create_object.isra.0+0x3a/0xa30 [ 1203.806607] should_failslab+0x5/0x20 [ 1203.807407] kmem_cache_alloc+0x5b/0x310 [ 1203.808262] create_object.isra.0+0x3a/0xa30 [ 1203.809183] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1203.810258] kmem_cache_alloc_trace+0x151/0x320 [ 1203.811232] ? io_async_queue_proc+0x80/0x80 [ 1203.812148] percpu_ref_init+0xd8/0x3d0 [ 1203.812986] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1203.814137] io_uring_setup+0x14f6/0x2980 [ 1203.815013] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1203.816068] ? wait_for_completion_io+0x270/0x270 [ 1203.817103] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1203.818206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1203.819291] do_syscall_64+0x33/0x40 [ 1203.820071] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1203.821135] RIP: 0033:0x7f606cee6b19 [ 1203.821921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1203.825794] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1203.827388] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1203.828865] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1203.830364] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1203.831851] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1203.833356] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:23:56 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x46600fff) [ 1203.853313] kauditd_printk_skb: 25 callbacks suppressed [ 1203.853328] audit: type=1326 audit(1778448236.066:2916): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.858375] audit: type=1326 audit(1778448236.070:2917): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.872908] audit: type=1326 audit(1778448236.085:2918): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.890054] audit: type=1326 audit(1778448236.096:2919): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.902383] audit: type=1326 audit(1778448236.096:2920): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.913153] audit: type=1326 audit(1778448236.096:2921): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.923522] audit: type=1326 audit(1778448236.099:2922): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.935066] audit: type=1326 audit(1778448236.110:2923): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.946756] audit: type=1326 audit(1778448236.110:2924): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1203.954210] audit: type=1326 audit(1778448236.110:2925): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8037 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:24:10 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) 21:24:10 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:10 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x46603fff) 21:24:10 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) [ 1218.758012] FAULT_INJECTION: forcing a failure. [ 1218.758012] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.760474] CPU: 1 PID: 8065 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1218.761915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.763660] Call Trace: [ 1218.764226] dump_stack+0x107/0x167 [ 1218.764999] should_fail.cold+0x5/0xa [ 1218.765814] ? create_object.isra.0+0x3a/0xa30 [ 1218.766769] should_failslab+0x5/0x20 [ 1218.767570] kmem_cache_alloc+0x5b/0x310 [ 1218.768424] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1218.769582] create_object.isra.0+0x3a/0xa30 [ 1218.770509] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1218.771587] kmem_cache_alloc+0x159/0x310 [ 1218.772462] security_file_alloc+0x34/0x170 [ 1218.773370] __alloc_file+0xb7/0x320 [ 1218.774168] alloc_empty_file+0x6d/0x170 [ 1218.775023] alloc_file+0x5e/0x5a0 [ 1218.775773] alloc_file_pseudo+0x16a/0x250 [ 1218.776660] ? alloc_file+0x5a0/0x5a0 [ 1218.777485] anon_inode_getfile+0xc8/0x1f0 [ 1218.778391] io_uring_setup+0x138b/0x2980 [ 1218.779276] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1218.780335] ? wait_for_completion_io+0x270/0x270 [ 1218.781384] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.782494] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.783581] do_syscall_64+0x33/0x40 [ 1218.784370] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1218.785448] RIP: 0033:0x7f2d330fab19 [ 1218.786255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.790123] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1218.791714] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1218.793218] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1218.794716] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1218.796211] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1218.797716] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1218.820530] FAULT_INJECTION: forcing a failure. [ 1218.820530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1218.823054] CPU: 1 PID: 8074 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1218.824496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.826259] Call Trace: [ 1218.826819] dump_stack+0x107/0x167 [ 1218.827602] should_fail.cold+0x5/0xa [ 1218.828415] _copy_to_user+0x2e/0x180 [ 1218.829229] io_uring_setup+0x11b5/0x2980 [ 1218.830118] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1218.831191] ? wait_for_completion_io+0x270/0x270 [ 1218.832239] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.833351] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.834449] do_syscall_64+0x33/0x40 [ 1218.835236] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1218.836313] RIP: 0033:0x7f606cee6b19 [ 1218.837106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.840979] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1218.842599] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1218.844104] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1218.845607] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1218.847122] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1218.848623] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:10 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SG_IO(r0, 0x2285, &(0x7f00000001c0)={0x0, 0xfffffffffffffff9, 0x1000, 0x7f, @buffer={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000300)="5d3bc6e6d194c029281a2d2220073718b2035fac1191f8427d216b3c867425557c060f7139aa0103bdb7ff3bcfc1b13d0f2c4b4f2a560f49a815e5341f4521d0a49e986b266b1be0969a7bb96d60b8829ad7a9e964e67830b47057c716761a22cdd8fd1031eb4806cc7de7d24a58d179205de0a0062c4722e43b646ddfbb6e6f24c8cee45d39e22dcadf3868fb540eef6a111ece0334b589f21122c8edaa08a99f4b799aa35701c71bcd82ecb94311a5905804bffcda03ba678afc08cdd06a5102b741424a47d5382d3e4bcea367c70a3b41e3f94e601235f932a343644d185af67bebc83b019bcca49366651ac4a8447be505b98bbc28067ccec82d32873ede6f1056f9186dd3af33b4e22c053c0b518d1db359893a39dd486d4c59b9d17d31ab6e095df22ef0fab8eb3cab1f8b6ec8dc0a482249b580d46989ee5c71ccda4ead989bad1ad1b180329c96f3bd4bf7a703cbbee5f101666d2711c72ad3003371b1fad46f25a0b933fc4790f9b92ca87479b97648e4153291a0106b2d9b3623e4e0415ca7a7aede7d860f8a14a2e7bfc0042071f30ed1bd55c11a4f1e47a3caa171f1e920c874ac5d4b6964e237b0550fc8004a4d3794b17dedc849663a46c35ce318fe1dc23d1354a30798b720e6659f13b31e4e83d82ae066786a159b731ad85f75d4f21a356c9e1b01974d4530d5b6c727f460573d2da139d436e1b21fc5796c0a69eeb359387caa2b6208a05312c50b016000df5d00c4f449baa9b36fd4f0af360ae611f0cfe054ca34103eb3e5e7e861fd5c331d834ec630d21c31276a1f2055b0f751bcea2c3b0b93142108a485bd38bee97b85f15854a5192873d19654e3c9b1907ab22b8f875533e8310a19e57410a7e5011de237556884166dde82247b882baff3e618ef48a04b3aee4d7433102c9087feb6f787936b43aa59c4b8635e9d8b975f2ab254ef3dd3bd7eff2664791bda4d0741a561cea2317b5852d323e7c5107b397f9b7dfbd49b94be0cc0e3bac4b9044a095ff88f077577728e558a67e2977c886506f5bf9ee1666aaa6284e97e44d827d0bf5fb03eca84f84ed9750140c298b85904496fbcc1ef24c4c456d271ca66c8b714a006a73330d90ba5157c4d43ab47b4962e0240175e107a791031932f58472425c912f70d985d560ddb63d32a385dceea28e12d95ece0da6ce505250f3bb379c266fa0439c69b60e614951331d7564f35250d36d21f647f22247296233bcbb49073fcd4afedb9af3cc4547d6d9914f1189a229214a4a2dca75e2ec3ab746573ba827837fcbd07c99b22cbacd9aa58af372a232a5f00f5506cbb2e1d837d98c597d966b767a7bdb170d75e4d8a00eec075a1a95f9ceaa801c64cdd5e0ef5916b113b8d670136cae2f0a125176c60b32987e6071a1c185f314e59aad8d6a64d46bac80f0fbd280a344bd375d29f0c4cd32d0bc8142002354d5da1754c8ef92c69d7f112b922fc36e821a86ed08f8ca3db0cb7a79f5f54163eaab9c89a9cc6847294fca66d55b2d12b52d98506854a8eb3c341cbaa4553c8330cd503573482768a7023fc180e480ca654d8f06f13c395ebf66d925c0cda19ae25f215f613103457132a6ec8df858f386fd25a7c7c352b9a94e43e31e4eda19f96242651daa0b79840decbf5ae46cb0dfbc7b4dfbbfc314f9ff68d0c4b1ec6ac4e585a8a9555304a088bd03d52d3d18ca54f85e0adfd30c3541e2f9a9f98b2d797e4e706338b1ed1f8ca0a2d760ac92a2541d5080d01dca95a5adcd9a1f0843e1501cdb59e6a17abb01a514ac476dc1895adf7366f35d0ff9baa05e3cc3b283098c5ee5020a64ef134fcaefa9079540871456786c7c779c7e6d2c6ad4de108f7ccdb6c27d5d99603d49bbf1d17d1e26cc8129b6016242c8a68549b88d3bf5c34af3c58cadeac1a4e137380952f3da1a2a90e15c5efecdb7ad4e0dfbd07330dd1fc264abad5dc7aa98cfd15c68de6e6bfc3a14059a15bc5cb86156a8626f0ff0949a1658ad5c45a5164a7dc4cca4243af7bf9f85089376fa1c1220c60e18f2038f300edc31b6e76f4b69afac7d2e77eadc0e46c8c62eca4657015c1a25db652f4b018e5a91b78b1c03751f3de875847ee9beb62559f487d366c1a5c1ed118e670895405807d7375962cd391d896a9b92060e1ada760f61a4ed5d344b14bbac749d3c3ca7ab407fa68d901616d8a89ed9907f71379510f67c393dd5c4ae5397a1a554ea3757c58328a037339c8e418c3f998f1f2d98888031de9dbb5db35770331c673ea7107646ae752776358b0def4a808250ef7d72a7f4859dc88a197648bff441f5aa4be1c55b26ce69902ba3e1b2e796bf7d94778b88761339c741aa42491788c3cdc1f26ce59c82c83c038f81b52e3cfa7ebd563781d932f51219f937650847e512cd3ffc2dfc4bd3a1aa9ee367411e36f0187b05a6c6149f707a1ec95a39fd5da809c9743b890dfdda127ecefc2c60b9462de471346a57582d7cb28f7de13c23c3cf556e0be15370f0b649d26e1383e33c07caec3158db9e0ddf65d550879bb6c43fc914122daa51196841d466d9859a47777e4cb4f86099b00063d61857deffd47056fe05f8d9d0ad254ae63a05c2a57b17658028de4df4cdbb86857d9fb66a790439f34b3373b267a52128f98debda95aa7d8640591585b2f94d80e8d6ef7762f9e251cb44507d6191aec6dfc44aba5226b37e33b853393e6e4c235e70ae693ccb3dd7c8c222051b345fc10eda314ed52004cb036ad63b45680952ccb8e3b998698f0b28b9113c5815f41351f5f9a434019ae7a96c0a47b424eb6bf339a5b9e44dd025ae669770f84ed87ab5945df2e7cdb6262c9cefa65049227f539632b956a26389877ed82c24c1a0fd773d70b13c67465f7a2e02197f19b84d519e225014f2ff3a279af8780b2c5740a15ece547ce2fa1f7b1389c486e4dd711f6857e02bff029a402a079e723594d2bfc70e0449d8f83a64c7aeabbdceb3b1fedf562aad424ebef2e6176b7e3847288b8baa80d08875dee09877cec71341a5b625ca8375e62a1403e06f2c5e6b9817116848170c73e05e8af91a152bb529506c24be821227a9ec2e6afbefb77ffa8bccdd9fdbf1b55b6fa6668d8fc862a492dd7618e86f4b76a3302ae11bc6534743e35f19d3271b118390b6819b45de5ea407a3eba3e025c6e61e77c59a6358069e5399e9134e5bd9589bb1a06eb2a28121824e681bb4ea2a9bb2af651bb9efcae7ad8080b176bcd9f562ba73fa461df90605cf12838e6c63645bc601b3c41e0d1f8e7fd52268900895f04c3a68f229f5a18a9ebc665e46573598790153d6f5a3d99d7021ae0e106046f4a782351b34c512b3ebfad1d3af37041bb8489f62079111d582b29222782e7007ce84154ae40da7a017327ec0a99c880c8af9813718f7b87f3bb0020af422df1c647a2f3cb231a06ef0582c876371e64764d9c73a66ab53563eda299977a7d2ca6c6fb9ab3df5681b734808e03ba896932a18e524e98b9e20c940be82dcc1b70c55b0941503e4301ac2c67ccd196cdcc7e133e32cf4952e78525e4dcaa3a40aae61a10408bf8b551ef1f315ee7c23a22abdb6bb931273900bc39d4d4bc9b52e0698eaba83b33297a0813a191af5b802be73f6dc003a315afc0f63569519541cc0560db5d8af79f0493429b97038b5a70c97bd32b7ca94bb45d891a434146c83d2882f519d0975076fd03988407199f7c5ccc3a6f6bc323c4034ad274929feb1221dd1c7b91a44f2bff7d2d78521a2561b00468f419234af067e7baf51bac917ab864f8076049a0720c71bec011d8e73091402fc54d194e1777d04a2058f9dd6bde6009795ee28aa32bc59877be836aab8d1d7edf1f26680e3c6042891561a993f0af8e008768f41c3fb4cc694acf0d5a76b820effad2b059862e9d2f0bd67f7d5d2065fa84645015326d46065749fc275aa515873f33b4832aecdf4cb49dbda08a84d8f2e47a5510614ac0c98b27ce558e7a4a11dcaf725e6ba6461343c7958b9301f4cba6ede48fed7a3537c6c0f628495e0611ddf4dcd8a3257780549914168bd066fd538fc2709bdf4569e5eb01f333793d93167f11287e081a0352a670cb239b719c4efb2480b62c82b83ac8e5a7723c1a5d5b639d372851a4b678dc7a2a2456938a94743cf4db2e4c9e5b8e06180acda267629ee3777427529fc6154731a8b492e2119f458cd625ee8513c93a99ef685729f370ffe2ce54e8bffaa684e793cf722c20f9a16982634c4c23dee1724389c2008f02f0e8d83fd57cab78c0d3a119abeb1315d9a05e09f71366293bf6cafa930c653a9ab302d507de81d475a3ed563fc96796b46bb7ab7ae2073e06f04118d6278b9e5c61a56c32ed96a79793b098bb9b4f1fb11f8bd37217aa1193139fd234c314f8d469b4d257e072066bdd43599f910a9345cbf8d4835e438fbbc0f2f68997248d8f7eaa6fb3020438cb6b82df2178c740f91a3c209ac95fd2d1580a915c743f63abe476eb95d44e7b95ea074e9aa554fb683079c3e8a841d34c44a5f8811034df29997ef5718de524cb2e9a00e773ffb214e07b0cab5ab96591a4fee224fea6356448d7a9998024ffdc5c770ce4e8ce429bfe60fbcc3ada1f0735ebfcc48b506be908513c5967f9b4599ad63b9023493074fd5a9600e65493a85214d0def904612d5070a929500c44951957d373f2eef0ddc5799b4cc662eb8003c16b355eefd0a4f1ccf9349044b1d1f79fd0195e8f7fba9b1672d57dbda3010e4bd088b66d0079384d28027eee298ef13304cdb928650e07d7fbd8ae296f2ec58359e1dec5bf1670b8d72138fc002f4544cae96e12799ef1c86a383f29d28d59e6ccf1fe28399f65c08333dd90f45e6559ff5c026224f2995eac235c9545a4de480e60779a31d30b55f0443d4155ead8140cf5d5a0f650c479c45e5678e618ffa7d794fef210db93e89510fd002931b5406f7e73f9cab51a745962d3480aa74e999169404c6b7ac35005b2451755492c8b7f8759008c5fc5369ddbb5f6ffcc636879a3f2c12ca8e824ac36c6fc9cc45007a7b3f0984aee03755f2e3d1947dd8582aefd6663edd3ac19625a476ce6d214d333985558913a26551846576f2523148061d0a960806793dbebee81f57d77a327f7bc9bcc46a0d841453c69a7292059ecc71032f3c21911dddeda5a839e131b1bc2224874792bcd1b33ba287603f1715e1bf2740c6fda435dfa57cfe6c0663ef2a167411ed9592a38339bddee2308fd378ec271fb368da76bb68c95630023e738e7a06b0be0fdcbdfd94f87ccfd15ddcf9ea419622f74fa342cc6628e44529adfc9505b3eec2a18b3825e6fcfd2813b469ce4bed6a5ae2c050a2eb04fdef4ae9d3337be3bb49cf38739adf3196499ef240d90bb382926debaa82bc0d9c12e67644feca2a5d60c23f4cf06ef2c8d40c3332ba55925fd92c5ad0fdf533df5a454916796cba9feec33a8e69d3566741bbe1197bfe8c042998b63ae803f0bc8bff95011841ad9d47dc22adbd243149ecf8b7405f1c1fdf99710816b9649ad3d43772d5fbaff22d18792ac2aa43c4504a2d48751211219196bf7c750c3fed948fa9041777981f4c70bf0b633781472e8ceb20f7a58d5419711a7533bb189077d153c010447ead6093e64a34465b50491c6a64119c6652a2150b5a301114b88fc435aa8b80cb69301203d646c6bef351c9d3866d0c77895dd51ea9be760ee642d37db3ba29e46e2c93e0dd82866c3f5f3bc3cbdfeabd1ef0fbff2e4cb77", &(0x7f0000000080)=""/3, 0x9, 0x10, 0x2, &(0x7f00000000c0)}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="24000000f5b804cc07195d428033b29e9f23db17071f0fe2285de4443de6fba7e33723c23c395a2bb48ab0a1a73e98f0bf752007d0283f64763fd82c2773f303464781bda16e60a2cedfd9eed73327", @ANYRES16=0x0, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=0x0, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r1, 0x8004f50c, &(0x7f0000000000)) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f00000015c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000001300)={0x25c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffff12}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x65e52477}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9f03}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x800}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}]}, @TIPC_NLA_BEARER={0xa8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @rand_addr=0x64010102}}, {0x14, 0x2, @in={0x2, 0x4e23, @rand_addr=0x64010101}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0xfffffffffffffec9, 0x1, @in={0x2, 0x4e20, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xfffffffc, @local, 0x9}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x100, @dev={0xfe, 0x80, '\x00', 0x30}, 0x5}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1a9dcac0}]}, @TIPC_NLA_SOCK={0x90, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfbb9}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x98b}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6d}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xf7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xe0}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x53}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}]}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7fff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x200}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8000}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_LINK={0x3c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}]}, 0x25c}, 0x1, 0x0, 0x0, 0x80}, 0x2402480d) 21:24:10 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 6) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:24:10 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) 21:24:11 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffff8000) [ 1218.882705] FAULT_INJECTION: forcing a failure. [ 1218.882705] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.885091] CPU: 0 PID: 8081 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1218.886498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.888187] Call Trace: [ 1218.888732] dump_stack+0x107/0x167 [ 1218.889480] should_fail.cold+0x5/0xa [ 1218.890276] ? create_object.isra.0+0x3a/0xa30 [ 1218.891207] should_failslab+0x5/0x20 [ 1218.891982] kmem_cache_alloc+0x5b/0x310 [ 1218.892827] create_object.isra.0+0x3a/0xa30 [ 1218.893740] kmemleak_alloc_percpu+0xa0/0x100 [ 1218.894672] pcpu_alloc+0x4e2/0x1240 [ 1218.895452] ? io_tctx_exit_cb+0xf0/0xf0 [ 1218.896287] percpu_ref_init+0x31/0x3d0 [ 1218.897107] io_uring_setup+0x47a/0x2980 [ 1218.897953] ? __mutex_unlock_slowpath+0xe1/0x600 21:24:11 executing program 4: r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000080)={0x20, 0x24, 0x3a, {0x3a, 0x24, "645c92e04272d27c107a2d13460d95501ec9a29d843b95693fb6049c15ba7607245155b02ddb38aa1c12a1b0292e64bd8992ae68c51ac71d"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x43f}}, &(0x7f0000000140)={0x0, 0xf, 0x51, {0x5, 0xf, 0x51, 0x5, [@wireless={0xb, 0x10, 0x1, 0x2, 0x90, 0x4, 0xff, 0x7fff, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0x5, 0x2}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x4, 0xf000, 0x40, [0xff0000, 0x3f, 0x60, 0xf]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x9, 0x8, 0x6}, @ss_container_id={0x14, 0x10, 0x4, 0x80, "b0ad55deabadf3e184151f04905e2154"}]}}, &(0x7f00000001c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0xfe, 0x80, 0x0, 0x4, "8e7ef042", "1589e415"}}, &(0x7f0000000200)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x1f, 0x4, 0x80, 0x2, 0x8, 0xb5d3, 0x1}}}, &(0x7f0000000680)={0x84, &(0x7f0000000280)={0x0, 0x1f, 0x17, "80cdf8fc280e8cffe836c2a74b2aeea654bd7ca7886a7d"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000300)={0x0, 0x8, 0x1}, &(0x7f0000000340)={0x20, 0x0, 0x4, {0x0, 0x3}}, &(0x7f00000005c0)=ANY=[@ANYBLOB="43000400000000000800e7d7929b32db0f2247582257a41132f8f9eb62f286e74d5d534736ba6f5eeefad49c675d1905414d21794e13e2"], &(0x7f00000003c0)={0x40, 0x7, 0x2, 0x1f}, &(0x7f0000000400)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000000440)={0x40, 0xb, 0x2, "a2bc"}, &(0x7f0000000480)={0x40, 0xf, 0x2}, &(0x7f00000004c0)={0x40, 0x13, 0x6, @broadcast}, &(0x7f0000000500)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000540)={0x40, 0x19, 0x2, "15f3"}, &(0x7f0000000580)={0x40, 0x1a, 0x2, 0x1}, &(0x7f0000000380)={0x40, 0x1c, 0x1, 0x53}, &(0x7f0000000600)={0x40, 0x1e, 0x1, 0x80}, &(0x7f0000000640)={0x40, 0x21, 0x1, 0x69}}) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r1) [ 1218.898939] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1218.900218] ? wait_for_completion_io+0x270/0x270 [ 1218.901238] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.902325] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.903373] do_syscall_64+0x33/0x40 [ 1218.904135] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1218.905181] RIP: 0033:0x7f38f4330b19 [ 1218.905951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.909713] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1218.911278] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1218.912717] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1218.914177] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1218.915621] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1218.917072] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:11 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f6046) [ 1218.924252] FAULT_INJECTION: forcing a failure. [ 1218.924252] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.926692] CPU: 1 PID: 8082 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1218.928135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.929898] Call Trace: [ 1218.930465] dump_stack+0x107/0x167 [ 1218.931237] should_fail.cold+0x5/0xa [ 1218.932051] ? io_uring_setup+0x40b/0x2980 [ 1218.932950] should_failslab+0x5/0x20 [ 1218.933770] kmem_cache_alloc_trace+0x55/0x320 [ 1218.934739] io_uring_setup+0x40b/0x2980 [ 1218.935603] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1218.936625] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1218.937707] ? wait_for_completion_io+0x270/0x270 [ 1218.938762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.939874] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.940963] do_syscall_64+0x33/0x40 [ 1218.941758] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1218.942832] RIP: 0033:0x7ff29b41cb19 [ 1218.943622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.947526] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1218.949130] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1218.950646] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1218.952154] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1218.953655] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1218.955174] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1218.968469] kauditd_printk_skb: 6 callbacks suppressed [ 1218.968487] audit: type=1326 audit(1778448251.181:2932): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8066 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:24:11 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000000) [ 1218.994762] udc-core: couldn't find an available UDC or it's busy [ 1218.996162] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 21:24:11 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) 21:24:11 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:11 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) 21:24:11 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000000) 21:24:11 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f6046) 21:24:11 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) [ 1219.113285] FAULT_INJECTION: forcing a failure. [ 1219.113285] name failslab, interval 1, probability 0, space 0, times 0 [ 1219.115643] CPU: 0 PID: 8090 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1219.117032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1219.118727] Call Trace: [ 1219.119273] dump_stack+0x107/0x167 [ 1219.120026] should_fail.cold+0x5/0xa [ 1219.120802] ? __d_alloc+0x2a/0x990 [ 1219.121547] should_failslab+0x5/0x20 [ 1219.122334] kmem_cache_alloc+0x5b/0x310 [ 1219.123168] __d_alloc+0x2a/0x990 [ 1219.123886] ? find_held_lock+0x2c/0x110 [ 1219.124723] d_alloc_pseudo+0x19/0x70 [ 1219.125499] alloc_file_pseudo+0xce/0x250 [ 1219.126352] ? trace_hardirqs_on+0x5b/0x180 [ 1219.127231] ? alloc_file+0x5a0/0x5a0 [ 1219.128029] anon_inode_getfile+0xc8/0x1f0 [ 1219.128895] io_uring_setup+0x138b/0x2980 [ 1219.129757] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1219.130785] ? wait_for_completion_io+0x270/0x270 [ 1219.131791] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1219.132873] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1219.133932] do_syscall_64+0x33/0x40 [ 1219.134692] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1219.135732] RIP: 0033:0x7f606cee6b19 [ 1219.136493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1219.140232] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1219.141788] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1219.143235] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1219.144688] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1219.146142] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1219.147581] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1219.168390] FAULT_INJECTION: forcing a failure. [ 1219.168390] name failslab, interval 1, probability 0, space 0, times 0 [ 1219.170828] CPU: 1 PID: 8096 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1219.172263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1219.174022] Call Trace: [ 1219.174591] dump_stack+0x107/0x167 [ 1219.175362] should_fail.cold+0x5/0xa [ 1219.176186] ? percpu_ref_init+0xd8/0x3d0 [ 1219.177065] should_failslab+0x5/0x20 [ 1219.177883] kmem_cache_alloc_trace+0x55/0x320 [ 1219.178845] ? io_tctx_exit_cb+0xf0/0xf0 [ 1219.179699] percpu_ref_init+0xd8/0x3d0 [ 1219.180543] io_uring_setup+0x47a/0x2980 [ 1219.181399] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1219.182427] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1219.183487] ? wait_for_completion_io+0x270/0x270 [ 1219.184532] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1219.185644] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1219.186744] do_syscall_64+0x33/0x40 [ 1219.187550] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1219.188633] RIP: 0033:0x7f38f4330b19 [ 1219.189418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1219.193303] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1219.194919] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1219.196419] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1219.197940] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1219.199445] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1219.200947] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1219.201560] FAULT_INJECTION: forcing a failure. [ 1219.201560] name failslab, interval 1, probability 0, space 0, times 0 [ 1219.204881] CPU: 0 PID: 8100 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1219.206285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1219.207974] Call Trace: [ 1219.208527] dump_stack+0x107/0x167 [ 1219.209286] should_fail.cold+0x5/0xa [ 1219.210077] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1219.211136] should_failslab+0x5/0x20 [ 1219.211922] kmem_cache_alloc_trace+0x55/0x320 [ 1219.212870] io_uring_alloc_task_context+0x99/0x6a0 [ 1219.213903] ? io_import_iovec+0x1120/0x1120 [ 1219.214798] ? lock_downgrade+0x6d0/0x6d0 [ 1219.215651] ? do_raw_spin_lock+0x121/0x260 [ 1219.216539] ? rwlock_bug.part.0+0x90/0x90 [ 1219.217410] __io_uring_add_tctx_node+0x2c6/0x520 [ 1219.218403] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1219.219468] ? alloc_fd+0x2e7/0x670 [ 1219.220225] io_uring_setup+0x1fbb/0x2980 [ 1219.221081] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1219.222120] ? wait_for_completion_io+0x270/0x270 [ 1219.223131] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1219.224249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1219.225304] do_syscall_64+0x33/0x40 [ 1219.226083] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1219.227133] RIP: 0033:0x7f2d330fab19 [ 1219.227884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1219.231616] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1219.233179] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1219.234638] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1219.236087] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1219.237538] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1219.239025] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:11 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fe045) [ 1219.272593] audit: type=1326 audit(1778448251.485:2933): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8092 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1219.277222] audit: type=1326 audit(1778448251.485:2934): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8092 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1219.549990] udc-core: couldn't find an available UDC or it's busy [ 1219.551657] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 21:24:27 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r1 = syz_io_uring_setup(0x28ab, &(0x7f0000000000)={0x0, 0x84f8, 0x0, 0x3, 0x23d, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x2010, r1, 0x8000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x15, 0x100010, r0, 0x8000000) r6 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0) syz_io_uring_submit(r9, r8, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r5, r8, &(0x7f00000016c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x2007, @fd, 0xd6, &(0x7f0000001640)=[{&(0x7f00000001c0)=""/249, 0xf9}, {&(0x7f0000000300)=""/158, 0x9e}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/17, 0x11}, {&(0x7f0000001400)=""/5, 0x5}, {&(0x7f0000001440)=""/223, 0xdf}, {&(0x7f0000001540)=""/207, 0xcf}], 0x7, 0x12, 0x1}, 0x80) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000140)=@IORING_OP_FADVISE={0x18, 0x5, 0x0, @fd=r4, 0x100000000, 0x0, 0x2, 0x1, 0x1, {0x0, r10}}, 0xd2) close(r0) 21:24:27 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000000) 21:24:27 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 7) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:24:27 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) 21:24:27 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, 0x0, 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:27 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) 21:24:27 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffff8000) [ 1235.493615] FAULT_INJECTION: forcing a failure. [ 1235.493615] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.496074] CPU: 1 PID: 8120 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1235.497737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.499667] Call Trace: [ 1235.500297] dump_stack+0x107/0x167 [ 1235.501088] should_fail.cold+0x5/0xa [ 1235.502050] ? create_object.isra.0+0x3a/0xa30 [ 1235.503156] should_failslab+0x5/0x20 21:24:27 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) [ 1235.504117] kmem_cache_alloc+0x5b/0x310 [ 1235.505164] create_object.isra.0+0x3a/0xa30 [ 1235.506366] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1235.507459] kmem_cache_alloc+0x159/0x310 [ 1235.508430] __d_alloc+0x2a/0x990 [ 1235.509376] ? find_held_lock+0x2c/0x110 [ 1235.510262] d_alloc_pseudo+0x19/0x70 [ 1235.511120] alloc_file_pseudo+0xce/0x250 [ 1235.512154] ? trace_hardirqs_on+0x5b/0x180 [ 1235.513072] ? alloc_file+0x5a0/0x5a0 [ 1235.514056] anon_inode_getfile+0xc8/0x1f0 [ 1235.515018] io_uring_setup+0x138b/0x2980 [ 1235.515872] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.516906] ? wait_for_completion_io+0x270/0x270 [ 1235.518085] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.519300] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.520398] do_syscall_64+0x33/0x40 [ 1235.521249] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.522535] RIP: 0033:0x7f606cee6b19 [ 1235.523304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.527487] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1235.529336] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1235.531065] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1235.532786] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1235.534428] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1235.536035] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1235.539200] FAULT_INJECTION: forcing a failure. [ 1235.539200] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.539832] FAULT_INJECTION: forcing a failure. [ 1235.539832] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.542078] CPU: 0 PID: 8125 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1235.546320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.548420] Call Trace: [ 1235.549080] dump_stack+0x107/0x167 [ 1235.550055] should_fail.cold+0x5/0xa [ 1235.551020] ? create_object.isra.0+0x3a/0xa30 [ 1235.552164] should_failslab+0x5/0x20 [ 1235.553128] kmem_cache_alloc+0x5b/0x310 [ 1235.554178] create_object.isra.0+0x3a/0xa30 [ 1235.555278] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1235.556563] kmem_cache_alloc_trace+0x151/0x320 [ 1235.557729] io_uring_setup+0x40b/0x2980 [ 1235.558752] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1235.559969] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.561225] ? wait_for_completion_io+0x270/0x270 [ 1235.562488] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.563810] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.565087] do_syscall_64+0x33/0x40 [ 1235.566031] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.567316] RIP: 0033:0x7ff29b41cb19 [ 1235.568247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.572884] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1235.574778] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1235.576568] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1235.578358] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1235.580124] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1235.581924] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1235.583743] CPU: 1 PID: 8122 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1235.585152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.586863] Call Trace: [ 1235.587401] dump_stack+0x107/0x167 [ 1235.588150] should_fail.cold+0x5/0xa [ 1235.588931] ? create_object.isra.0+0x3a/0xa30 [ 1235.589854] should_failslab+0x5/0x20 [ 1235.590645] kmem_cache_alloc+0x5b/0x310 [ 1235.591491] create_object.isra.0+0x3a/0xa30 [ 1235.592443] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1235.593527] kmem_cache_alloc_trace+0x151/0x320 [ 1235.594515] io_uring_alloc_task_context+0x99/0x6a0 [ 1235.595561] ? io_import_iovec+0x1120/0x1120 [ 1235.596486] ? lock_downgrade+0x6d0/0x6d0 [ 1235.597340] ? do_raw_spin_lock+0x121/0x260 [ 1235.598224] ? rwlock_bug.part.0+0x90/0x90 [ 1235.599129] __io_uring_add_tctx_node+0x2c6/0x520 [ 1235.600114] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1235.601169] ? alloc_fd+0x2e7/0x670 [ 1235.601933] io_uring_setup+0x1fbb/0x2980 [ 1235.602805] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.603870] ? wait_for_completion_io+0x270/0x270 [ 1235.604883] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.605984] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.607063] do_syscall_64+0x33/0x40 [ 1235.607832] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.608891] RIP: 0033:0x7f2d330fab19 [ 1235.609652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.613505] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1235.615093] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1235.616580] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1235.618037] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1235.619497] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1235.620961] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1235.624262] FAULT_INJECTION: forcing a failure. [ 1235.624262] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.627127] CPU: 0 PID: 8126 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1235.628815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.630848] Call Trace: [ 1235.631491] dump_stack+0x107/0x167 [ 1235.632388] should_fail.cold+0x5/0xa [ 1235.633332] ? create_object.isra.0+0x3a/0xa30 [ 1235.634453] should_failslab+0x5/0x20 [ 1235.635433] kmem_cache_alloc+0x5b/0x310 [ 1235.636445] create_object.isra.0+0x3a/0xa30 [ 1235.637510] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1235.638787] kmem_cache_alloc_trace+0x151/0x320 [ 1235.639924] ? io_tctx_exit_cb+0xf0/0xf0 [ 1235.640933] percpu_ref_init+0xd8/0x3d0 [ 1235.641919] io_uring_setup+0x47a/0x2980 [ 1235.642928] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1235.644141] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.645377] ? wait_for_completion_io+0x270/0x270 [ 1235.646581] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.647889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.649142] do_syscall_64+0x33/0x40 [ 1235.650042] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.651299] RIP: 0033:0x7f38f4330b19 [ 1235.652200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.656626] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1235.658463] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1235.660217] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1235.661941] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1235.663696] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1235.665427] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1235.684431] audit: type=1400 audit(1778448267.896:2935): avc: denied { execute } for pid=8127 comm="syz-executor.4" path="/proc/8127/setgroups" dev="proc" ino=28491 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1 21:24:27 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000000) 21:24:27 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x30940, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2040}, 0x8804) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r1) 21:24:27 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffffffffb) [ 1235.766977] audit: type=1326 audit(1778448267.965:2936): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8113 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:24:28 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:24:28 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) 21:24:28 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, 0x0, 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:28 executing program 4: ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000000)=0x20000) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r0) 21:24:28 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) 21:24:28 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000000) [ 1235.909781] FAULT_INJECTION: forcing a failure. [ 1235.909781] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.912376] CPU: 0 PID: 8141 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1235.913841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.915631] Call Trace: [ 1235.916197] dump_stack+0x107/0x167 [ 1235.916985] should_fail.cold+0x5/0xa [ 1235.917804] ? create_object.isra.0+0x3a/0xa30 [ 1235.918792] should_failslab+0x5/0x20 [ 1235.919609] kmem_cache_alloc+0x5b/0x310 [ 1235.920496] create_object.isra.0+0x3a/0xa30 [ 1235.921455] kmemleak_alloc_percpu+0xa0/0x100 [ 1235.922435] pcpu_alloc+0x4e2/0x1240 [ 1235.923258] ? io_tctx_exit_cb+0xf0/0xf0 [ 1235.924136] percpu_ref_init+0x31/0x3d0 [ 1235.925026] io_uring_setup+0x47a/0x2980 [ 1235.925935] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1235.926969] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.928072] ? wait_for_completion_io+0x270/0x270 [ 1235.929154] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.930311] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.931441] do_syscall_64+0x33/0x40 [ 1235.932256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.933377] RIP: 0033:0x7ff29b41cb19 [ 1235.934183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.938201] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1235.939865] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1235.941422] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1235.942982] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1235.944502] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1235.946041] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:28 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000000000) [ 1235.971860] FAULT_INJECTION: forcing a failure. [ 1235.971860] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1235.976473] CPU: 0 PID: 8149 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1235.978164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1235.980197] Call Trace: [ 1235.980854] dump_stack+0x107/0x167 [ 1235.981751] should_fail.cold+0x5/0xa [ 1235.982702] __alloc_pages_nodemask+0x182/0x600 [ 1235.983850] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1235.985326] ? cap_capable+0x1cd/0x230 [ 1235.986299] alloc_pages_current+0x187/0x280 [ 1235.987378] __get_free_pages+0xc/0xa0 [ 1235.988338] io_uring_setup+0xe27/0x2980 [ 1235.989347] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1235.990593] ? wait_for_completion_io+0x270/0x270 [ 1235.991796] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1235.993064] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1235.994359] do_syscall_64+0x33/0x40 [ 1235.995277] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1235.996552] RIP: 0033:0x7f38f4330b19 [ 1235.997457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1236.002025] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1236.003898] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1236.005663] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1236.007420] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1236.009160] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1236.010919] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:28 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') r1 = syz_io_uring_setup(0x28ab, &(0x7f0000000000)={0x0, 0x84f8, 0x0, 0x3, 0x23d, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x2010, r1, 0x8000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x15, 0x100010, r0, 0x8000000) r6 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0) syz_io_uring_submit(r9, r8, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r5, r8, &(0x7f00000016c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x2007, @fd, 0xd6, &(0x7f0000001640)=[{&(0x7f00000001c0)=""/249, 0xf9}, {&(0x7f0000000300)=""/158, 0x9e}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/17, 0x11}, {&(0x7f0000001400)=""/5, 0x5}, {&(0x7f0000001440)=""/223, 0xdf}, {&(0x7f0000001540)=""/207, 0xcf}], 0x7, 0x12, 0x1}, 0x80) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000140)=@IORING_OP_FADVISE={0x18, 0x5, 0x0, @fd=r4, 0x100000000, 0x0, 0x2, 0x1, 0x1, {0x0, r10}}, 0xd2) close(r0) [ 1236.042544] FAULT_INJECTION: forcing a failure. [ 1236.042544] name failslab, interval 1, probability 0, space 0, times 0 [ 1236.045251] CPU: 0 PID: 8153 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1236.046878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1236.048801] Call Trace: [ 1236.049416] dump_stack+0x107/0x167 [ 1236.050269] should_fail.cold+0x5/0xa [ 1236.051156] ? __alloc_file+0x21/0x320 [ 1236.052060] should_failslab+0x5/0x20 [ 1236.052956] kmem_cache_alloc+0x5b/0x310 [ 1236.053909] __alloc_file+0x21/0x320 [ 1236.054773] alloc_empty_file+0x6d/0x170 [ 1236.055715] alloc_file+0x5e/0x5a0 [ 1236.056550] alloc_file_pseudo+0x16a/0x250 [ 1236.057527] ? alloc_file+0x5a0/0x5a0 [ 1236.058443] anon_inode_getfile+0xc8/0x1f0 [ 1236.059431] io_uring_setup+0x138b/0x2980 [ 1236.060403] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1236.061577] ? wait_for_completion_io+0x270/0x270 [ 1236.062735] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1236.063955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1236.065158] do_syscall_64+0x33/0x40 [ 1236.066020] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1236.067193] RIP: 0033:0x7f606cee6b19 [ 1236.068043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1236.072288] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1236.074055] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1236.075701] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1236.077336] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1236.078975] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1236.080617] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1236.119238] audit: type=1326 audit(1778448268.331:2937): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8143 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.385236] audit: type=1326 audit(1778448282.597:2938): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:24:42 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) 21:24:42 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000000) 21:24:42 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) 21:24:42 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) 21:24:42 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:42 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60000000000000) 21:24:42 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, 0x0, 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:42 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1250.449769] FAULT_INJECTION: forcing a failure. [ 1250.449769] name failslab, interval 1, probability 0, space 0, times 0 [ 1250.450629] FAULT_INJECTION: forcing a failure. [ 1250.450629] name failslab, interval 1, probability 0, space 0, times 0 [ 1250.451440] CPU: 1 PID: 8178 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1250.451461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1250.456131] Call Trace: [ 1250.456523] dump_stack+0x107/0x167 [ 1250.457051] should_fail.cold+0x5/0xa [ 1250.457587] ? create_object.isra.0+0x3a/0xa30 [ 1250.458237] should_failslab+0x5/0x20 [ 1250.458797] kmem_cache_alloc+0x5b/0x310 [ 1250.459395] create_object.isra.0+0x3a/0xa30 [ 1250.460032] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1250.460781] kmem_cache_alloc+0x159/0x310 [ 1250.461382] __alloc_file+0x21/0x320 [ 1250.461916] alloc_empty_file+0x6d/0x170 [ 1250.462487] alloc_file+0x5e/0x5a0 [ 1250.463005] alloc_file_pseudo+0x16a/0x250 [ 1250.463613] ? alloc_file+0x5a0/0x5a0 [ 1250.464152] anon_inode_getfile+0xc8/0x1f0 [ 1250.464767] io_uring_setup+0x138b/0x2980 [ 1250.465370] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1250.466112] ? wait_for_completion_io+0x270/0x270 [ 1250.466809] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1250.467569] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1250.468313] do_syscall_64+0x33/0x40 [ 1250.468831] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1250.469556] RIP: 0033:0x7f606cee6b19 [ 1250.470085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1250.472688] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1250.473782] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1250.474836] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1250.475867] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1250.476877] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1250.477905] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1250.478958] CPU: 0 PID: 8179 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1250.480430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1250.482193] Call Trace: [ 1250.482756] dump_stack+0x107/0x167 [ 1250.483531] should_fail.cold+0x5/0xa [ 1250.484349] ? create_object.isra.0+0x3a/0xa30 [ 1250.485336] should_failslab+0x5/0x20 [ 1250.486154] kmem_cache_alloc+0x5b/0x310 [ 1250.487061] create_object.isra.0+0x3a/0xa30 [ 1250.488029] kmemleak_alloc_percpu+0xa0/0x100 [ 1250.489012] pcpu_alloc+0x4e2/0x1240 [ 1250.489826] __percpu_counter_init+0x10d/0x2d0 [ 1250.490808] io_uring_alloc_task_context+0xcc/0x6a0 [ 1250.491856] ? io_import_iovec+0x1120/0x1120 [ 1250.492793] ? lock_downgrade+0x6d0/0x6d0 [ 1250.493664] ? do_raw_spin_lock+0x121/0x260 [ 1250.494580] ? rwlock_bug.part.0+0x90/0x90 [ 1250.495481] __io_uring_add_tctx_node+0x2c6/0x520 [ 1250.496555] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1250.497674] ? alloc_fd+0x2e7/0x670 [ 1250.498478] io_uring_setup+0x1fbb/0x2980 [ 1250.499370] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1250.500450] ? wait_for_completion_io+0x270/0x270 [ 1250.501498] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1250.502583] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1250.503675] do_syscall_64+0x33/0x40 [ 1250.504435] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1250.505519] RIP: 0033:0x7f2d330fab19 [ 1250.506286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1250.510090] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1250.511674] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1250.513149] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1250.514679] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1250.516199] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1250.517673] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1250.525902] FAULT_INJECTION: forcing a failure. [ 1250.525902] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1250.528792] CPU: 0 PID: 8177 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1250.530257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1250.532025] Call Trace: [ 1250.532596] dump_stack+0x107/0x167 [ 1250.533377] should_fail.cold+0x5/0xa [ 1250.534204] __alloc_pages_nodemask+0x182/0x600 [ 1250.535199] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1250.536480] ? cap_capable+0x1cd/0x230 [ 1250.537287] alloc_pages_current+0x187/0x280 [ 1250.538244] __get_free_pages+0xc/0xa0 [ 1250.539051] io_uring_setup+0xf9a/0x2980 [ 1250.539923] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1250.540964] ? wait_for_completion_io+0x270/0x270 [ 1250.541994] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1250.543116] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1250.544204] do_syscall_64+0x33/0x40 [ 1250.544998] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1250.546053] RIP: 0033:0x7f38f4330b19 [ 1250.546826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1250.550674] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1250.552275] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1250.553788] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1250.555270] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1250.556546] FAULT_INJECTION: forcing a failure. [ 1250.556546] name failslab, interval 1, probability 0, space 0, times 0 [ 1250.556782] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1250.556800] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1250.561318] CPU: 1 PID: 8184 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1250.562284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1250.563435] Call Trace: [ 1250.563807] dump_stack+0x107/0x167 [ 1250.564318] should_fail.cold+0x5/0xa [ 1250.564851] ? create_object.isra.0+0x3a/0xa30 [ 1250.565495] should_failslab+0x5/0x20 [ 1250.566024] kmem_cache_alloc+0x5b/0x310 [ 1250.566635] create_object.isra.0+0x3a/0xa30 [ 1250.567253] kmemleak_alloc_percpu+0xa0/0x100 [ 1250.567877] pcpu_alloc+0x4e2/0x1240 [ 1250.568412] ? io_tctx_exit_cb+0xf0/0xf0 [ 1250.568987] percpu_ref_init+0x31/0x3d0 [ 1250.569548] io_uring_setup+0x47a/0x2980 [ 1250.570132] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1250.570809] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1250.571516] ? wait_for_completion_io+0x270/0x270 [ 1250.572204] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1250.572934] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1250.573656] do_syscall_64+0x33/0x40 [ 1250.574189] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1250.574908] RIP: 0033:0x7ff29b41cb19 [ 1250.575425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1250.577984] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1250.579052] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1250.580052] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1250.581037] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1250.582035] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1250.583040] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:42 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x0) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:42 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffffffffb) 21:24:42 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80000000000000) [ 1250.614565] audit: type=1326 audit(1778448282.628:2939): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.629327] audit: type=1326 audit(1778448282.628:2940): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.638590] audit: type=1326 audit(1778448282.629:2941): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.653216] audit: type=1326 audit(1778448282.629:2942): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.670509] audit: type=1326 audit(1778448282.630:2943): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.705050] audit: type=1326 audit(1778448282.630:2944): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.725630] audit: type=1326 audit(1778448282.631:2945): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.733059] audit: type=1326 audit(1778448282.631:2946): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8166 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1250.745996] audit: type=1326 audit(1778448282.633:2947): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8165 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 21:24:56 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) 21:24:56 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x0, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:56 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000000000) 21:24:56 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff00000000) 21:24:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x0) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:24:56 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) 21:24:56 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:24:56 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) [ 1264.814515] FAULT_INJECTION: forcing a failure. [ 1264.814515] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.817211] CPU: 0 PID: 8203 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1264.818776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1264.820652] Call Trace: [ 1264.821254] dump_stack+0x107/0x167 [ 1264.822085] should_fail.cold+0x5/0xa [ 1264.822966] ? security_file_alloc+0x34/0x170 [ 1264.823984] should_failslab+0x5/0x20 [ 1264.824857] kmem_cache_alloc+0x5b/0x310 [ 1264.825788] security_file_alloc+0x34/0x170 [ 1264.826784] __alloc_file+0xb7/0x320 [ 1264.827631] alloc_empty_file+0x6d/0x170 [ 1264.828552] alloc_file+0x5e/0x5a0 [ 1264.829371] alloc_file_pseudo+0x16a/0x250 [ 1264.830338] ? alloc_file+0x5a0/0x5a0 [ 1264.831215] anon_inode_getfile+0xc8/0x1f0 [ 1264.832196] io_uring_setup+0x138b/0x2980 [ 1264.833139] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1264.834287] ? wait_for_completion_io+0x270/0x270 [ 1264.835411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1264.836602] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1264.837773] do_syscall_64+0x33/0x40 [ 1264.838628] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1264.839792] RIP: 0033:0x7f606cee6b19 [ 1264.840637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1264.844801] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1264.846539] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1264.848159] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1264.849782] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1264.851405] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1264.853023] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1264.859778] FAULT_INJECTION: forcing a failure. [ 1264.859778] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.862487] CPU: 1 PID: 8206 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1264.864066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1264.866009] Call Trace: [ 1264.866640] dump_stack+0x107/0x167 [ 1264.867490] should_fail.cold+0x5/0xa [ 1264.868383] ? create_object.isra.0+0x3a/0xa30 [ 1264.869451] should_failslab+0x5/0x20 [ 1264.870340] kmem_cache_alloc+0x5b/0x310 [ 1264.871279] create_object.isra.0+0x3a/0xa30 [ 1264.872296] kmemleak_alloc_percpu+0xa0/0x100 [ 1264.873344] pcpu_alloc+0x4e2/0x1240 [ 1264.874236] __percpu_counter_init+0x10d/0x2d0 [ 1264.875302] io_uring_alloc_task_context+0xcc/0x6a0 [ 1264.876461] ? io_import_iovec+0x1120/0x1120 [ 1264.877487] ? lock_downgrade+0x6d0/0x6d0 [ 1264.878448] ? do_raw_spin_lock+0x121/0x260 [ 1264.879449] ? rwlock_bug.part.0+0x90/0x90 [ 1264.880433] __io_uring_add_tctx_node+0x2c6/0x520 [ 1264.881537] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1264.882746] ? alloc_fd+0x2e7/0x670 [ 1264.883602] io_uring_setup+0x1fbb/0x2980 [ 1264.884577] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1264.885741] ? wait_for_completion_io+0x270/0x270 [ 1264.886891] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1264.888128] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1264.889356] do_syscall_64+0x33/0x40 [ 1264.890263] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1264.891472] RIP: 0033:0x7f2d330fab19 [ 1264.892352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1264.896750] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1264.898567] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1264.900264] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1264.901926] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1264.903638] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1264.905351] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x100010000000000) [ 1264.912911] FAULT_INJECTION: forcing a failure. [ 1264.912911] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.915657] CPU: 1 PID: 8211 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1264.917272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1264.919230] Call Trace: [ 1264.919856] dump_stack+0x107/0x167 [ 1264.920721] should_fail.cold+0x5/0xa [ 1264.921624] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1264.922934] should_failslab+0x5/0x20 [ 1264.923833] kmem_cache_alloc_trace+0x55/0x320 [ 1264.924918] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1264.926202] io_uring_setup+0x14f6/0x2980 [ 1264.927204] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1264.928404] ? wait_for_completion_io+0x270/0x270 [ 1264.929566] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1264.930807] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1264.932033] do_syscall_64+0x33/0x40 [ 1264.932906] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1264.934096] RIP: 0033:0x7f38f4330b19 [ 1264.934971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1264.939214] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1264.940958] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1264.942624] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1264.944287] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1264.945932] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1264.947586] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1264.955175] kauditd_printk_skb: 48 callbacks suppressed [ 1264.955195] audit: type=1326 audit(1778448297.165:2996): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1264.962380] FAULT_INJECTION: forcing a failure. [ 1264.962380] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1264.965109] CPU: 1 PID: 8212 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1264.966688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1264.967356] audit: type=1326 audit(1778448297.167:2997): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1264.968565] Call Trace: [ 1264.968592] dump_stack+0x107/0x167 [ 1264.968627] should_fail.cold+0x5/0xa [ 1264.975657] __alloc_pages_nodemask+0x182/0x600 [ 1264.976705] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1264.978067] ? kmem_cache_alloc+0x301/0x310 [ 1264.979061] alloc_pages_current+0x187/0x280 [ 1264.980054] allocate_slab+0x26f/0x380 [ 1264.980939] ___slab_alloc+0x470/0x700 [ 1264.981818] ? create_object.isra.0+0x3a/0xa30 [ 1264.982859] ? lock_release+0x680/0x680 [ 1264.983771] ? create_object.isra.0+0x3a/0xa30 [ 1264.984796] ? kmem_cache_alloc+0x301/0x310 [ 1264.985782] ? create_object.isra.0+0x3a/0xa30 [ 1264.986819] kmem_cache_alloc+0x301/0x310 [ 1264.987762] create_object.isra.0+0x3a/0xa30 [ 1264.988768] kmemleak_alloc_percpu+0xa0/0x100 [ 1264.989185] audit: type=1326 audit(1778448297.169:2998): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1264.989786] pcpu_alloc+0x4e2/0x1240 [ 1264.995495] ? io_tctx_exit_cb+0xf0/0xf0 [ 1264.996552] percpu_ref_init+0x31/0x3d0 [ 1264.997449] io_uring_setup+0x47a/0x2980 [ 1264.998373] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1264.999435] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.000565] ? wait_for_completion_io+0x270/0x270 [ 1265.001662] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.002830] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.003974] do_syscall_64+0x33/0x40 [ 1265.004799] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.005922] RIP: 0033:0x7ff29b41cb19 [ 1265.006772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.008758] audit: type=1326 audit(1778448297.169:2999): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1265.010865] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.010888] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1265.010899] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.010911] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.010923] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.010934] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60000000000000) 21:24:57 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) (fail_nth: 1) 21:24:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000000000000) [ 1265.083104] audit: type=1326 audit(1778448297.169:3000): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 21:24:57 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) [ 1265.114486] audit: type=1326 audit(1778448297.169:3001): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 21:24:57 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) [ 1265.142358] audit: type=1326 audit(1778448297.169:3002): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1265.158446] FAULT_INJECTION: forcing a failure. [ 1265.158446] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.161776] CPU: 1 PID: 8218 Comm: syz-executor.4 Not tainted 5.10.255 #1 [ 1265.163444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.165432] Call Trace: [ 1265.166059] dump_stack+0x107/0x167 [ 1265.166935] should_fail.cold+0x5/0xa [ 1265.167846] ? kvmalloc_node+0x119/0x170 [ 1265.168804] should_failslab+0x5/0x20 [ 1265.169713] __kmalloc_node+0x76/0x420 [ 1265.170674] kvmalloc_node+0x119/0x170 [ 1265.171604] seq_read_iter+0x9d6/0x12b0 [ 1265.172557] ? SOFTIRQ_verbose+0x10/0x10 [ 1265.173539] seq_read+0x3dd/0x5b0 [ 1265.174393] ? seq_read_iter+0x12b0/0x12b0 [ 1265.175412] ? fsnotify_perm.part.0+0x22d/0x620 [ 1265.176497] ? security_file_permission+0xb1/0xe0 [ 1265.177637] ? seq_read_iter+0x12b0/0x12b0 [ 1265.178650] vfs_read+0x228/0x620 [ 1265.179485] __x64_sys_pread64+0x201/0x260 [ 1265.180486] ? ksys_pread64+0x1b0/0x1b0 [ 1265.181449] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.182712] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.183948] do_syscall_64+0x33/0x40 [ 1265.184828] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.185998] RIP: 0033:0x7fc6edb42b19 [ 1265.186872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.191181] RSP: 002b:00007fc6eb0b8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1265.192960] RAX: ffffffffffffffda RBX: 00007fc6edc55f60 RCX: 00007fc6edb42b19 [ 1265.194637] RDX: 00000000000000ee RSI: 0000000020000040 RDI: 0000000000000003 [ 1265.196299] RBP: 00007fc6eb0b81d0 R08: 0000000000000000 R09: 0000000000000000 [ 1265.197965] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 1265.199616] R13: 00007ffdb86c6e2f R14: 00007fc6eb0b8300 R15: 0000000000022000 21:24:57 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) 21:24:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x0) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1265.229188] FAULT_INJECTION: forcing a failure. [ 1265.229188] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.231072] audit: type=1326 audit(1778448297.169:3003): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1265.232120] CPU: 0 PID: 8223 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1265.238513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.240393] Call Trace: [ 1265.240997] dump_stack+0x107/0x167 [ 1265.241828] should_fail.cold+0x5/0xa [ 1265.242732] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1265.243910] should_failslab+0x5/0x20 [ 1265.244775] kmem_cache_alloc_trace+0x55/0x320 [ 1265.245816] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1265.246978] ? io_import_iovec+0x1120/0x1120 [ 1265.247953] ? lock_downgrade+0x6d0/0x6d0 [ 1265.248895] ? do_raw_spin_lock+0x121/0x260 [ 1265.249854] ? rwlock_bug.part.0+0x90/0x90 [ 1265.250826] __io_uring_add_tctx_node+0x2c6/0x520 [ 1265.250963] audit: type=1326 audit(1778448297.169:3004): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1265.251919] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1265.251939] ? alloc_fd+0x2e7/0x670 [ 1265.251978] io_uring_setup+0x1fbb/0x2980 [ 1265.259532] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.260682] ? wait_for_completion_io+0x270/0x270 [ 1265.261794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.262986] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.264174] do_syscall_64+0x33/0x40 [ 1265.265023] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.266179] RIP: 0033:0x7f2d330fab19 [ 1265.267025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.271083] audit: type=1326 audit(1778448297.169:3005): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8198 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc6edb42b19 code=0x7ffc0000 [ 1265.271186] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.277502] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1265.278143] FAULT_INJECTION: forcing a failure. [ 1265.278143] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.279096] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.279109] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.279122] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.279144] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1265.287978] CPU: 1 PID: 8226 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1265.289488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.291320] Call Trace: [ 1265.291907] dump_stack+0x107/0x167 [ 1265.292707] should_fail.cold+0x5/0xa [ 1265.293542] ? create_object.isra.0+0x3a/0xa30 [ 1265.294543] should_failslab+0x5/0x20 [ 1265.295339] kmem_cache_alloc+0x5b/0x310 [ 1265.296219] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1265.297522] create_object.isra.0+0x3a/0xa30 [ 1265.298480] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1265.299588] kmem_cache_alloc_trace+0x151/0x320 [ 1265.300613] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1265.301788] io_uring_setup+0x14f6/0x2980 [ 1265.302710] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.303796] ? wait_for_completion_io+0x270/0x270 [ 1265.304876] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.306003] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.307131] do_syscall_64+0x33/0x40 [ 1265.307940] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.309038] RIP: 0033:0x7f38f4330b19 [ 1265.309820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.313838] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.315487] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1265.317045] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.318546] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.320041] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.321560] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1265.324714] FAULT_INJECTION: forcing a failure. [ 1265.324714] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.327199] CPU: 1 PID: 8227 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1265.328649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.330398] Call Trace: [ 1265.330964] dump_stack+0x107/0x167 [ 1265.331729] should_fail.cold+0x5/0xa [ 1265.332542] ? create_object.isra.0+0x3a/0xa30 [ 1265.333497] should_failslab+0x5/0x20 [ 1265.334301] kmem_cache_alloc+0x5b/0x310 [ 1265.335156] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1265.336306] create_object.isra.0+0x3a/0xa30 [ 1265.337217] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1265.338297] kmem_cache_alloc+0x159/0x310 [ 1265.339195] security_file_alloc+0x34/0x170 [ 1265.340119] __alloc_file+0xb7/0x320 [ 1265.340917] alloc_empty_file+0x6d/0x170 [ 1265.341777] alloc_file+0x5e/0x5a0 [ 1265.342563] alloc_file_pseudo+0x16a/0x250 [ 1265.343586] ? alloc_file+0x5a0/0x5a0 [ 1265.344579] anon_inode_getfile+0xc8/0x1f0 [ 1265.345639] io_uring_setup+0x138b/0x2980 [ 1265.346688] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.347965] ? wait_for_completion_io+0x270/0x270 [ 1265.349193] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.350474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.351737] do_syscall_64+0x33/0x40 [ 1265.352642] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.353873] RIP: 0033:0x7f606cee6b19 [ 1265.354804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.359262] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.361109] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1265.362860] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.364592] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.366313] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.368002] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80000000000000) 21:24:57 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:24:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000000000000) [ 1265.400292] FAULT_INJECTION: forcing a failure. [ 1265.400292] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.402975] CPU: 1 PID: 8232 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1265.404584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.406480] Call Trace: [ 1265.407093] dump_stack+0x107/0x167 [ 1265.407906] should_fail.cold+0x5/0xa [ 1265.408795] ? create_object.isra.0+0x3a/0xa30 [ 1265.409854] should_failslab+0x5/0x20 [ 1265.410729] kmem_cache_alloc+0x5b/0x310 [ 1265.411684] create_object.isra.0+0x3a/0xa30 [ 1265.412715] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1265.413908] kmem_cache_alloc_trace+0x151/0x320 [ 1265.415016] ? io_tctx_exit_cb+0xf0/0xf0 [ 1265.415956] percpu_ref_init+0xd8/0x3d0 [ 1265.416885] io_uring_setup+0x47a/0x2980 [ 1265.417841] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1265.418965] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.420128] ? wait_for_completion_io+0x270/0x270 [ 1265.421294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.422531] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.423753] do_syscall_64+0x33/0x40 [ 1265.424628] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.425830] RIP: 0033:0x7ff29b41cb19 [ 1265.426710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.430991] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.432767] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1265.434417] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.436059] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.437703] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.439347] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:24:57 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) (fail_nth: 2) 21:24:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff00000000) 21:24:57 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) [ 1265.564800] FAULT_INJECTION: forcing a failure. [ 1265.564800] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.568713] CPU: 1 PID: 8240 Comm: syz-executor.4 Not tainted 5.10.255 #1 [ 1265.570360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.572316] Call Trace: [ 1265.572949] dump_stack+0x107/0x167 [ 1265.573816] should_fail.cold+0x5/0xa [ 1265.574729] ? create_object.isra.0+0x3a/0xa30 [ 1265.575825] should_failslab+0x5/0x20 [ 1265.576728] kmem_cache_alloc+0x5b/0x310 [ 1265.577698] create_object.isra.0+0x3a/0xa30 [ 1265.578745] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1265.579951] __kmalloc_node+0x1ae/0x420 [ 1265.580897] kvmalloc_node+0x119/0x170 [ 1265.581820] seq_read_iter+0x9d6/0x12b0 [ 1265.582777] ? SOFTIRQ_verbose+0x10/0x10 [ 1265.583752] seq_read+0x3dd/0x5b0 [ 1265.584569] ? seq_read_iter+0x12b0/0x12b0 [ 1265.585584] ? fsnotify_perm.part.0+0x22d/0x620 [ 1265.586691] ? security_file_permission+0xb1/0xe0 [ 1265.587835] ? seq_read_iter+0x12b0/0x12b0 [ 1265.588828] vfs_read+0x228/0x620 [ 1265.589653] __x64_sys_pread64+0x201/0x260 [ 1265.590630] ? ksys_pread64+0x1b0/0x1b0 [ 1265.591573] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.592786] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.593995] do_syscall_64+0x33/0x40 [ 1265.594885] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.596061] RIP: 0033:0x7fc6edb42b19 [ 1265.596911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.601128] RSP: 002b:00007fc6eb0b8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1265.602888] RAX: ffffffffffffffda RBX: 00007fc6edc55f60 RCX: 00007fc6edb42b19 [ 1265.604532] RDX: 00000000000000ee RSI: 0000000020000040 RDI: 0000000000000003 [ 1265.606173] RBP: 00007fc6eb0b81d0 R08: 0000000000000000 R09: 0000000000000000 [ 1265.607809] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 1265.609428] R13: 00007ffdb86c6e2f R14: 00007fc6eb0b8300 R15: 0000000000022000 [ 1265.643432] FAULT_INJECTION: forcing a failure. [ 1265.643432] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.646012] CPU: 1 PID: 8244 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1265.647563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.649445] Call Trace: [ 1265.650049] dump_stack+0x107/0x167 [ 1265.650889] should_fail.cold+0x5/0xa [ 1265.651760] ? create_object.isra.0+0x3a/0xa30 [ 1265.652800] should_failslab+0x5/0x20 [ 1265.653656] kmem_cache_alloc+0x5b/0x310 [ 1265.654597] create_object.isra.0+0x3a/0xa30 [ 1265.655618] kmemleak_alloc_percpu+0xa0/0x100 [ 1265.656652] pcpu_alloc+0x4e2/0x1240 [ 1265.657523] ? io_async_queue_proc+0x80/0x80 [ 1265.658534] percpu_ref_init+0x31/0x3d0 [ 1265.659441] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1265.660682] io_uring_setup+0x14f6/0x2980 [ 1265.661630] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1265.662795] ? wait_for_completion_io+0x270/0x270 [ 1265.663928] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.665117] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.666326] do_syscall_64+0x33/0x40 [ 1265.667179] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.668332] RIP: 0033:0x7f38f4330b19 [ 1265.669163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.673322] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1265.675034] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1265.676643] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1265.678250] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1265.679860] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1265.681468] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:15 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) 21:25:15 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) 21:25:15 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) 21:25:15 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, 0x0, 0x0, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:25:15 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xfbffffffffff0f00) 21:25:15 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:25:15 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x100010000000000) 21:25:15 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) (fail_nth: 3) [ 1283.244467] FAULT_INJECTION: forcing a failure. [ 1283.244467] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1283.246432] CPU: 0 PID: 8261 Comm: syz-executor.4 Not tainted 5.10.255 #1 [ 1283.247514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.248814] Call Trace: [ 1283.249243] dump_stack+0x107/0x167 [ 1283.249823] should_fail.cold+0x5/0xa [ 1283.250441] _copy_to_user+0x2e/0x180 [ 1283.251052] simple_read_from_buffer+0xcc/0x160 [ 1283.251715] FAULT_INJECTION: forcing a failure. [ 1283.251715] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.251799] proc_fail_nth_read+0x198/0x230 [ 1283.255357] ? proc_sessionid_read+0x230/0x230 [ 1283.256077] ? security_file_permission+0xb1/0xe0 [ 1283.256845] ? proc_sessionid_read+0x230/0x230 [ 1283.257612] vfs_read+0x228/0x620 [ 1283.258165] ksys_read+0x12d/0x260 [ 1283.258735] ? vfs_write+0xb10/0xb10 [ 1283.259328] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.260155] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.260970] do_syscall_64+0x33/0x40 [ 1283.261558] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.262363] RIP: 0033:0x7fc6edaf569c [ 1283.262956] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1283.265833] RSP: 002b:00007fc6eb0b8170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1283.267126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc6edaf569c [ 1283.268253] RDX: 000000000000000f RSI: 00007fc6eb0b81e0 RDI: 0000000000000004 [ 1283.269371] RBP: 00007fc6eb0b81d0 R08: 0000000000000000 R09: 0000000000000000 [ 1283.270495] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 1283.271612] R13: 00007ffdb86c6e2f R14: 00007fc6eb0b8300 R15: 0000000000022000 [ 1283.272762] CPU: 1 PID: 8263 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1283.274164] FAULT_INJECTION: forcing a failure. [ 1283.274164] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.274431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.278154] Call Trace: [ 1283.278806] dump_stack+0x107/0x167 [ 1283.279687] should_fail.cold+0x5/0xa [ 1283.280627] ? create_object.isra.0+0x3a/0xa30 [ 1283.281736] should_failslab+0x5/0x20 [ 1283.282660] kmem_cache_alloc+0x5b/0x310 [ 1283.283651] create_object.isra.0+0x3a/0xa30 [ 1283.284729] kmemleak_alloc_percpu+0xa0/0x100 [ 1283.285832] pcpu_alloc+0x4e2/0x1240 [ 1283.286770] ? io_async_queue_proc+0x80/0x80 [ 1283.287879] percpu_ref_init+0x31/0x3d0 [ 1283.288857] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1283.290222] io_uring_setup+0x14f6/0x2980 [ 1283.291285] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.292552] ? wait_for_completion_io+0x270/0x270 [ 1283.293792] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.295118] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.296424] do_syscall_64+0x33/0x40 [ 1283.297357] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.298657] RIP: 0033:0x7f38f4330b19 [ 1283.299590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.304228] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.306132] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1283.307923] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.309711] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.311502] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.313279] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1283.315103] CPU: 0 PID: 8260 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1283.316232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.317593] Call Trace: [ 1283.318027] dump_stack+0x107/0x167 [ 1283.318641] should_fail.cold+0x5/0xa [ 1283.319268] ? create_object.isra.0+0x3a/0xa30 [ 1283.320016] should_failslab+0x5/0x20 [ 1283.320640] kmem_cache_alloc+0x5b/0x310 [ 1283.321314] create_object.isra.0+0x3a/0xa30 [ 1283.322036] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.322882] kmem_cache_alloc_trace+0x151/0x320 [ 1283.323651] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1283.324484] ? io_import_iovec+0x1120/0x1120 [ 1283.325221] ? lock_downgrade+0x6d0/0x6d0 [ 1283.325913] ? do_raw_spin_lock+0x121/0x260 [ 1283.326624] ? rwlock_bug.part.0+0x90/0x90 [ 1283.327333] __io_uring_add_tctx_node+0x2c6/0x520 [ 1283.328141] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1283.329004] ? alloc_fd+0x2e7/0x670 [ 1283.329618] io_uring_setup+0x1fbb/0x2980 [ 1283.330309] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.331149] ? wait_for_completion_io+0x270/0x270 [ 1283.331961] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.332825] FAULT_INJECTION: forcing a failure. [ 1283.332825] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.334636] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.335489] do_syscall_64+0x33/0x40 [ 1283.336150] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.337034] RIP: 0033:0x7f2d330fab19 [ 1283.337645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.340829] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.342118] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1283.343356] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.344590] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.345783] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.347014] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1283.348257] CPU: 1 PID: 8262 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1283.349975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.352297] Call Trace: [ 1283.352958] dump_stack+0x107/0x167 [ 1283.354080] should_fail.cold+0x5/0xa [ 1283.355093] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1283.356610] should_failslab+0x5/0x20 [ 1283.357553] kmem_cache_alloc_trace+0x55/0x320 [ 1283.358835] io_uring_alloc_task_context+0x99/0x6a0 [ 1283.360215] ? io_import_iovec+0x1120/0x1120 [ 1283.361300] ? lock_downgrade+0x6d0/0x6d0 [ 1283.362479] ? do_raw_spin_lock+0x121/0x260 [ 1283.363701] ? rwlock_bug.part.0+0x90/0x90 [ 1283.364734] __io_uring_add_tctx_node+0x2c6/0x520 [ 1283.366172] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1283.367514] ? alloc_fd+0x2e7/0x670 [ 1283.368649] io_uring_setup+0x1fbb/0x2980 [ 1283.369726] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.370974] ? wait_for_completion_io+0x270/0x270 [ 1283.372327] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.373786] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.375101] do_syscall_64+0x33/0x40 [ 1283.376256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.377498] RIP: 0033:0x7f606cee6b19 [ 1283.378586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.383449] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.385309] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1283.387176] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.389058] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.390994] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.392842] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1283.397520] FAULT_INJECTION: forcing a failure. [ 1283.397520] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1283.399506] CPU: 0 PID: 8265 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1283.400674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.402047] Call Trace: [ 1283.402490] dump_stack+0x107/0x167 [ 1283.403077] should_fail.cold+0x5/0xa [ 1283.403688] __alloc_pages_nodemask+0x182/0x600 [ 1283.404434] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1283.405399] ? cap_capable+0x1cd/0x230 [ 1283.406031] alloc_pages_current+0x187/0x280 [ 1283.406744] __get_free_pages+0xc/0xa0 [ 1283.407379] io_uring_setup+0xe27/0x2980 [ 1283.408034] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.408844] ? wait_for_completion_io+0x270/0x270 [ 1283.409630] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.410479] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.411303] do_syscall_64+0x33/0x40 [ 1283.411895] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.412713] RIP: 0033:0x7ff29b41cb19 [ 1283.413302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.416234] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.417448] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1283.418603] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.419736] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.420867] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.422004] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:15 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0fe04500000000) [ 1283.440195] kauditd_printk_skb: 11 callbacks suppressed [ 1283.440215] audit: type=1326 audit(1778448315.652:3017): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8249 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:15 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1283.455736] audit: type=1326 audit(1778448315.653:3018): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8249 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:15 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:25:15 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, 0x0, 0x0, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:25:15 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) 21:25:15 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) 21:25:15 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) [ 1283.559421] FAULT_INJECTION: forcing a failure. [ 1283.559421] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1283.561349] CPU: 0 PID: 8274 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1283.562377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.563521] Call Trace: [ 1283.563906] dump_stack+0x107/0x167 [ 1283.564417] should_fail.cold+0x5/0xa [ 1283.564945] __alloc_pages_nodemask+0x182/0x600 [ 1283.565586] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1283.566423] ? cap_capable+0x1cd/0x230 [ 1283.566967] alloc_pages_current+0x187/0x280 [ 1283.567574] __get_free_pages+0xc/0xa0 [ 1283.568110] io_uring_setup+0xf9a/0x2980 [ 1283.568675] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.569536] ? wait_for_completion_io+0x270/0x270 [ 1283.570335] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.571065] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.571983] do_syscall_64+0x33/0x40 [ 1283.572544] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.573247] RIP: 0033:0x7ff29b41cb19 [ 1283.573756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.576538] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.577737] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1283.578808] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.579993] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.580968] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.581939] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:15 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x200000000000000) [ 1283.618362] FAULT_INJECTION: forcing a failure. [ 1283.618362] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.620210] CPU: 0 PID: 8281 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1283.621134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.622248] Call Trace: [ 1283.622667] dump_stack+0x107/0x167 [ 1283.623273] should_fail.cold+0x5/0xa [ 1283.623882] ? create_object.isra.0+0x3a/0xa30 [ 1283.624226] FAULT_INJECTION: forcing a failure. [ 1283.624226] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.624502] should_failslab+0x5/0x20 [ 1283.627364] kmem_cache_alloc+0x5b/0x310 [ 1283.628032] create_object.isra.0+0x3a/0xa30 [ 1283.628679] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.629357] kmem_cache_alloc_trace+0x151/0x320 [ 1283.630145] io_uring_alloc_task_context+0x99/0x6a0 [ 1283.630906] ? io_import_iovec+0x1120/0x1120 [ 1283.631548] ? lock_downgrade+0x6d0/0x6d0 [ 1283.632226] ? do_raw_spin_lock+0x121/0x260 [ 1283.632806] ? rwlock_bug.part.0+0x90/0x90 [ 1283.633433] __io_uring_add_tctx_node+0x2c6/0x520 [ 1283.634079] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1283.634781] ? alloc_fd+0x2e7/0x670 [ 1283.635274] io_uring_setup+0x1fbb/0x2980 [ 1283.635830] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.636503] ? wait_for_completion_io+0x270/0x270 [ 1283.637158] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.637853] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.638547] do_syscall_64+0x33/0x40 [ 1283.639037] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.639776] RIP: 0033:0x7f606cee6b19 [ 1283.640271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.642866] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.643959] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1283.644996] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.646004] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.647092] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.648107] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1283.649179] CPU: 1 PID: 8279 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1283.650629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.652370] Call Trace: [ 1283.652931] dump_stack+0x107/0x167 [ 1283.653712] should_fail.cold+0x5/0xa [ 1283.654529] ? io_wq_create+0xeb/0xc00 [ 1283.655350] should_failslab+0x5/0x20 [ 1283.656157] __kmalloc+0x72/0x390 [ 1283.656901] io_wq_create+0xeb/0xc00 [ 1283.657700] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1283.658778] ? io_import_iovec+0x1120/0x1120 [ 1283.659698] ? io_apoll_task_func+0x2d0/0x2d0 [ 1283.660634] ? __io_req_find_next+0x300/0x300 [ 1283.661589] ? do_raw_spin_lock+0x121/0x260 [ 1283.662510] ? rwlock_bug.part.0+0x90/0x90 [ 1283.663428] __io_uring_add_tctx_node+0x2c6/0x520 [ 1283.664458] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1283.665581] ? alloc_fd+0x2e7/0x670 [ 1283.666366] io_uring_setup+0x1fbb/0x2980 [ 1283.667273] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.668330] ? wait_for_completion_io+0x270/0x270 [ 1283.669391] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.670527] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.671630] do_syscall_64+0x33/0x40 [ 1283.672431] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.673526] RIP: 0033:0x7f2d330fab19 [ 1283.674326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.678268] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.679918] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1283.681439] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.682970] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.684499] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.686027] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:15 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0x2000012e, 0x7) [ 1283.734207] audit: type=1326 audit(1778448315.946:3019): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8272 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1283.739375] FAULT_INJECTION: forcing a failure. [ 1283.739375] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.741029] CPU: 0 PID: 8287 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1283.742052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.743137] Call Trace: [ 1283.743470] dump_stack+0x107/0x167 [ 1283.743993] should_fail.cold+0x5/0xa [ 1283.744581] ? percpu_ref_init+0xd8/0x3d0 [ 1283.745119] should_failslab+0x5/0x20 [ 1283.745591] kmem_cache_alloc_trace+0x55/0x320 [ 1283.746228] ? io_async_queue_proc+0x80/0x80 [ 1283.746948] percpu_ref_init+0xd8/0x3d0 [ 1283.747451] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1283.748192] io_uring_setup+0x14f6/0x2980 [ 1283.748827] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1283.749468] ? wait_for_completion_io+0x270/0x270 [ 1283.750080] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.750737] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.751425] do_syscall_64+0x33/0x40 [ 1283.751892] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.752600] RIP: 0033:0x7f38f4330b19 [ 1283.753063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.755570] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1283.756600] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1283.757575] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1283.758560] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1283.759539] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1283.760506] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:30 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f604600000000) 21:25:30 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) 21:25:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x6) 21:25:30 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) [ 1298.755276] FAULT_INJECTION: forcing a failure. [ 1298.755276] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.757717] CPU: 1 PID: 8298 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1298.759180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.760940] Call Trace: [ 1298.761507] dump_stack+0x107/0x167 [ 1298.762289] should_fail.cold+0x5/0xa [ 1298.763110] ? create_object.isra.0+0x3a/0xa30 [ 1298.764083] should_failslab+0x5/0x20 [ 1298.764900] kmem_cache_alloc+0x5b/0x310 [ 1298.765772] create_object.isra.0+0x3a/0xa30 [ 1298.766710] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1298.767799] __kmalloc+0x16e/0x390 [ 1298.768567] io_wq_create+0xeb/0xc00 [ 1298.769372] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1298.770439] ? io_import_iovec+0x1120/0x1120 [ 1298.771383] ? io_apoll_task_func+0x2d0/0x2d0 [ 1298.772338] ? __io_req_find_next+0x300/0x300 [ 1298.773294] ? do_raw_spin_lock+0x121/0x260 [ 1298.774208] ? rwlock_bug.part.0+0x90/0x90 [ 1298.775125] __io_uring_add_tctx_node+0x2c6/0x520 [ 1298.776156] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1298.777268] ? alloc_fd+0x2e7/0x670 [ 1298.778062] io_uring_setup+0x1fbb/0x2980 [ 1298.778962] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1298.780030] ? wait_for_completion_io+0x270/0x270 [ 1298.781086] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1298.782195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1298.783306] do_syscall_64+0x33/0x40 [ 1298.784102] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1298.785180] RIP: 0033:0x7f2d330fab19 [ 1298.785972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.789879] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1298.791557] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1298.793061] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1298.794582] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1298.796096] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1298.797607] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1298.824756] FAULT_INJECTION: forcing a failure. [ 1298.824756] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.827266] CPU: 0 PID: 8305 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1298.828738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.830503] Call Trace: [ 1298.831081] dump_stack+0x107/0x167 [ 1298.831861] should_fail.cold+0x5/0xa [ 1298.832677] ? create_object.isra.0+0x3a/0xa30 [ 1298.833651] should_failslab+0x5/0x20 [ 1298.834466] kmem_cache_alloc+0x5b/0x310 [ 1298.835350] create_object.isra.0+0x3a/0xa30 [ 1298.836291] kmemleak_alloc_percpu+0xa0/0x100 [ 1298.837253] pcpu_alloc+0x4e2/0x1240 [ 1298.838068] __percpu_counter_init+0x10d/0x2d0 [ 1298.839053] io_uring_alloc_task_context+0xcc/0x6a0 [ 1298.840116] ? io_import_iovec+0x1120/0x1120 [ 1298.841054] ? lock_downgrade+0x6d0/0x6d0 [ 1298.841934] ? do_raw_spin_lock+0x121/0x260 [ 1298.842873] ? rwlock_bug.part.0+0x90/0x90 [ 1298.843785] __io_uring_add_tctx_node+0x2c6/0x520 [ 1298.844809] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1298.845925] ? alloc_fd+0x2e7/0x670 [ 1298.846714] io_uring_setup+0x1fbb/0x2980 [ 1298.847592] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1298.848665] ? wait_for_completion_io+0x270/0x270 [ 1298.849715] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1298.850826] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1298.851918] do_syscall_64+0x33/0x40 [ 1298.852707] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1298.853795] RIP: 0033:0x7f606cee6b19 [ 1298.854608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.858519] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1298.860150] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1298.861683] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1298.863231] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1298.864768] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1298.866307] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1298.875866] audit: type=1326 audit(1778448331.088:3020): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.876761] FAULT_INJECTION: forcing a failure. [ 1298.876761] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.882904] CPU: 0 PID: 8308 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1298.884412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.885781] audit: type=1326 audit(1778448331.098:3021): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:30 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000000000000) 21:25:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:25:30 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, 0x0, 0x0, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:25:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) [ 1298.886253] Call Trace: [ 1298.886282] dump_stack+0x107/0x167 [ 1298.886309] should_fail.cold+0x5/0xa [ 1298.893193] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1298.894457] should_failslab+0x5/0x20 [ 1298.895326] kmem_cache_alloc_trace+0x55/0x320 [ 1298.896367] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1298.897584] io_uring_setup+0x14f6/0x2980 [ 1298.898528] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1298.899676] ? wait_for_completion_io+0x270/0x270 [ 1298.900797] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1298.901981] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1298.903196] do_syscall_64+0x33/0x40 [ 1298.904020] audit: type=1326 audit(1778448331.106:3022): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.904063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1298.909692] RIP: 0033:0x7ff29b41cb19 [ 1298.910561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.914890] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1298.916684] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1298.918370] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1298.920020] audit: type=1326 audit(1778448331.106:3023): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.920063] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1298.920084] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1298.927629] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1298.941810] audit: type=1326 audit(1778448331.106:3024): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:31 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pipe2(&(0x7f0000000280)={0xffffffffffffffff}, 0x4800) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r2, {r0}}, './file0\x00'}) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00') r4 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x100000001]}, 0x8) fsetxattr$security_evm(r4, &(0x7f0000000200), &(0x7f0000000240)=@ng={0x4, 0x5, "c89ba1c6acea94f806"}, 0xb, 0x3) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {r3}}, '.\x00'}) [ 1298.957177] FAULT_INJECTION: forcing a failure. [ 1298.957177] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.959644] CPU: 0 PID: 8312 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1298.961095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.962864] Call Trace: [ 1298.963431] dump_stack+0x107/0x167 [ 1298.964020] audit: type=1326 audit(1778448331.107:3025): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.964210] should_fail.cold+0x5/0xa [ 1298.969425] ? create_object.isra.0+0x3a/0xa30 [ 1298.970388] should_failslab+0x5/0x20 [ 1298.971198] kmem_cache_alloc+0x5b/0x310 [ 1298.972084] create_object.isra.0+0x3a/0xa30 [ 1298.973008] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1298.974099] kmem_cache_alloc_trace+0x151/0x320 [ 1298.975089] ? io_async_queue_proc+0x80/0x80 [ 1298.976031] percpu_ref_init+0xd8/0x3d0 [ 1298.976870] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1298.978029] io_uring_setup+0x14f6/0x2980 [ 1298.978917] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1298.980006] ? wait_for_completion_io+0x270/0x270 [ 1298.981006] audit: type=1326 audit(1778448331.107:3026): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.981102] audit: type=1326 audit(1778448331.107:3027): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1298.985592] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1298.985621] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1298.992258] do_syscall_64+0x33/0x40 [ 1298.993058] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1298.994132] RIP: 0033:0x7f38f4330b19 [ 1298.994937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.998793] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1299.000422] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1299.001921] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1299.003454] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1299.004980] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1299.006507] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1299.013435] audit: type=1326 audit(1778448331.107:3028): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:31 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000000000000) 21:25:31 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fe04500000000) 21:25:31 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1299.043028] audit: type=1326 audit(1778448331.108:3029): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8302 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:31 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) 21:25:31 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:25:31 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xfbffffffffff0f00) 21:25:31 executing program 4: sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000000}, 0x40800) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x40, 0x6}, 0x18) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfc, 0x70}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000045}, 0x40000) readv(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f00000000c0)=""/207, 0xcf}, {&(0x7f0000000380)=""/175, 0xaf}, {&(0x7f0000000440)=""/158, 0x9e}, {&(0x7f00000001c0)=""/104, 0x68}], 0x4) pread64(r1, &(0x7f0000000240)=""/263, 0x107, 0x47) [ 1299.221403] FAULT_INJECTION: forcing a failure. [ 1299.221403] name failslab, interval 1, probability 0, space 0, times 0 [ 1299.223121] CPU: 0 PID: 8327 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1299.224083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1299.225243] Call Trace: [ 1299.225616] dump_stack+0x107/0x167 [ 1299.226133] should_fail.cold+0x5/0xa [ 1299.226684] ? create_object.isra.0+0x3a/0xa30 [ 1299.227325] should_failslab+0x5/0x20 [ 1299.227865] kmem_cache_alloc+0x5b/0x310 [ 1299.228436] create_object.isra.0+0x3a/0xa30 [ 1299.229064] kmemleak_alloc_percpu+0xa0/0x100 [ 1299.229719] pcpu_alloc+0x4e2/0x1240 [ 1299.230259] __percpu_counter_init+0x10d/0x2d0 [ 1299.230914] io_uring_alloc_task_context+0xcc/0x6a0 [ 1299.231635] ? io_import_iovec+0x1120/0x1120 [ 1299.232261] ? lock_downgrade+0x6d0/0x6d0 [ 1299.232853] ? do_raw_spin_lock+0x121/0x260 [ 1299.233472] ? rwlock_bug.part.0+0x90/0x90 [ 1299.234084] __io_uring_add_tctx_node+0x2c6/0x520 [ 1299.234783] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1299.235517] ? alloc_fd+0x2e7/0x670 [ 1299.236045] io_uring_setup+0x1fbb/0x2980 [ 1299.236646] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1299.237362] ? wait_for_completion_io+0x270/0x270 [ 1299.238064] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1299.238808] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1299.239538] do_syscall_64+0x33/0x40 [ 1299.240053] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1299.240764] RIP: 0033:0x7f606cee6b19 [ 1299.241289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1299.243857] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1299.244947] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1299.245935] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1299.246933] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1299.247928] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1299.248919] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:31 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:25:31 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) [ 1299.310247] FAULT_INJECTION: forcing a failure. [ 1299.310247] name failslab, interval 1, probability 0, space 0, times 0 [ 1299.312808] CPU: 1 PID: 8335 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1299.314248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1299.315995] Call Trace: [ 1299.316558] dump_stack+0x107/0x167 [ 1299.317328] should_fail.cold+0x5/0xa [ 1299.318135] ? io_wq_create+0x6ef/0xc00 [ 1299.318985] should_failslab+0x5/0x20 [ 1299.319788] kmem_cache_alloc_node_trace+0x59/0x340 [ 1299.320848] io_wq_create+0x6ef/0xc00 [ 1299.321661] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1299.322740] ? io_import_iovec+0x1120/0x1120 [ 1299.323660] ? io_apoll_task_func+0x2d0/0x2d0 [ 1299.324605] ? __io_req_find_next+0x300/0x300 [ 1299.325549] ? do_raw_spin_lock+0x121/0x260 [ 1299.326453] ? rwlock_bug.part.0+0x90/0x90 [ 1299.327359] __io_uring_add_tctx_node+0x2c6/0x520 [ 1299.328375] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1299.329485] ? alloc_fd+0x2e7/0x670 [ 1299.330268] io_uring_setup+0x1fbb/0x2980 [ 1299.331175] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1299.332249] ? wait_for_completion_io+0x270/0x270 [ 1299.333304] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1299.334423] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1299.335544] do_syscall_64+0x33/0x40 [ 1299.336340] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1299.337437] RIP: 0033:0x7f2d330fab19 [ 1299.338230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1299.342158] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1299.343789] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1299.345302] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1299.346821] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1299.348345] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1299.349865] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1299.362698] FAULT_INJECTION: forcing a failure. [ 1299.362698] name failslab, interval 1, probability 0, space 0, times 0 [ 1299.365471] CPU: 0 PID: 8336 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1299.367123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1299.369125] Call Trace: [ 1299.369766] dump_stack+0x107/0x167 [ 1299.370667] should_fail.cold+0x5/0xa [ 1299.371587] ? create_object.isra.0+0x3a/0xa30 [ 1299.372690] should_failslab+0x5/0x20 [ 1299.373607] kmem_cache_alloc+0x5b/0x310 [ 1299.374590] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1299.376008] create_object.isra.0+0x3a/0xa30 [ 1299.376928] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1299.377998] kmem_cache_alloc_trace+0x151/0x320 [ 1299.378991] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1299.380129] io_uring_setup+0x14f6/0x2980 [ 1299.381009] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1299.382066] ? wait_for_completion_io+0x270/0x270 [ 1299.383115] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1299.384212] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1299.385296] do_syscall_64+0x33/0x40 [ 1299.386078] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1299.387166] RIP: 0033:0x7ff29b41cb19 [ 1299.387946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1299.391822] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1299.393437] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1299.394950] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1299.396444] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1299.397952] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1299.399473] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:25:45 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) 21:25:45 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:25:45 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) 21:25:45 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:25:45 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f604600000000) 21:25:45 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x400, 0x0, 0x0, 0x3c8}, &(0x7f0000800000/0x800000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000080)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r5, 0x0, &(0x7f0000000000)="2a3f5fb70d69d3f7011e7e5dc2d70f37aefe3de27b3beef03a535e818043b63c621db40d9413b0528c405c5cc34c1c434eac85447ee2a7293ef60e369c087727ff9e3ba9e207efd6214c9d3ed5b26f971505b80f6c6f5b4d0bc0c554821d027fc2cc357b5be5b58e4caed8ea79dc0eaf877c0a", 0x73, 0x100, 0x1}, 0x8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x20, 0x0, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}}, 0x0) sendmmsg$sock(r5, &(0x7f0000003f40)=[{{&(0x7f0000000400)=@ethernet={0x6, @multicast}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000480)="ecf68a95ad180f34319f4393159036789a3ef0db62a125276aecc4f57d0ad6fbd6e9aae2d8e1edd50f96b7834880fd86c096517c3ab137aada618928d4df11899a0a6b0e6d13a69e92ec20efb037435007ccd365b302a1ed7b09a0f39a363596eb4fe5e371719fe47cbe5706ee2a4a4024cf3ad4ffc7987d4466a2ebff03f96d1854e0d925e580ab4014a3f16679fd83e3176300f5bdbdb722742bb1b59b0a56568f785b33bf43c88cac44b4f4e3283602bccec46f25195da120f65d32153f125ae1e6aeb5dc1b1374ab36", 0xcb}, {&(0x7f0000000580)="012bb5cae6c34ee8f4ae275bb3b9d310c24d43fdf3804fd5e2311097ccb99c80ff685454d649eef5716319e2789ad8ab5569fda8922fe37dd2736de01f2aa9939140ad4d935c7e6b0888d75762975e335ea53782039088c48cd195d9c4feac357ee36fc1428d356ff5ed96258ae54db5002f3b050a3b08bee1a8a4a66298c3e16c917bee085ac11532ac5d9bbe7cfbaa9fd14f2f967c8318a3b1c8ff35444ac316a65da7f792668f191d14aef9e2d856c77d19bb65", 0x83}], 0x2, &(0x7f0000000640)=[@mark={{0x14, 0x1, 0x24, 0x62}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x80}}], 0x78}}, {{&(0x7f00000006c0)=@can, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000740)="5235dec1264e8454eca3e266197ef7bcb4aa7978df2263ad999532f420eef59601411c777037f853655561866f34ac8ded8cde02e5c3632be0d2aefef72604e25671217f6fe54a3c50b185", 0x4b}, {&(0x7f00000007c0)="c33197f9b637b89c007a1a9b788be4598d47bd2f2caa5ee7bd2eda30109bdb7efe15b1089538fe628e61f11b6693bc097a1d1d5207850601536acdf61a1008e059019d988c689ca4ad4c4d0da89dd1ad6bcd7a3fd40146ca60e67d5dac59870584b573d04a644ca02ed30d3123390f400bf91ea83f0d9e8cf5b34e21beed8f088ad074546428b3cc324263d5dc88146a379f3a7002f7a5a1de3062e62e07bb0861baf07fe8fd46ff93146b3f18c29bd5712eb84671419ae0d9df7d5b77c7b9f3", 0xc0}, {&(0x7f0000000880)="f2195b7f7e54727e37e307355352f7844d27bdde810d63b093024b4800c71a7b82ec5d8b13285ecc62d9449ed235a14aab440176107519c6eb29058d6f8138a2993aad2cb39a3f2079e8887446853356b0575857aff9338f59add26dcb084224d843a1569408c4e3db5cc665c1414cfda5b7bc93b11b6171b468aa90af8acaf2ff83171dd2bbefebcc5e6f64df2947f70ffca54b153e86f8a376a64563dc4e4b4db342e265f40a790f9e59a71b6202217b5921bcae388d076bd75abc13", 0xbd}, {&(0x7f0000000940)="ab7ad5e7628ba1e8cc042dafd195c03f6a41fa4e3db17ff76305188e1ea63f5e1c18a69e0739a111cf77aaf5c36223cf222c4598047c8ebf0b1167f13252f4475cf83941cf2423a39401d46eb086adf9d70f2e0978602dc846b4fdc29bdc8b4ea1913f733a04e2081c449e9f94dda064e6dbcb01ef4724268732db4f1988da25113c84e7bc569afaa254366886bbd46d805b60fcb00886e203df01066c033addcf28377abb5c93c8c24dcdc162610a834150b3d84ee86d1a4462cbfa124f", 0xbe}], 0x4, &(0x7f0000000280)=[@txtime={{0x18, 0x1, 0x3d, 0x6}}], 0x18}}, {{&(0x7f0000000a00)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x80, &(0x7f0000001bc0)=[{&(0x7f00000040c0)="7ff3fd670f0ca07184d6302810c041ae47b4424c8f5921712e5b00d2ab9a7d77f81229a093ce3b8aaa79d8a531130ab6b457834a1029a86eff94643730ede6c53080d73acd589703dc0d0d09d33358cbd3de9efb8afe8ca001d6c6f9eb207f321e5e71ffeeb7ffbd28ffaf7979d5f4198678e6c7d889c0e34520a8fd2b719c876a96c636827344618191dcf980fb025dffc3fa3bbbc403a5cec867fa3a16fb519937e0516b67c83723ffa7004fcd204de321cb9404b2643e49ceb1c04841219753d665c09cd3f571690d29b0ef78c687dbdade502386bec60a155458638787058d07b8881e0c26ca0e95cd897ddd8c709edbc701adb4d0f389009e2fb49ad91ddd1eacf511a3e75d2540ce52ce347a75c2aba697a7308588f9f91db55c677199069f633b7f1fb2cf439b260815cf72c1184ea6326577aa9750103b19f22eb9c27247099fac81dd11199043ef0123ec69dd4d529329b825f67341ec3750cb4355711ef3dd8283a10346463aa347366e327500c4660968c69d17cf1b127c9a514d3b43271e55e0f5973d02337891e91c165d51f951d76b3f498f306372b9c06544584d01acbab32808be5ce60e39983314f8383f19f27c3640e119c309241eef4c937c264723c4be76a63b0003b5909e1ad194a68ae43f67f646d8beaf5de94fd5b6e5533f7eebcd72c4cdb031e3b22918440042bd6a27296a69ad2aab29e2c3683ba0cb0e26d33c02cfd81a270ad9ab15a1c4db038f0c463c938ec68a273bb5d5d6be5baf1e89336589ff6520f03a369ad0805ac0ce47e2009c05fe88129810c374f19d8f9f7fbc0c634a238a48cb0a615ef23ee69ce0a19070ea25d6d03d376c5cdab5629fc92aa9cda36afdf892798b09b36a8336a3f4d05e4619e53dc5ad67459ea1583545f27116ef754c26875005a4bf8d3748fe4ef42ba23a646577af4d96358bc6aa6f6f1c569d3937a6128c3822f7498baa475329df8455d12eb9cb517369372dd1f23a5f4091933cdf183876c57944fed1e4a703974e392c74511808b097ca28fd28a1e98823d13eab5f464f98b0200e0481909b3b2bc7eb48df03c34f2452ad24335f4d6a10ad79784a2fa7890635d0c18b1186d0809962682c70feec078478d7857daf4abd3eb602edc390b0b40e7e36dc503d7ade57c8a7773fc4a2890979ccf512f0956a8e7c659f08af9e3cf34a437073450c017ad72422e8e8800be8508a833dc7d03f3cf30a4bb3fa1703725c92255223a2ea59c6646a2b802a6defeaa3e972386c854f2eb5b086c6b5ebd006cfdfdc42825209677bdf49c34dae5f39b9260f67846f923b8752e08d9be9c8b47fcf66e25d43d48a02ea67fd5716d4cb0f4c4a9a6f19279d089dec405137d04195978f522e5ba40fd7306574b9ec9899dfc67ce506cac6ca169168765aaae9a2943d723019eb958aff10a39f9d995ddbc12c8a4ef8223901847bf3fbfb8e3e452a5b7341672d1ad2986896c324b04e58948001b7c2d1844ff307464193929168b73f7bc488086d9c9f52c3797603f48d6a034f140a2b0f3b7ad09083c5e44674a1f6607b9dc015b85e2907444f6a4b1a1d8072421e262985b1d0388aac5b0f785cd0c0d15596c9642fc02089b873b291e6c58adb22080b49009b05fc00852dbe3185e90f3d6a0d62c7c673fbb8527b70858bec408da5dd52328640a8b68b94fb1a5bb67f52aa466279bfbe3d67504b677ea9793386c740cd1d7c7571b1c19a0b6f041da9e189ff6563b60431dff38f05868709a642a3a8ca9727350a334724e0972dbba888402f2c41c5deffabe67094110459c8cd5355f2223c9c8b48c696e6250823155569d34ef468ba50cc666533bc0f3764bab3d3fa6af9ead1df5b3c68af1f3d3b839906fbfdf8a00c10f6d95dbb8f91592804e7594718fbe6a25c2a9712f80efb9e8a40d217581a7e93e0a817916ba70144ca8c4b3a8d028dd1914b843a0ca52f0643c3b88992b121ce249131d4e6fdda800a8e934ccc51f251d03ec7f2e86e370304ba7ad0b2c1405fa7850afffab343767f79cce67301cf751237ac9cbfe0f9d1f942077c01741a6fc1b39edc1f7f572287be8f9e51ad2cb9d641daadde8cd0cd1c1edf8ea53748fc9fdfa0ac3df4e23c892f30b8b516e97cba1db0f95fe563c98bf84b0a24a9e0eb82b89281dd07a6953f181a7cb77e22537ae9739af06378e6b60ca2dd252604889fdc6ab235546eafc583fbebfc06a6911e9e357451a7c6b7e80e770a41294f459848d5018ee6b9218964ccc5138a09826aa0c3ff4fcc038942ef7de446299f853ff68772d325984a96ad7ad39bd30e798f6fe75dbcc61a43abf8a61dd2f69950f54199ddcf8ca7e7c91447077d99f76362b7239a8b25799e0813fc2fec1f146cc7d432545cebbe4b0e30cab64b8351c4258bcb7ea0f113bf14408f84449c0814c47c83c6ba3f533cef1f6b8c2dd1aca41b1cc21638ef3f28781e88f3cd11ceb57249f46c94a316acf02429288f403c44fd240c5eddc3def17af33c927f7b8ae5350d98207fead1a35730d59e3caaea88a10e4d8d9b39be26e7ea5e7df5773d60bbcb34db199addab6c7e4c70faa19b753a61777622397117904f83614eb20bd771112d3afbd9b06cf98cb741a1695f5a78e06cb699bca161a9ca93f807d969092e501157115325cc579511b981d171651b261b8f96e97a021de4a1e38eec9f75dec22bf7942180cd16a6629f08a3d5f48d5ef0b91a0b1041edc4123fa889a9ee3dbf72b22ce54e7d86625b152bd2c170965ee62b62588a498be04722d1c917326c3c1d3725a235de4b5f7a1d86d26e995f49b78f6cea4696ffa7a9fd3e4fa0d1354df1a91413704ab70c6b5444c0629ff3393bdcdbcba71b676bf5dce9cfa0e4ca0723071221395e6b46daaf944ef19c1de1aa570178bccae55eadd7125719ab3c3feb6c0cf35b45e47688af2a223113a195781368ea68f9ca4c0df1a8439d3b54db0db46b0475fa46c1073877382fc5f4210a8c1f5ea33c654597dbeb8254e2120a624abd4052e079c3464a772a2ce3f2a1eb02bb893adcd9fa7337e0855a114286d950e40498408619d09de9347dbd1313377d9e5bd869dc8db1a4c958e86e3d635f7f9fd42c9aa5b98a26cab20c138f00bfc27e306e906d0346a13ecb5701661ed1ba50fba221f606b4e2f5df42a7a1549ad9fd3fe5e1d6f17d4c131f2363dbf926861c14d10fab46af269635b3028859e77cce8db1795db43b5773592d2973268d98c89916b54b312140603b93c56f9585c4f826e04d9efbca1f4c9d63b619a0a8649654b4abea50ebdaa9bffb35c8fe56235c4c1bd4646d6a56c0f9d7a35c95020cb67f96581ef4749c32e5889b606139eb7749f6f0ee835486b4011e64d28d418977f101fa6c3ae3d486d50bf5f15f98fe847b6639cad8413bc2b48ae8ae277d059d9835a75b256a6dd87bfb9473b9fcfb8a551c298f097a1f4ff40ceecf414e32564fc7d1f694cf530e28b2614eaa19f93b4036d66438b2920033bb3a64a158d116a4fcc6267ebdc773b031732782ad67a3cbfec00597e942cf9555216acd4b2efa7e0dfb87399085f0e814b0c1ccb341922d55bfd4bd8657b03f23f1c2fa0b13611d0b38dbb8c9672935cac4885a51f0f053e2a2969354f209786d00028dcdab672d052bad181851f2ba37c2ffd130144fdceab453934d292a4a903182b9a86a37cd96d3e0cfc1ae172298cbdc9872ddd75e9afec313d05e6bd2c952a284684c0db1a76236c933e8d5a59e3b467ce4420233bce6591a11f62b9f814735dccca5f1e0c14bb053876b5df3c82c7d263ae5ef059200f3681713b076b74f6f806e6700005063ea9642f2587eba010fd9cd6e91fa8b2d178d6fbad5630bc56cb1f5d6398d21b09aab8329bc2c16addc50a3135b5080d5c199b69d4ccec173f901d3916b3c0c84dad634d3774d536935a14be98ad3e8ea8939de5aded9565114214b5215bfc8fa795fe35009bd53b3f282bc8a43d0ae783c215a0832813631e25914a2ec9374d9a84a764ad24c1f0f549c67caeb4c0edc1d2b652c70151e12bc25584d2820ec95fb03bae35fde4c188a6a3677f8e846f4871c263408444c0cf16a303b77ee13e62fe4543199ff9738e828496073edff465d01e98086385bb8dceee17a96b7dfa63644f5bab527d549468b0028f10db425b81aaa4764359624c18033f164865db0f4680449f8391117b1a96ce6b0f7f03fe63f1df7f476e38c8e5163455f92f4f867fa61f58fe159fd2404af7952a0c7ec88dbe645de4715c5d4595540ac91f8dcfb2c068e194763342df5fd5de788659b8e54f584c8843b22aa83d4a13952a4de7e588ced82903aa5fc2d1b87934b952c332bf1e384c5f7b8544a53d22e4097d4f7f9e8ceb863f45eb48fc1b76eea547a70928c45df276e89dc9fcb6149f8489615aeb0551485c6e0df6f66ea7a7ee0c053815a6b2382cf0f12967e9894032121ad5183506ad208d566435a218e5990a97984d75da907ff99c6b5d4b08e7819ad5e7652db3bbdfb5a890c023057816b333a846e1f0445595803eef637f588e094f479c9c16afd0072bd345e0b4fff8421c4c5c6701cc18bb49c1af67997585a27091a28f29c93b22909739465791c794d1279f18c9510288fdaf1aaa05913eb783f0f464438a67392eb0e3f44463e91ec44133fb704d197d3b59c5cfe5d38eb5032d1464d0282854bfc78f2659cc47fbc6bed1362508e55a656f1045515b4fb2fd8b655ae109a72d408f75eaf23af16586ead97359c7ad7ed6087212df47a6f2e50a56504923390a32b2889553531e3d2cff4088f2e6bd7da022ac27ca94278592037d264287735c191cf20c169437b5d420759b6d2a104eb2e7ae647b5033339f3efcea9aac81654362d7fbffd9d5437d8c4a2c3f05ad0b780e2592b5144166636f568cdfd515de4c23965ee203c7c68b01baed106b709f2ddee6fd5f963e6b40618f6606fb4fa73dce57b6967979eb728f29aae2bf84b8e17eaee2b1c58c3b0920734a6b46a5a6f1ada1a9bae0d39a493e956ab7acecb35131f00a3caa4ee8555485d37f016e8497d21820df54e78d19050c83bc4e50f149d5fbd52f890bde6b7cce2a243aa8b7aab056a56f5dca0830abefc34f6255f472e5d380a401c8b1284753bb17c00af05e35de509b55916fe83462a2e88ce553b27ffc9c2a7d90f612b5ce28b1f6910d3071db255c73e6fab85111b5629202f8a0be5a14e02001772572bd6121ac7ffb87bf03254310a7da3cc8035aed11851f3f3018fc8b745346ae5881ab649b73aaf27e7ccd4a931056ae891618b50cc616f7a40d2faf1415d29b9346c19a40f8c6f363810fe2f8a0c5f38dd769f676f4dc028b09509e28044fd2e7bcdd56b2653d59b1a1b45ac888bfe34002739eb0dc25d5d111210248ea22d1e5dabc1a97b41886a712a4fa34fc5b34b1cb879f87cca8463749b1a664f7581ebb84265ce760f198832c4366e71decf60a85978b36c39656c55a6c46ae155e092510334db69b84b566da27f48d108cf25c32d408214d364a13f5b4342a0aa49cfca942db00e1a51b31a65658727967a4f3ebe3319750f66c40c72c70ac36e4762dbc02bf19cf438826a94c5fd18598620ee60738cf1b45f3f9c1d26cea038ce493184c7e162bc7d1b7d57c4fa9b18045fed18492220913cdaea637616218b25a1baf68903868ef33f9a023b3d6d9fa03113ea3ebaa8fabbea1c7fc50262c4004f068720687ec384eda76f92a736b71cc1d03ebe2f3bded3b7", 0x1002}, {&(0x7f0000001a80)="8ac3efc2f39ccd258a48f18597c3ff334ca0f75249cd2fb178b26d1f76da4624b28903cbcb417c282df2efa66adede02b105079e7486666d5d19042603765de18f312170d7944e0de20edb544086f054d1a385e8cae9fd7d03a79fcc6b56116d2337575e1883fa1d566b5d51", 0x6c}, {&(0x7f0000001b00)="5191bb723a9998055813c023b7b1716c5ef6450e4d4732e102dda5f0ba6c2f6268a4ab4678065e10b65151e32295ba74d5e1892bddfb5ba0dd733cf797bd25a6d380e59ebb14735f0d96369de4", 0x4d}, {&(0x7f0000001b80)="ff9e09fc4360417938b232f3995a8c402bb486cd1036bc1120a9321099d9e0e9053c55e0f6cb07260405b96075ab1c70b0cf7f06908185b45839ba71b7857c70", 0x40}], 0x4, &(0x7f0000001c00)=[@mark={{0x14, 0x1, 0x24, 0xffff7fff}}, @timestamping={{0x14, 0x1, 0x25, 0x829}}, @timestamping={{0x14, 0x1, 0x25, 0x200}}, @timestamping={{0x14, 0x1, 0x25, 0x800}}, @mark={{0x14, 0x1, 0x24, 0xfffff001}}, @timestamping={{0x14, 0x1, 0x25, 0x7ff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0xa8}}, {{&(0x7f0000001cc0)=@xdp={0x2c, 0x4, r6, 0x2}, 0x80, &(0x7f0000003e40)=[{&(0x7f0000001d40)="80151f095c9e737c3cfc1e5e60f24b74e1bc47df5d1158d86105b8b6d1d0fb8aa23af14dbda8cfc93eaf91263184b4c7115e3c62252fb324e23262a10ab65913add94bccc0ce68a028a2a5616a12f9db49274e2141941e3c52e6d1c437c07012b41717299761e36afa0d7747adfe27565d9f4432f6a2e10a61a16a29b365b8e5ef6311f9ac14b28e3b36de4346c3bfbacc94f0ffa08d2d634321ddb567562b8dca8b615349b886ccbb166c4cab4c53475febda837c94aa975b93e8326f2625fad6d90a2eff2fdc1345f2df2631cf796adac597d1f422a1fa3dc089d8910fa3c8f651738c5227a87750eb1607dd1491552810f82b201beb457992c2ef669cbe05a914d5a7ba8bf64c2bea3556ac9e0e1d4ebc6c9149e98629dce3c86b7a9a2823be76e24827c96e2b2ad9c6f21a1d200901a88ebf2cf421213e647033e7ac56b5a0555928d6baf3e393f0a91932ccda1306df341c27f3c2a48d2567cab7ecc61dc65c14c954ef7e9b8ceab28b0fe0c284d24378bb3a1fafde3583f429cd3f959f84fe54d2fba21fef8b4b66fdfe63bffcd4547f10ea8c7e7ffaf50feab6539eeacf5af8de85573d07a41032915ba4b4661662d598b84a8ff7e94aa3eb135a4b91af87e0ef74d0ffa11a84af8132a99c8e2506d4e359555d48efc5bb71399b471aac9f711585fe727717dec674007c843d4735ca5e6c8bf4e54fc6aaef1314a4365bff9cf1f6661af27fe2973da63c79841b9570d84b10ebedeef60c14b40f34113c98a8bafd662db6c770f043b6ed8d3e1ddc5e08f850b42db075c343b08deb630ab16c6f0ea0514927440db2e76660703332d2bc828ef9b923aab572e9466c5a2826e991bb9a70fea1ac84c8bc0260a8d90d3b72daadc8dfa145a1835b0b6b65bfc49035640ae8ed8ec7a926ae8107a7fec1607901aec60221eeed71b457766dd520213fdf532da7219f567afcaf2ee8111d7c3a73a39490ed75d46a51cbb7697e2d8b6cfa9cb48905609150e93bb1a930f4bad69255da614285ad62e6eb8e8cf1360080f70ce3987fce080234f95514af9d9f11a2b362b699f4942ecb2c094ec9a9891417f257affcbc13553b675b042235821886a1fd758568140664cc374f5d25c37007272331dfce1c3ee42d790fd6d46a9cdc9f606b765149825359b6848f9069b030a0c70419c67da05841e3147303dd8d8afae6cadbe933744ea66b098509d98c4779da25a458006210f863bb1794b8337a41c44de26917fe62e5261e1ebc55623b48d9f3b86738bba07c156c0e4d83bd2a852c2651fefa90d20437a7fc57ea3734f59159f3ca071f3e8f6a7d4d0a3c4833a2f8bacd89690e66c3cdf54426e6d129f13e207ba001e44a135089acf6e9c68ba97be90cf98a5f907fdb36a885c6b578b14566ada982abc5a6e762e07047ea0d768bde8d8fb8bf55d3e3246fa77b2469e0ba06c6cb85efd280921fb09e41415ea7ea40f9a0a726b087f80b8b0225f6e9864218f934e946af005a5c5532091dc5656f13f69b3f56d92c4825ae47e9ef9a4f1777493cc64afed797fdba5aeed53b248617cac3b691b4fd783e1310f4d4f3a4ed65ac7227dab1c82a869ff5e1249d3366c91bb06cb4714509a053bf4fb699a8f78cbed2adcdebef2343fa7cc54eb2ef7689687cabe8498cdf1f1e7abc925e7bcf536a5fb1e2f632756bd9cf146dc52dafb503a93df166abea93a4369bf7e3a4a0996751512611c76ba6028098c17ff1d0e0661c245defb5790f4d3d2c4dd0739709b0b62038e09826d9f709fec7633fb466549b1a36033c13bd8202b0273d3a1ead7ee409b56f84bbf542ece2efc8fd70a87c9b35d7ba89e9114d3c0b3cde1330efa18bf09061613129ff45d9b74cc4e7849da797cf323e8d4b9355b30129a9feefe1ff9d744f2f40f7c24e598ca3fc06b06cdd6b9176072660a7436e06c792d383d3dd18f1f810019a7495287a75f11a72cdc1798ba6e81788ac6365e94cc064469737ee51e2ea54e075bd5c2c56fa136ddd07550027a274b3d3632df5ef7af38f50e51d03292ca05322fb08478d4446ab3d9dd30088623cfa75b35c5be6a053530d040b4ee9c96601285d691639a8f182027e50b30b37e58a6358e3d30a58e489479ed7c5da0521875dd1fa56d3fd9ae808ab47f23d183f2331e24032bdf599a8315cbb59c66db960c7bf4ae3c935f5ec36e8f370783c79001b28be0be0071eec497e7f7feb0b139608360296e559fc3de92bea81103d97d9aec5fa5269922a952e1f525d761aa16dbcda40c077b5878c7e99bef3473254b09f3e73c26d5e03cc7bf1cc3d110927d7ffe985cdadb1d3cd237b03c979f11c8d9d998c1201b70913a7b707288c00456dbbb5812b4ebcd35be2d78dc87d2b1003275fadf67c6d725daaa45154d8bfa02e0ec239681a7692bd520676d200a26bb36317cffbec7aaaf31e647784c8b3e8dcf056d7f98f4d6a6e047ab97c93f36abac0771303be3134af55b04c3ca32f7be00728a796c280e14c06f2862151ba2440011a6459d1a3510447b98e3e25b38319f2454f06606caa9d516f4d2104b0005e9762b72d8769ce5c3e870e0437e4e37c81b3e93dfcb1e784086ddb6f35641b61d33484d30a7c63adf40964cb1936168fe2ad8d5e911ef97f304856559a89d824706d027dfb96620671874e2e780328969d812d3bbfdd078068b1c987c7fb1a74130a2563e0dea17458140c652baa1a1cd27651d9d6e93ca7ba3f863a67194cd8c36eb6abd44dabb45a804bddf7be22d35181eb51f3821ddf3a1535c75cfe1f47717dc900fbeef9669b6bf86fe3023cdf498c9244ed06ed78b497ef1e6ddf3c953f553f24b9f49402a6f2cb9b67e7d3df781ca46afed29e12b6aab073de18e24f44341d9611b610313223f6b04ef10d473b0961f29d184e8ea21bba17a062adf8cc4ea136a7b4c0b8a15cbe37eb6ab128bb0179f0d579ecd1db8e3b193c1d6f47d56486f395e13a2e23e032b67457eb7832ce8a57d1a4656b593bfca1e35959477223e04b542bc62adbeba21cc353ea9fe3ba51cbb2f08299ee64f8c76bf10343be5b8d0e43deca50fee731b492db9122aa16a10bbddd1c8b9f42951ca3c384c9e2cdc9ba6b007e6ac70d9cfc55088709b3032f2e605bd9294e197493104b6ec211c44358b0f74f99d1075347d083d61e31f74a77b2cebb1ce19e357261ff8fda79d59e93fcf719942fbbc07b1fb24df74bc1808ee08c4f77d934ba48c677eafb3f261320d7712f49b608ff88337e46f1117d9d380ca3736338a9f5f752b9a4715e0b054e6d480b6df21a9f82ca893e9d4fa44730831122c4325ad9512a552572a0cf0537210a28418227cadf48b7fe766f7cfa4974772e4021a90283709997ed9397275cfa22a9ad25e87a215467724b8dc12a40b8ffc8179a290da6ccc4b182029ae8d935814cc020fc682fac4f6e85f6a8998abf2a63d2beda576618ad3c64562eeaab88208b1094040daf52b9536676702c5bd86480afb31d6336862d2cf777b5802ac4c3614ab19d47ec9638e10c443f000336b778b74b9a8e1b42ebf8ea29575a2a5654421431ed04601c7b1b6251caaf757c389ed4d3b6f627956c8b1065026c54db8c41aaf72511b206e94a3c7c2a7707a3f5506a5feccf5b8752c6b86edb7e982605090ecf3118d8f98e98edfef150f3545ac0bf04e2380d62071f7ef38fc801251813c8b7fdf64039fe359d8f4539030ac01cdfec329ba9f72b0642ab8d120bff84a96063175a50747ee1d3f7f589c57449b04bc8dfff1b8302603f9a2ef7d1f478b769735860f8117eed6d837b8abe522153284f5c16a44d1b9644e97d9c2f6bfa5986b3f090ccbd04266f33e186bb50ed8be54c90a5f108ac01c58a56bb81869f8f5c9b553a278a71cc0fb2c881331b475c50aea964b2de9a7ba068d14d43e10008779f7c4e21f6d30ea200ca62170872dfe256c60aa724a045fd301a851a76fba265e270b34b2f1c763f139530ccb0b5b58fc36cb922fd75ac5c01c08327fff28e2171b233a0de5d71f7afb8523066e122ebad04a379d8886911c39d844ceb6eefef7bc55e58c0affe6a3f741ea98e748fedfc7246bdb724f974c3a26510753a09d3e7ebbbce273e1c18c048c51faf73e8e109590eac0919ef40dffd43f60d7fb6a2666861caa4c2a0b0e3e25f7be2173deac44caa8b4d36f08e3c88b3acc87b62d54f1a3c5f5c4b9206c0e4c611a69a3a7a30b574016554f2b9065a3d81defa9ab0cdc6b2fa597af88e87b49773804eb62985a8fb07eb3cf3cfaa9aa1b6b568087d4c17d911024d1f7249015b0d6d44d3c652f7e367ce333864d1eb76ea37938373e664765c617707bb6e5c755e7ff6ab568345a739785b14edf494bff58f12ff672c0b584f5ade81f09b01c3badf77aadabc00ce768cd6479b4f0ae3a885a9f553d9b265bff5f4ebbadc721201858942c3a571ecf3c44bc0646cabc9fa35cf1f86120e244ca70261769f3aaa0805c6a468c0b7464221edf78af33ee0ec24b982b7122232083ba107ee312ff19751cd3fbb859e75c4d1c341933face38493f6dff4e7bb8de48983d37fd3758cbd6ce55a4e08ebc3338a628e3d93d3efc6964ffa9e928a05e97f4728e9ae9020b2ca8e45638fcce136fdb9ba92bd7f868cec38b82a82e6a00d85d9a9774a3559f4d7099057d963bc272d989109efe630c707c6ca87b7e2c3a06cf5a26b4558a7c6d8c378cf048c567e09623c921129defbfd0e5246abbd6c31ab456bc6b675c8da3dec62ae1091be36ead67feac1e944a5bbe7ef49560a21c44a9a794865b222eb1a648b4c1ae35a89603af21bd4618c88fd28ef243358bd1c103a8bd4f99d7879afeb5fe3f3cb3021c2535e62362362a9fb94e7161bf35825a093e5a643466f47ce47a42fbcb59c0b91a4b3ca8bb67cdc0540bdba80e3f73573cf2e81075e5671f923e3dc672e79440983f89722388601f876b9423ac3baea72a77b4e8659f29f397e3104f8a1360e026f8707e7f2872d318131accbf19686f99d699d741cfa68a32a227c772d72ee437667e500fee1226f39dfe07115c21872bf9e52edb6f7d7614141fa3c2be329f55eaea9c683d985c073734595b687aff901f1c446a89d5e49b438d8efa7c5586e9f141661572b7d424569afc5eaa3c0840a48c8eb1df6b2e98fad41403972f0f783ff4b33db9d597e9ed772b19040bb0168f6607849bf0c7ea87e726adb92357824288068b892088caf528bee4b1b8a004443f963fade4121a56ea416e96ae4fbe72e35b127eef4f0c39a7ee2217592ff7c5e8f3c9eb702654804622c6dd6bb8034339a2dd0588c4018aaf6ea8b7b20476afa97d1cc418bc89cde79fa8006dbd869326f8c66451758bb3544272aa972b0095db837d889d8fb713cb64a40b5684a3a31a94a57a18e5f831f0a380411fc7217f53a5b8dbb4e08ca88e7cb34494d7b00fd3225dd7c8d275ce0d385421463701d485d3ae635a41406d6031277ed8468b394af43cc348a9702debabf90b44a3117175e4bba4c0387d29c43128211d058151338ae1ce4fd79b416652304dadee59aef44a4dba1751df76ddcfe070f4a1e3efa07895645bc1ad1ef2a30d60c3e7be4eadef63193cff4ef5d631dad8206617f2e05e3a89f9a2810eec5ae37aeb57f753093e7d31209587b10b5623cabd6cdf19732f0c926b52a546d38bbe989e6f60c082d38a54a07779ffc9dc11aac3d74a5cc31bb34763c20b0b2fa6d52a6a76fbe1076b5fcae135efdebf2fac3363a1664d4e9", 0x1000}, {&(0x7f0000002d40)="8f19b82bbd994175293778bb3807a0c89ab1425f8638b1491a806aae1873e18fb3c4c10dc2ab861fbcf4f74e848b187cb50b5960d875bb5117d2f7252f50c114672545b2a2f5a9fde621d25108cb3e35d7b4b97e56e8317ff8c199fd175d2ddcbb3c66b30e58d49b8490f76700eea6f3453fbaaf5390072dd03c9444b5c87d6162e9913c039386b6084b100240af27b58f7053a9dfd2f52f7add8ffa4b3621afd6155e9e234ec06d0610a9481922d95a8929d6512fff2128a6387ec1646e842d91a730eec245a3f8ad3ec352107cb0d5a55da9c7d7134e1f010b1f8c71e6caadd7b6ca2bebe8dda5ad82b79f2f2b997597e28f54c9e4d837a28e9df3c19da4f09ed7f87bcd136f5635b774f3108726b519d81e1b572a70fdf65e6b13e8095f2c09b35c384a11b3d290847a0180e5b56d5750a33a0743b262f8252766dbead02fd471419d88031e2d012130b05c07da9a10d862fbfde2ab114820527b9b606ccc945bd3c3b75bf92ef10fb7d358a4187be486c54d7e42a22216848e298ddd6b331ba2208e3496a56b9eee84f27e9cfd227569bf954f7a800a1fbcdfbf450de3b14c914f0e686f87406092f5ee4606822536a8b2a1b1a55f91c61c23e2f73606d7d43d403c7533daff0d4027c3653f10fa4a88150dedc954ed16eb38cadb67c26cf0764cd3f7ae208c9ae5f5fd82a2799aa2c7142e49986be3062cb0bd82d7ca339ea8d0550301928db617bf31db94afae491ae8adde0abf4623274fa7e4daaddbe06e4556d740b357f40266984b8e5467a4a9aff9fa65bef1463650abbdb45bf28e07039da85ae959d1b7369d1bd799e48dd15c33974b39594466f5191f10bb69b4c8031f953f58d548c0dc8b833c29077ed7bb5afc69a414ae5bbecf473a33cc3fa69488f905625e160ed312b4a559213f7402f903f0e7bd3d9513b4423fb16548ba1c628af878662cf20de88a8343bb650610a5f69aef7f01f98f0c4b73e33e619c5bc0f98640e321bd8423d19d2a4c178eed94cd7d61aa3ca284dd8be3a073e3dbc518a073805d3827ed797a021d52dd43202ba6eddd9b6a2ae04134a4514fb00066377c090571f3b075cadf5b32545d75f90055242939c534d923a05fc141567908aaf381026c84e7795f2494af533989351c692560b562138ed77e163c2c1e6ed49ae1d70b6b73fed580d6562af3d41d5bcc8280928be86eabf73ac0c837bb864d2a4707a16f11b95a06a045c6d542d2e45b49053d4f33b4d4c595e36932bada0f056baf3b3599285d3eb4fca88a1de2e19bccab675a843e74affd85d42e9281118afd221ee9de6d4670bb1cdac13eaab619443609c1867f6ea948f750d81739cac800efc8e08fb8cde8b164eec7c527eada029ca85768afe611013cd145ee371d222a72e8ff98c194027a890515dca3711493207ea01918e633865eb36ae32c51899b2d2d3e2d5f192648b7c987f862a117dcdc9bcb8e16926d00e53306929db16f342f233679edf83e62b15a0cca6b86f574476f1958bcb155c7e7019fc9865d2dca8ab1fa9b5711107af8b1def3329d1d324cbb129823bb5758a18ac99ca4735ecd140d48a3a7a0868cea6e1151a4342c35074dc59660613ee04e21a7448728bb9cfd5c3152994d1f53ea4a0ddb69d30a6b29a1826cead41af310ee3692208089f6b5043812badb9086966a6200efb5a9d6377c624fd486658077868e8a42c94c599d0b5181630bf1e671fecfafd293c631a504773c4e881423e5312e6e59afe3e065fabf653cc29bb75a5d10b9f130211211302595ab75d7422bee4dd0f905fb0d0c86aa93270071b7ca1a1970f4d147238aad2f37bd6b64992bf62a2454229b9d1cc0bc89123a640a2a324a957f327eec95d960d9fecb832103243de890842768f5a5a84046352c57e439dee3e9b2031aa8251b257b9945b4cb4861df59691a2738beafc20dee9bb38af6e73f96a5c882f64ed37d7cca40e64e2bc48b594e27ae3774d2ac0fc086d390a15b307aa492e0fcb3bf44e171cb368f17687cb004b5e276951581416aab711e03c254edec020a8841eca7bdb215504fcd26e84e19fdb178a68d1ba9da27ab474dc8606e9d135296ec3f065628a1d44fa4b8aabfd8ff766cdb9da09a8c3c11cb704e104ff57b8e47bf7efddaebbf218c89ef92cb7c2d4430fb0f93dc1c31f41dec2cf787124a3216cd0d2a01d0486808a231523abcd237ec6b3de805a61dc988f3bb510e2f25384674296c70233ba0db702081b3a15cf1d59571216d01450d271901e059a51747e695bec02779bc8a0b4e1d0b34734d3148e6537a3ea2e1fc7e5340c3817145f6c2044cc6557bef81e6918885f105d9f7a62dc7c175bb2df1405bf62f124fc26f1d51cc8e5e64876dd52f6be18ea76f1c91f74f1755f2ecc4e76e0a9a19cd37029d892d393d98c34dfce7a067c74bba1718d0e59447433e00be611fca1d7a4e04ff3e3cee7ce8ba75ccee9150892a3910aec73fd853757b8b1f5d80227eca432917ef478774b5804dff01026f91d9eb31937fd139d86a71558bee89df47745264c0924ae31a419da87aab766ec1d36be73d684f7035f3b7ba67d75203e501ed773b64a88b7019c902fab6611501f10f8a3205da652e0bda96fdec2912b2d4b46e22fb2b1d96454470fb75eafae655b224ce9128e5c0983186a525be11dd7b96d8df771d10e6a33b0df2a87795e51d0e62b77f8d5f00b98519b3302708b770f26fd00606c68cf9dd30167d4386b339b7b714c59213c48abc6ba6b413559391c11741ad1ccbb09aa7b80c484e640334f56fc14c4b3b27d84c4e43e327360c8fceb065ec4e625e882a8d2c82ec781845288679d1ea4cae02bb4a17271f0bf41b0a36c46e0b204a1fab0ba387d9302734acbabe2c7188f21f279e50c255ef5c93e3737280278febeebac122b1d7d7f84425cb0b4eaef3bd41ece4f6430ce50cd52501d47c6ea598d7c8075f208212dbe4775a52d9044218ad2b947349c7b10a7c80564ab103b450ed2d661fed7ef48edf19e469318e0739c839615c286c710d3087c8f2dbbb2ab609013929d677f9cdafb283441c6023b7036cc400aefa86c50a5555d7e1ecfe823c5a6189d4b2daa91362c704422774c8d1060449175e9c2ccb819e4dd385b98c8015c8b9c3bf47c8e1c30afd95275b6d9297250b4d0ccfd5492bb7740e12a1b6165932dfcc69183be58674de2dadc41d8b796ae822b2ffc7dbb445d8465f48b1366f917a8209adb363379c2e1385611236e39379ad22f3fe5e364a43ec66ae21b56d2386f12a1c3b16aafb4458146fd32aee7822427bf45147492409483c2adb77b7b9d38793950f46e6d4c91355c11b1463e764df4300dc1f0e8f4a996078f898fa2b9675b9588af5ad14d61ceadc1ec243b855a8ccc569e144d977b314a949d670b30dd3972e457918c431414cf11d6ec469117cd95dfabb27eee7eca8d13c8006677b62c3fc77d495885bb1461b095dd2584db3e664af5d8284c23060beb90c420279341245f1def04f3076b94652be07baed78d59dc25fbaa2821ba50efea99f89ce83e3f1ede4ace237016d135b3c300d6206d420882d55577be4f339bdfbbc8fe82ba966387f93c90b6a5924d36ea116468dd79c3f757a79494bde35fcb9eef0dbc8112627f3cef8968f278d876d04b007ad2736ab09c710e793ba73f7fdb71afb0eba94397acec3f6f494ea2d97c2cee1f29388b1197daa43d534a0e0c71f066f3e106a3489daccbcbb2253981f374bedec6515ec6d692095feabd6cbd883666a2c80c50a8eac4f2725a7d2ea36bb67f719b8a4036b7bec419fe7e5c9e5752389938fb542711579c7ec2fc07e68157ab14313cd78f82bdf395e65960937c4f246cba77544c842ebb651389a86f26e9e2be6a5207578a7e22beba0704f54f731906572a34c75e2febee23e5d116a6da038c90aa8fc423983c323fff04fb69dbae114e17d34ebf5599aa259bc0bc30005a747c8d532b91ee09d9024e6a4e8365bda06d4a07d027f780e71a64bc893defa3ee797e77053ab4206a931dea4e0a0e37c70c6621c327ea53d9457d8ff70679f3dae0d826feebfa609563c45209d283c50eaa046ebe9b6abbdc83646d6c45a99b492310ec96bd31db8226944090642bd3c1709a12b9768ae79aa6d7e00b951a5a8e521d20d54b3b697644f8249a1ef8eef8bafc8eae9404400976102f92ccdd903cc936cd550016013286528597893acf06a9b9dc3260d02fb243b83594cef199b1391115688a2b99fcbfa8270f7a67b72c315eb998d3dd92377ddbede14bd09ae6ac36c5e7364caeb66b37bdd18d2e803fbc5827c91ca94340a3f094d220eea6dc87990dbb66fb88afa6112c84dc57a39ba8cbab422094e5656d677a4aca324d4afa397ff37a40193b47fa4f4681dac7e21d984cb1c35e34474bc8d1ad4ed02ea51904f907189f98931ce14d3bb0050cbe614460203b8cb10637a10b4c2b36eca2887dfbb6662fff69cfe3200c5b43661c6b8590297636aade0aff0b10db74a6a634eb5abf3a75041331d647bb7d44db4637a5b4cdb17aaaa2c4e7c1a0c70d181821360e168948319343741ca18323c171337c7f5af1dbd1b367cfd4790c481985680880b2d47a200a6fb065cdcb25a461bd89c9f03d8cade469de5b82c5e9e952b671957147a7f780a5ca7a45337479c3d2005de74ed2bb61b2732e3f393832c16c83e7aa87104f399a14840111554b6153dbd591da22609c394e80537ecf061dfda01335c04343af7c626cb9cdd34894653ef0de23662e4d211910f6209557688c9d6c7059ff90744640c43b88ecf17cccec43a86cb249ce3eddad8d3c1a79793bc460020e3555b35491ef8ea1e8e749ec904e13bde71719ce7c6c6dfc0f21ef8ad28acaeda6a13debf53d152f134ba31c66ae72998e4e5990c1cd5e35711fbc2e5ea490c812000e7726f194248c1bc21c9ff499813514b4f7b0e0624b1e6ce49220032c9ccd5df857a85048a4d0098a1f7ac1f74dbc04c6d25fbc0ae825a4067ede5f053ba702e2ec9e787a8bb4d2945f3520297587a16d90d55d3712d3b142fa9f556dfd401531b4380aa779f83eec8b48c6487aa6c292f1dfa94302bb06748269446fbd742f1044505e0abb35fb376cb738f703527ab18b5a43a88a58b9f4db2b16371ac21c9974eefaae14b0c503b0a4668929ad404464db12f51a3fb97915caa7baa3e561efdf5b6289d4efb61244d7168096e3aab32aceecb9c0ff23e1836c83c853c7226f041dc2ee38c3e13f77d7845e2911eded06cda28bf55dc854a8057dc71232215b4addfd8d53422f80f09e8ed01d792837af72631cdb112ea43018565ac9709ed49827cd3bb5b13ac87a3259896337ab68f762c93bbd4b864e756a39fc6c41df46ad2a1b395fb36bdbac23ac107fd649c7dabe3f3f7793cd03da5d5ba961b71af4d1bd76e06ae444f4bf79fa4739cf037d0198a116ff837d96e50bfb9ac2aaa13253579d7478b72cc40e4c6971ec5b5888ee9fd313f49488a1b8f228709f0ae3208bf59f872d041c9bf529026519c633df1c932e23d657723197985eed9968d6da58e8ec344a65911d54eb5c81dd04819b3e6faed148eafda3b2681ce6c3ea8317259778aa8d09838910843ab72e821453882513f383902c7ddce457de5dc986242ddaf92b68e6da8540fbadda795bf05038e85b3997dccb6b5560908d15632c7cd98f0114f5b26b1b348e2c0441e09a6d510485b94ad790c5ab050d37200475875e3477e85ef8ee92b52", 0x1000}, {&(0x7f0000003d40)}, {&(0x7f0000003d80)="0087a7850ba7f7f9a3a40c464228fd4b0fecc4263cb8355e993cef6dcde867c12a5b22fc20ed7d8e724c2a6871497c75b1551d155e7091d8d11a7033946c76183920f62859a1cbd9ba26d41a518ff4e4527571a5ec8d738d7e6d92bae0830688405e92ca25aee47172b5a96ffb52f07e807274a981c0543fd7a6de0d9846c0bd8aa022bfeff40ea1376994b19f5fc14c5eb8c6a6a1734225a6afb5f20494e9c0e717930030346fe5eb436bb45894b2b893282c338a44", 0xb6}], 0x4, &(0x7f0000003e80)=[@timestamping={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @timestamping={{0x0, 0x1, 0x25, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x8000}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x1ff}}], 0x90}}], 0x4, 0xe800) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) openat(0xffffffffffffffff, &(0x7f0000004080)='./file0\x00', 0xc00, 0x1) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r9 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r10, r11, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r12 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r9, 0x0) syz_io_uring_submit(r12, r11, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r7, r11, &(0x7f0000004040)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000003d40)='./file0\x00', 0x15, 0x18200, 0x23456}, 0x798) 21:25:45 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = socket$inet(0x2, 0xa, 0x0) dup3(r1, r0, 0x0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "4f7bf276468ba45b", "af7991b2aadf8f1738d310b6acb3598e8908f0a603fb5c5d1c07dbe8c7e529e7", "b03fa640", "979daf3211e02e81"}, 0x38) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='setgroups\x00') pread64(r2, &(0x7f0000000040)=""/238, 0xee, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0xa4, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "b4bd82f55e482c515425dd7a468cab3636cba89c6fb2c34f"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "b5e513d3f9ea5fbc7c8b68f6c8bc065970f124bfaad3b659"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MNTR_FLAGS={0x28, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}]]}, 0xa4}}, 0x0) ioctl$FIOCLEX(r3, 0x5451) 21:25:45 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) [ 1313.166206] kauditd_printk_skb: 41 callbacks suppressed [ 1313.166226] audit: type=1326 audit(1778448345.378:3071): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.167007] FAULT_INJECTION: forcing a failure. [ 1313.167007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1313.172179] CPU: 0 PID: 8343 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1313.173153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1313.174306] Call Trace: [ 1313.174689] dump_stack+0x107/0x167 [ 1313.175212] should_fail.cold+0x5/0xa [ 1313.175751] _copy_to_user+0x2e/0x180 [ 1313.176292] io_uring_setup+0x11b5/0x2980 [ 1313.176879] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1313.177587] ? wait_for_completion_io+0x270/0x270 [ 1313.178286] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1313.178320] audit: type=1326 audit(1778448345.391:3072): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.179032] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1313.179048] do_syscall_64+0x33/0x40 [ 1313.179070] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1313.186116] RIP: 0033:0x7f38f4330b19 [ 1313.186638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1313.189223] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1313.190292] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1313.191298] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1313.192301] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1313.193303] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1313.194302] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1313.203800] FAULT_INJECTION: forcing a failure. [ 1313.203800] name failslab, interval 1, probability 0, space 0, times 0 [ 1313.206474] CPU: 1 PID: 8350 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1313.208095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1313.210075] Call Trace: [ 1313.210702] dump_stack+0x107/0x167 [ 1313.211586] should_fail.cold+0x5/0xa [ 1313.212492] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1313.213724] should_failslab+0x5/0x20 [ 1313.214625] kmem_cache_alloc_trace+0x55/0x320 [ 1313.215735] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1313.216949] ? io_import_iovec+0x1120/0x1120 [ 1313.217993] ? lock_downgrade+0x6d0/0x6d0 [ 1313.218971] ? do_raw_spin_lock+0x121/0x260 [ 1313.219977] ? rwlock_bug.part.0+0x90/0x90 [ 1313.220975] __io_uring_add_tctx_node+0x2c6/0x520 [ 1313.222110] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1313.223345] ? alloc_fd+0x2e7/0x670 [ 1313.224209] io_uring_setup+0x1fbb/0x2980 [ 1313.225183] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1313.226358] ? wait_for_completion_io+0x270/0x270 [ 1313.227531] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1313.228747] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1313.229953] do_syscall_64+0x33/0x40 [ 1313.230826] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1313.232014] RIP: 0033:0x7f606cee6b19 [ 1313.232879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1313.237131] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1313.238887] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1313.240515] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1313.242152] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1313.243807] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1313.245443] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1313.261385] FAULT_INJECTION: forcing a failure. [ 1313.261385] name failslab, interval 1, probability 0, space 0, times 0 [ 1313.263000] CPU: 0 PID: 8355 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1313.263902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1313.265020] Call Trace: [ 1313.265381] dump_stack+0x107/0x167 [ 1313.265866] should_fail.cold+0x5/0xa [ 1313.266371] ? create_object.isra.0+0x3a/0xa30 [ 1313.266994] should_failslab+0x5/0x20 [ 1313.267493] kmem_cache_alloc+0x5b/0x310 [ 1313.268035] ? io_wq_create+0x114/0xc00 [ 1313.268558] create_object.isra.0+0x3a/0xa30 [ 1313.269144] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1313.269819] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1313.270487] io_wq_create+0x6ef/0xc00 [ 1313.271001] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1313.271663] ? io_import_iovec+0x1120/0x1120 [ 1313.272239] ? io_apoll_task_func+0x2d0/0x2d0 [ 1313.272820] ? __io_req_find_next+0x300/0x300 [ 1313.273402] ? do_raw_spin_lock+0x121/0x260 [ 1313.273971] ? rwlock_bug.part.0+0x90/0x90 [ 1313.274530] __io_uring_add_tctx_node+0x2c6/0x520 [ 1313.275175] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1313.275854] ? alloc_fd+0x2e7/0x670 [ 1313.276335] io_uring_setup+0x1fbb/0x2980 [ 1313.276881] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1313.277533] ? wait_for_completion_io+0x270/0x270 [ 1313.278175] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1313.278859] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1313.279536] do_syscall_64+0x33/0x40 [ 1313.280031] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1313.280715] RIP: 0033:0x7f2d330fab19 [ 1313.281198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1313.283617] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1313.284606] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1313.285536] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1313.286465] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1313.287414] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1313.288364] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1313.292530] audit: type=1326 audit(1778448345.410:3073): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.301195] audit: type=1326 audit(1778448345.411:3074): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.308510] audit: type=1326 audit(1778448345.411:3075): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.317409] audit: type=1326 audit(1778448345.412:3076): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.323630] audit: type=1326 audit(1778448345.412:3077): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:45 executing program 4: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="100026bd7000fbdbdf2513000000280007800800010009000000080002005c07000008000100020000000c000400fbffffffffffffff2800058008000100756470001c00028008000200380c0000080004000000000008000300008000001400078008000200070000000800020007a315335dcc3847885f05683d7b10966b2f3f52db42a5296ad7c8ef00030000010000000000007800018008000300ff7f00001c000280080002000004000008000100180000080800020000000000160001006574683a76657468305f746f5f7465616d0000003800040000000900000000007f0000010000000000000000200002000a004e2100000000fc020000000000000000000000000001330100004bb0530bbdd917ff8ace8e8bddf293683971bdc18506532faacadbbb0aafbb92945f3760887e39e6d0633d9c815935da0af870c8f4aab69c8cc4fbf5fd347d93c40cee3a07bbe25139b63a7f57c3bd83157238bd9a10785190cead367fd337d8dae11051e1658b15a95a2f20cd3383171e4d88d3a10b6323cf12d3356e2f51ec7f17ac30a65f7b22b62bed"], 0x100}, 0x1, 0x0, 0x0, 0x80}, 0x45) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r2 = syz_open_dev$vcsa(&(0x7f0000000340), 0x1, 0x5a1000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002ac0)={&(0x7f0000000040)={0x1c, r4, 0x709, 0x0, 0x0, {{0x5}, {@void, @val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_DEL_STATION(r2, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000500)={&(0x7f0000000700)={0x118, 0x0, 0x2, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x3, 0x29}}}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0x100]}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xbd, 0xac, "012a173de371f9dca5ec62354b22fce7fe28ae51bf5d854a9125e117924350f84e45ccb48df84ceb3b07772e77dffccdbbee7350183a487eff3ec4bf0c21b4c5e64b51736713e39eae2876d5aae59ae0f20f073b7cd15b961e6a30a0a1bc22220b6aa27def1aa4f6ffcf50bf3d6ad3c5f2c22e69c2c7d3573a3b8f94599c8c8fd9a91665b90ef11afca0ae50b424de0951273bc76347835dd7c841f7bc1423d4778a0c8d4f3e74351cdabca6d58ccf399ef3a25e2519a48b15"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0xf800}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x2, 0x1000}}]}, 0x118}, 0x1, 0x0, 0x0, 0x4040011}, 0x40080) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002ac0)={&(0x7f0000000040)={0x1c, 0x0, 0x709, 0x0, 0x0, {{0x5}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) r7 = getpgid(0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r9, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r9, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r10 = getpgrp(0x0) pidfd_open(r10, 0x0) fcntl$setown(r9, 0x8, r10) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x58, r4, 0xa10, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x1, 0x48}}, @NL80211_ATTR_PID={0x8, 0x52, r7}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_PID={0x8, 0x52, r10}, @NL80211_ATTR_PID={0x8, 0x52, 0xffffffffffffffff}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r1}]}, 0x58}}, 0x40044884) [ 1313.328657] audit: type=1326 audit(1778448345.412:3078): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.332627] audit: type=1326 audit(1778448345.412:3079): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1313.356265] audit: type=1326 audit(1778448345.470:3080): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8345 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:25:45 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f604600000000) [ 1313.391290] FAULT_INJECTION: forcing a failure. [ 1313.391290] name failslab, interval 1, probability 0, space 0, times 0 [ 1313.393786] CPU: 1 PID: 8365 Comm: syz-executor.1 Not tainted 5.10.255 #1 21:25:45 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, 0x0, 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1313.395260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1313.397263] Call Trace: [ 1313.397847] dump_stack+0x107/0x167 [ 1313.398657] should_fail.cold+0x5/0xa [ 1313.399510] ? create_object.isra.0+0x3a/0xa30 [ 1313.400518] should_failslab+0x5/0x20 [ 1313.401355] kmem_cache_alloc+0x5b/0x310 [ 1313.402257] create_object.isra.0+0x3a/0xa30 [ 1313.403243] kmemleak_alloc_percpu+0xa0/0x100 [ 1313.404234] pcpu_alloc+0x4e2/0x1240 21:25:45 executing program 4: mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000004, 0x10, 0xffffffffffffffff, 0x30301000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1313.405069] ? io_async_queue_proc+0x80/0x80 [ 1313.406149] percpu_ref_init+0x31/0x3d0 [ 1313.407025] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1313.408193] io_uring_setup+0x14f6/0x2980 [ 1313.409095] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1313.410173] ? wait_for_completion_io+0x270/0x270 [ 1313.411241] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1313.412356] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1313.413457] do_syscall_64+0x33/0x40 [ 1313.414253] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1313.415353] RIP: 0033:0x7ff29b41cb19 [ 1313.416142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1313.420073] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1313.421688] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1313.423198] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1313.424702] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1313.426203] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1313.427719] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:07 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:26:07 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) [ 1335.292129] FAULT_INJECTION: forcing a failure. [ 1335.292129] name failslab, interval 1, probability 0, space 0, times 0 [ 1335.294575] CPU: 1 PID: 8384 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1335.296027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1335.297786] Call Trace: [ 1335.298349] dump_stack+0x107/0x167 [ 1335.299137] should_fail.cold+0x5/0xa [ 1335.299955] ? create_object.isra.0+0x3a/0xa30 [ 1335.300922] should_failslab+0x5/0x20 [ 1335.301728] kmem_cache_alloc+0x5b/0x310 [ 1335.302587] ? io_wq_create+0x114/0xc00 [ 1335.303443] create_object.isra.0+0x3a/0xa30 [ 1335.304363] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1335.305443] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1335.306527] io_wq_create+0x6ef/0xc00 [ 1335.307352] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1335.308421] ? io_import_iovec+0x1120/0x1120 [ 1335.309343] ? io_apoll_task_func+0x2d0/0x2d0 [ 1335.310286] ? __io_req_find_next+0x300/0x300 [ 1335.311233] ? do_raw_spin_lock+0x121/0x260 [ 1335.312132] ? rwlock_bug.part.0+0x90/0x90 [ 1335.313027] __io_uring_add_tctx_node+0x2c6/0x520 [ 1335.314036] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1335.315157] ? alloc_fd+0x2e7/0x670 [ 1335.315935] io_uring_setup+0x1fbb/0x2980 [ 1335.316815] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1335.317875] ? wait_for_completion_io+0x270/0x270 [ 1335.318908] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1335.320029] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1335.321126] do_syscall_64+0x33/0x40 [ 1335.321903] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1335.322993] RIP: 0033:0x7f2d330fab19 [ 1335.323770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.327615] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 21:26:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, 0x0, 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:07 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) 21:26:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = syz_io_uring_setup(0xfd04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2c5}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) pread64(r1, &(0x7f0000002880)=""/4096, 0x1000, 0xffffffffffff0001) r3 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) syz_io_uring_submit(r7, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r6, &(0x7f0000003880)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r8}}, 0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) io_uring_enter(r3, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0) recvmsg$unix(r0, &(0x7f0000002700)={&(0x7f0000000140), 0x6e, &(0x7f00000025c0)=[{&(0x7f00000001c0)=""/235, 0xeb}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/143, 0x8f}, {&(0x7f0000001380)=""/21, 0x15}, {&(0x7f00000013c0)=""/110, 0x6e}, {&(0x7f0000001440)=""/204, 0xcc}, {&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000002540)=""/127, 0x7f}], 0x8, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x12040) sendmsg$NFT_MSG_GETCHAIN(r9, &(0x7f0000002840)={&(0x7f0000002740)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002800)={&(0x7f0000002780)={0x60, 0x4, 0xa, 0x801, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_COUNTERS={0x34, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x81}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x40}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x40014) 21:26:07 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fe04500000000) 21:26:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) [ 1335.329210] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1335.331011] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1335.332526] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1335.334018] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1335.335531] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1335.341774] kauditd_printk_skb: 15 callbacks suppressed [ 1335.341793] audit: type=1326 audit(1778448367.554:3096): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.345685] FAULT_INJECTION: forcing a failure. [ 1335.345685] name failslab, interval 1, probability 0, space 0, times 0 [ 1335.348540] audit: type=1326 audit(1778448367.561:3097): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.349853] CPU: 1 PID: 8391 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1335.349864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1335.349870] Call Trace: [ 1335.349902] dump_stack+0x107/0x167 [ 1335.349927] should_fail.cold+0x5/0xa [ 1335.359596] ? create_object.isra.0+0x3a/0xa30 [ 1335.360560] should_failslab+0x5/0x20 [ 1335.361364] kmem_cache_alloc+0x5b/0x310 [ 1335.362240] create_object.isra.0+0x3a/0xa30 [ 1335.363192] kmemleak_alloc_percpu+0xa0/0x100 [ 1335.364148] pcpu_alloc+0x4e2/0x1240 [ 1335.364954] ? io_async_queue_proc+0x80/0x80 21:26:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, r0, 0x8000000) r4 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x3, 0x0, @fd_index=0x3, 0x4, 0x0, 0x2ae, 0x4, 0x0, {0x0, r7}}, 0xd19b) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x7d, 0x0, 0xda4cc742, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r2, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000000)=r2, 0x1) [ 1335.365885] percpu_ref_init+0x31/0x3d0 [ 1335.366883] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1335.367262] audit: type=1326 audit(1778448367.568:3098): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.368055] io_uring_setup+0x14f6/0x2980 [ 1335.368097] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1335.374854] ? wait_for_completion_io+0x270/0x270 [ 1335.376103] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1335.377428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1335.378732] do_syscall_64+0x33/0x40 [ 1335.379677] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1335.380953] RIP: 0033:0x7ff29b41cb19 [ 1335.381885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.385333] audit: type=1326 audit(1778448367.569:3099): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.386479] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1335.386505] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1335.386519] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1335.386533] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1335.386554] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1335.399881] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1335.412851] FAULT_INJECTION: forcing a failure. [ 1335.412851] name failslab, interval 1, probability 0, space 0, times 0 [ 1335.415713] CPU: 0 PID: 8393 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1335.417310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1335.419068] Call Trace: [ 1335.419651] dump_stack+0x107/0x167 [ 1335.420432] should_fail.cold+0x5/0xa [ 1335.421261] ? create_object.isra.0+0x3a/0xa30 [ 1335.422240] should_failslab+0x5/0x20 [ 1335.423074] kmem_cache_alloc+0x5b/0x310 [ 1335.423947] create_object.isra.0+0x3a/0xa30 [ 1335.424872] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1335.425955] kmem_cache_alloc_trace+0x151/0x320 [ 1335.426967] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1335.428051] ? io_import_iovec+0x1120/0x1120 [ 1335.428990] ? lock_downgrade+0x6d0/0x6d0 [ 1335.429703] FAULT_INJECTION: forcing a failure. [ 1335.429703] name failslab, interval 1, probability 0, space 0, times 0 [ 1335.429889] ? do_raw_spin_lock+0x121/0x260 [ 1335.433577] ? rwlock_bug.part.0+0x90/0x90 [ 1335.434490] __io_uring_add_tctx_node+0x2c6/0x520 [ 1335.435529] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1335.436625] ? alloc_fd+0x2e7/0x670 [ 1335.437418] io_uring_setup+0x1fbb/0x2980 [ 1335.438310] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1335.439393] ? wait_for_completion_io+0x270/0x270 [ 1335.440457] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1335.441575] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1335.442667] do_syscall_64+0x33/0x40 [ 1335.443652] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1335.444731] RIP: 0033:0x7f606cee6b19 [ 1335.445524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.449395] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1335.451320] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1335.453123] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1335.454947] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1335.456785] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1335.458594] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1335.460453] CPU: 1 PID: 8394 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1335.462126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1335.464143] Call Trace: [ 1335.464176] audit: type=1326 audit(1778448367.569:3100): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.464796] dump_stack+0x107/0x167 [ 1335.471004] should_fail.cold+0x5/0xa [ 1335.471946] ? __d_alloc+0x2a/0x990 [ 1335.472835] should_failslab+0x5/0x20 [ 1335.473757] kmem_cache_alloc+0x5b/0x310 [ 1335.474751] __d_alloc+0x2a/0x990 [ 1335.475602] ? find_held_lock+0x2c/0x110 [ 1335.476601] d_alloc_pseudo+0x19/0x70 [ 1335.477537] alloc_file_pseudo+0xce/0x250 [ 1335.478536] ? trace_hardirqs_on+0x5b/0x180 [ 1335.479599] ? alloc_file+0x5a0/0x5a0 [ 1335.480558] anon_inode_getfile+0xc8/0x1f0 [ 1335.481592] io_uring_setup+0x138b/0x2980 [ 1335.482610] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1335.483084] audit: type=1326 audit(1778448367.569:3101): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.483836] ? wait_for_completion_io+0x270/0x270 [ 1335.483894] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1335.490721] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1335.491987] do_syscall_64+0x33/0x40 [ 1335.492893] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1335.494131] RIP: 0033:0x7f38f4330b19 [ 1335.495041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.499515] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1335.501350] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1335.503078] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1335.504793] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1335.506511] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1335.508220] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1335.528076] audit: type=1326 audit(1778448367.571:3102): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, 0x0, 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1335.546095] audit: type=1326 audit(1778448367.571:3103): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.560488] audit: type=1326 audit(1778448367.571:3104): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1335.574085] audit: type=1326 audit(1778448367.571:3105): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8388 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:07 executing program 6: pwrite64(0xffffffffffffffff, &(0x7f0000000000)="aa047fe267cd74d810dacbf7ff690843e3e8c85d7a18883c06b2f4b9336a4693d9fad4157bb4e7109e04434413a84919a4b8acb5d9ac86911975a899adb059463e02ae23663235075b03f7de2191584359ae859beb35cb72894d2231080bbd9aa3b5a47f73", 0x65, 0xdef1) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000180)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f00000000c0)={{}, 0x1, &(0x7f0000000080)=[0xcbc], 0x401, 0x6, [0x9, 0x6000000000000, 0x7, 0x8df8]}) 21:26:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:26:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = mmap$IORING_OFF_SQES(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x10000000) r2 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000001540)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, r0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=@hci={0x1f, 0x1, 0x1}, 0x80, &(0x7f0000000340)=[{&(0x7f00000001c0)="4613328acd6ab964cfdfd683929c9fe31b9fa17ece05e4fc889e606e45dc8198ae1b56f85900f410e26f5319c7b7b7a38ad821b37c9859193274384c40d0940403f7f1c8fefef514b061e0004bdb", 0x4e}, {&(0x7f0000000240)="a1c148eca72968d34a181f08aa27139baf443e605bac07ed1cde5f8dfc057cb5749d300a3c599252f847951e2d8de2dea33abf254477eb649020819b812698a5d8c161c450e5f5353d388667b2b23709bec87e7286f4ca8b15530c85e4416231f6268813d607be49607ce475963e829147e872a04759feb90bf87ab552345e2638bcdcfe40ff349ff2ae94e36d900f73905a77c26153f96127c548bbdc5695a9feae2cb0125cbbecdd8fe545027e90419ff3958860a02b16918417e47c179de0d48cb84b5ff02444d708d205ba02dc786b3f7e11508db3a91056d5bb8b5a06", 0xdf}], 0x2, &(0x7f0000000380)=[{0x60, 0x103, 0x80000001, "01a5021e4590714af98a7b71525fd52a4d97f2db5ebf184a788ff79e8e156853b129fd1fef0ae99c674f16be654ccc404097b29699a6e54b0955a1567f4c652e9c4e29b6e349a53d25cefe60"}, {0x108, 0x6, 0xffff0000, "009797ca664a08be8ce2214e5736997ca793bc52e14c4a4911ff6ff4d7236499baad843a6da5188326ca33be82241fc2878393ac8492147eb83d2b38eed41041b5f7e2f051e43002be30ade7f753661aeab25f93c2f7802893e0e1b2d5e52ae8323b9ec47d144b31e698009bb278c730cfc6f28b7d89668868bd3187446ae022bae455d7c8c87993a11e9d528162ed84bc1cf85f63ef7420d79cf3f1383463a0190e1ab102a2c007d27882ea46e5ac08983e7bbcf5c803aa3814dbc3f208768ea32687169890247060c97ca8c8787c1957657a302bb44c6f51ca7ceef4efe62505b0840441cd64ee5beeaaef999bf52d78a8"}, {0x1010, 0x10b, 0x7, "7ca3be709a074aa0063c228b850f3e423fe01cca54e098e2a5d6dbe75f4d2b0ef6809f6cc7bfb2c4fd0860e5f9563dcf4f832a51b5980d12367321cdf8c3fb3efbdbb671bbce18b1d91174f221f3fc517d65bf74d1d5797e71787dd5da80927237dd499c582239c746752e89e65b5e5338caafb5fd864724a9be767c270c201371ba3710914caa6722bc0bf7d05130d1ce9e68992eb35e0a29fc26a0cc5dfa9c9381978d766ab1dbcdf4fee8b03113b6528b2dc4c8df56d58d5938690581a432fda3a198e62823c0be745844492caa632492348c20273d6b93b02e0445ed82c807b99dc0f1603780eb2e91c4db90498e3e82a28f365b863f909cd3e1f8feaee6f7cbe36e4a138fed918305afbb93b56ea3c79c49eb0c5aaa763089b97d606dfe5a8958abc1f26fad4bf98804e57f3d36f792e8ee828525ff903d48f79890efe4b59a8c7ff20c18597864106ff7aea744e3380185701b04c0d0619f93686533e8599758bf0c69a0dfc97a3609b8fccee9a8d159f02f14741a1390bf4088554f35779c64696381c1b5c9c1419d475acba237907cbe9424f82ffa363ac435fc8a1ea5dedf1d9111a3b0ee5affe5d07945f1f0fa9b8140d6fd73d24d1c91c892e4e99b7d74600067a4d3ead88b1e01051c57abc4d4715fd9b4a14a25fdc1027ab3efcd04b5ee7075fe05340c43d023e340032af53d59dde9bf9b6f604e6861cf8281c2a222bc9d500c89e250a3a65a7ae9f5cba3d47cadc5d085b6942d3dc39657a7761956406f7223f23b9aa1ea83fa093677d6a3b0113c239b619769d9cf616d3225ddb8ed9e078967ccf52ca4e6427f897fabc80428ae294f5d811d85dfd4e024e8a2a89c8cbbbc0bfdf2ec25a2a6a872c87661aca0a44b46b6a4629657e30ac46a473d20b0e2d872227476b896c6259fb8a2ee1a027094f729eb8e3a614298c67eee02378dadd5d1406f295cb7324d08846553b1f30a8f15286c2fda6563eb7dce3996f3a3799d43e800d703ed26e51cb44b3371e7488b4d926154b22b22198e11e2d565bd0940d75d551dcd13324c828d369ee4a1cf7f28025bac102e1d7fd385c282b4c38ec58c906d48ff9a7485d50def67eb9cf32699e21ab9a928feace6986d3cbaa5d1868ef90fd976696dfa7c3aaaa67667addeb6a3699fe7d705c211ef1497941048bc0ec9f35b446a18f0acb4c86def4924471903a0d724a29429775563191218b89cbad26231d919944284eb84eb93a8e665333c86ac6a8510a402fc2122229f1052963f3fa94715941a02575235c0a5d5e268af6a6c0e4886abda394521e1261aca0c5c395b85e809867cfe7f737353926ea632e00291c2eb1aa69fdc25601a94e9588f5e76e8d6344c944e282ac6071893b1d4a74160583d5c5db918b497f3a8fd550fd4fe9b0df6c4511f8ea16989b6393a0e981a52c99e50f2616d542ff5447f6e8202407d89730f6fce2043c38ac10297daacff10917e5e20538150675240c710726d39bbaf445658ab6dde9b935972d1b4f6d1dbf11d5dc881f09817eb66b212c2e73ac2ca1809ed062d6d757dd0e32c6e185bbc13ed99b24ed7840a3f55ad2a69a747319f8b89f41b29e0c7d8e83d524fffa0f470713bb89e41c45a06cbd9a0cddd712f658f461cd99fd1335fc2abb32ea81878a983c73fdf1040d3c82f3daf5edb0e5251c8102a8501494a8f4f69278d7abf3a5ac92d6f1ea71bff2f0f9d6b981f06a4386a5ee21d0189c60566daa0fdf1f5cdcce1f9b7db8c48daa9e08ab5254a60d8267ddc14ffa732b70787a026419e0e60dea6bd423f22c52f175f877aa937f4d18416a7d457b41e4739845aa7dab2dca6e075f1dea96414e73c2805eb98b1afed37779b136b86f237afde8e5971c72065ddc8d3673a80d29ca5d430d027d1c3e50d3e9feafe20d43ae66b8eb56d6ff768e04aec8eaf89e13004425d7399b617f63198c2a6a2b5c221fe66ef904523506f304c71226257e485985f763662297609626aee766345b82c08e5817c0a6dc5493527a036307033e17b1cd175a789ec8390992f7b074cff89f81049404f3500b1e67a3f658e9f1462022b0a3c89bf53d9ce9c4e19f3093bc4e69442d9f2458a8cb4dd6c5a033f2428d657fd1adfa6390b62e6e35009114cedb08b493a209159a95ed1581659218859d1d293fc609c24f66a6522bcc2b39518c18505ba5aacc8b7bd9fbd47b17c1539db23dce906519ab2da2d094006d32b1cffcfdad992d911082b93d4552c201de5dfad349e2d70632d5ca21af2f5dcea5c52de0f3e6841248d845e300057524fc97e65d910b7aeed81dcefbabaaff34c6cf106da372099c7a87590b81527f21d1562c57661fe7fdfffb386a41c8f40f378de0a302b2d33046827bf336f66fc5ca392baf84464443090613f15a6639de6b1b25f483f8e0246ff712a4c7d528c573fdea53ab2e796669f3c706f5b8f6e66ec4a3f7e5a3b29b3c44b0a55ec5bb8644190bf3510b76375ef1bfbf945f9d47283ea820b2bc2f81fe28e2925c36149e5151ded3aa7162fe3aa716ffcdd18a36b18a83bf9217720d67ec097d44063deb2c4285ef09eda615000221b81da483b431a9fb6c4dadbfb1e6694d3e4e5cc4eaed5fc8a85ff24f3b1388508a8d3fc5fd7256d7fd4763c3cd041d319e55a14bb0b01bcd958b9755d12a9a32b3387b5759a894ed80cb4c39354cdf6cdce631fc3da8895f7f173e8d087fe1f10a3249c1a2acdf4f01fe8281ee4bcc887edde9d62dc994d0fdb57fcf11912a6c6aa318f3a36420f217065b45bad11db4dcdc53045ceeaf40fd3e2f6a5f9789833d1ee3314ad55a5ce3580d6380696ebae93d1b373f4fe4bc176e083b233162e3980b93113e56c26123c407e7cacaa17bb3129b62db6ed9fbcf8b2b4af7cb07cbda52d1060d3dd25662e8adc16e0ca24b1d48b7c2c056e44b37783e0cbfaa51b0eb1c74a9fa299596b37e2e464ed05dd8e7685196c6319729cd0a3801406814d7724eef7193c5e6146c5a5917d9c100add1e02f485b8a9f7007c351260333aa6f5d5a70daad4cc86c294b3653e15d0486172e404cbaf76ad2bc213055d462efb000ed4374ae0da586fd0844df9d8b291f465d045baff097b288f4d588b4b405ee279e3bb87bf2f785c4e4498217e9d70d6c70184df04b5a7e9322814a1dc890195077db87cb2c0f1ce46f47bbd4e6e085149f8e1512a0f1b1c3033ffb537ba1c8fcb2312a6ecd3097ceca314881a5bd661a8e6b58eb777271e56a085af0d0ee92c6195c69cde694de7fb86b5fbafeddac83bf7b967a0b1836019162143b51c3b940c63fae31850adc20eb3ad948f45af70fb0d80afe033588f7cee4659540801d6d4705a8cf04e9b7dc7939b9ff795ab733a8538dc2e594c9ceddbd475280d8007bb36a6609d61e5f122f455e9dff3d27a363986c06ffd2a77616e14b63f37ecca3bbb2047e64e2c71059d0e24c4da02e0e5da23e520dc65dd6ff477ff325ebb3ac7622f1de06d894f9ecb8929cd1e59433c8e9fc6897b08d016c4a2abca22c8a45e7d771e68528eb49df5bb686fd357cff92741930548b7e2422fc403bc6e7eac75e6120b1e1e003a045851e372ff410a6e6885ee4039e2e5d4e9952d9bc02280933821ebd0c69998840bfc32c0e85bb7f191db9587d27820c9f22cae734820abb66f0c66bd4680b8e0ef4e27d9a1cbce65bfd7eee1641124a39265e1abbe7e2f292d20651c074595d0fa6bf2036bc333008b9d117a8f0a94307c43184f735250a04be50bba54c07b26caf1b43f4dbf54923862accee1145c7403bf4f8efa02844281d82959c968625a45d301bc1cc6624f5527836158eafd1485b215a6125226ceddf45f4481222a83007213103c3cd93cbce7e7c7d86e0684b12cbc6473142feb4a397392103d9d847c02b77c13833b8962492695157e50c7a35302976ad365a43171216d5eb788678f289db64d62e47cbba0121499478f885de49d23d1e2baee29f0441db89631296d0a13ca0c97ea82171825a178afcbc098acd9bcc17d6335a90e8e5578a1bf1445b07a1c7c996aa497c03676d963b0ecdfa585e1f63196f17766c3c1ebe0fdc8b71b7f3c81202715dfbbd8dd44259c3655a97800ed9724c9c7277c7ac777061ae578f3052a3b8e4859b386bd3db4d991480da7d17be1cbb88c1b7bfc7ca4231021974e953e6afd91c230b95cb258e451a09e2709bdf39bd3aae217d2fdd5b290b025a9aa51858cab07ba23b9911d100558759a219043f810e21d8548acc990fada9a0bb036ed4b69720aa870bd879f0c993242ee68ddbff6a9aa2f75c28783eed6c818dc994ab940c71692fed33c277ddf8f5bfb71872946abd880809ee9e55a1186b1bc7d141f498df07ac02688acf5cb18d43593b0f567fa3680782f2c4dc17c011bac1390778a763c14d60d5be4eed9496ce99b280f50b7a2de54761467093ec217852201a0ff7766a6fda4d0b5e65de5b6405e02b36037ca8b9f77dcaaa733876a605ca589b6a45cae4ef3e841f94693eb3b26d5f2fd54c070cc3df695c9df6fe7499c4a468b907bfddf0da147b57502420d136d942bb2284dc0a14729dfbd93a193cdf0f32670bb5ca7dd91052fd4c8741dfda225d891127477790c43daf70cb5e7e0e5d630738eec675d093d93ba2a2905b3bb2fcc429b6371d920e2e4e09bef5eb5ca2d141e2d0b875fbf9b09a0eb6e2a2ec0199634275b1321fdbf28eff39f98374ac4e62e929f58eea56e9787ceeb24d0ad00698201828afec40d29f88394e8b8ce3958b121cb96f780f4f1147e9985807935a8fc97aa728e95c2741776ffba4b7fa5caf1cab7789b069cc5eddbe6e868ddf0caefbc845e93d5fa22f171b0c3d74884cb785d6b044e429c43530c442bdec0da33c533b127f0b2fd87a9c1b067d4907a8abd8b364a2fede2746f6551dd7a333cbef2543ce9c00b6affd0f43ec42d3b8373e68a0691e63d7e7e8935948f2bf2b9bb4eec36241fe4abeba7c7cd9e598cea7f8b17cfb12c539d8ce79fde31c9ac9e634cee8a680b80195e2b09bf6770b14cf2fdfbf815cabe71828208a5ac52509dd7f63600095d12504c2e4a96c0afbb6c205057e0ec303103179e8a142fdb305ba604b3da4b227ea04832927f22121b1672732a7140129dd1a65c3a72fcc577c5e303e0968d1d7a6ecbba2c5b33d039b9fcbf8f957daeb612a1037271704275c550a3724a56618161ae4c9f9764fd87267dba6a7dabe73fcbc53ac6a64473cdb07f01f9d69b319c0319446eb957bc554b5070da0abf82d4a0d6d016aa4b90e3e1312d9cdfad5e97f6203786eb74df1b32b3249851e1ba75f2c7e587359dc6e09bba3e722a7d6e90e4b106f396f134b4a85e17fc3b290c60ddf27e9202f3744b893e3ffce40da7c11c7dfbcee87b7b0f382ede4ace980a53368e616d16d3d504dcff1a4abb995df39d2e15249b729d46760e9353dddd9a63412414a3679362d494fd32c5cf5af9740bfb245472f514b260ce35f01b38555f125a735b9732dd41e8590ed79c4a60f481b1414b9927c7f38ce3100e68f64cb9830fb629568af3e9d0ee231aa2b77b6ede0194a20aa9bb065cf4e342cb38fccf19e87d37c46812fef0a97e3df47b6ff468c448cfae5f13ad2561a0cc90cd1b258e1897def439d1f1fd48e81b4d99544449b74dcfd1f6ca35aed2fbe5147bb4fb5ce4fb1e6f5351cfe52270a9f7e4b7b497e339954a0ce54bab1417aa7679c00bd338be4a1f74b10ee76e92c9232cdc0ae787b42ffad784eed647c9"}], 0x1178}, 0x0, 0x4008005, 0x1, {0x0, r5}}, 0x417f) link(&(0x7f0000001580)='./file0\x00', &(0x7f00000015c0)='./file0\x00') 21:26:21 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:26:21 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x315d, 0x5d78, 0x2, &(0x7f0000000040)={[0xfffffffffffffff7]}, 0x8) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x30000, 0x0, {0x2, r6}}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:26:21 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) 21:26:21 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) 21:26:21 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:21 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) sendfile(r0, r0, &(0x7f0000000000)=0xe9, 0x7) 21:26:22 executing program 7: ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0xffffffffffffffff) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1349.807620] kauditd_printk_skb: 28 callbacks suppressed [ 1349.807640] audit: type=1326 audit(1778448382.019:3134): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1349.820589] FAULT_INJECTION: forcing a failure. [ 1349.820589] name failslab, interval 1, probability 0, space 0, times 0 [ 1349.823122] CPU: 0 PID: 8433 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1349.824651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1349.826531] Call Trace: [ 1349.827140] dump_stack+0x107/0x167 [ 1349.827958] should_fail.cold+0x5/0xa [ 1349.828816] ? create_object.isra.0+0x3a/0xa30 [ 1349.829840] should_failslab+0x5/0x20 [ 1349.830691] kmem_cache_alloc+0x5b/0x310 [ 1349.831627] create_object.isra.0+0x3a/0xa30 [ 1349.832612] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1349.833766] kmem_cache_alloc_trace+0x151/0x320 [ 1349.834818] __io_uring_add_tctx_node+0x15c/0x520 [ 1349.835669] FAULT_INJECTION: forcing a failure. [ 1349.835669] name failslab, interval 1, probability 0, space 0, times 0 [ 1349.835921] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1349.835942] ? alloc_fd+0x2e7/0x670 [ 1349.835980] io_uring_setup+0x1fbb/0x2980 [ 1349.840426] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1349.841568] ? wait_for_completion_io+0x270/0x270 [ 1349.842695] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1349.843883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1349.845054] do_syscall_64+0x33/0x40 [ 1349.845881] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1349.847033] RIP: 0033:0x7f2d330fab19 [ 1349.847883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.852002] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1349.853718] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1349.855320] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1349.856919] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1349.858521] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1349.860140] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1349.861776] CPU: 1 PID: 8427 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1349.862737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1349.863895] Call Trace: [ 1349.864269] dump_stack+0x107/0x167 [ 1349.864790] should_fail.cold+0x5/0xa [ 1349.865325] ? io_wq_create+0xeb/0xc00 [ 1349.865866] should_failslab+0x5/0x20 [ 1349.866404] __kmalloc+0x72/0x390 [ 1349.866900] io_wq_create+0xeb/0xc00 [ 1349.867437] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1349.868153] ? io_import_iovec+0x1120/0x1120 [ 1349.868766] ? io_apoll_task_func+0x2d0/0x2d0 [ 1349.869389] ? __io_req_find_next+0x300/0x300 [ 1349.870035] ? do_raw_spin_lock+0x121/0x260 [ 1349.870641] ? rwlock_bug.part.0+0x90/0x90 [ 1349.871248] __io_uring_add_tctx_node+0x2c6/0x520 [ 1349.871924] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1349.872644] ? alloc_fd+0x2e7/0x670 [ 1349.873276] io_uring_setup+0x1fbb/0x2980 [ 1349.874036] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1349.874740] ? wait_for_completion_io+0x270/0x270 [ 1349.875436] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1349.876166] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1349.876886] do_syscall_64+0x33/0x40 [ 1349.876988] audit: type=1326 audit(1778448382.026:3135): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1349.877410] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1349.882868] RIP: 0033:0x7f606cee6b19 [ 1349.883075] FAULT_INJECTION: forcing a failure. [ 1349.883075] name failslab, interval 1, probability 0, space 0, times 0 [ 1349.883397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.883405] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1349.883429] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1349.890458] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1349.891453] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1349.892435] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1349.893417] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1349.894427] CPU: 0 PID: 8434 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1349.895988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1349.897857] Call Trace: [ 1349.898467] dump_stack+0x107/0x167 21:26:22 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) [ 1349.899304] should_fail.cold+0x5/0xa [ 1349.900315] ? percpu_ref_init+0xd8/0x3d0 [ 1349.901258] should_failslab+0x5/0x20 [ 1349.901653] FAULT_INJECTION: forcing a failure. [ 1349.901653] name failslab, interval 1, probability 0, space 0, times 0 [ 1349.902119] kmem_cache_alloc_trace+0x55/0x320 [ 1349.902148] ? io_async_queue_proc+0x80/0x80 [ 1349.902171] percpu_ref_init+0xd8/0x3d0 [ 1349.906569] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1349.907803] io_uring_setup+0x14f6/0x2980 [ 1349.908745] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1349.909880] ? wait_for_completion_io+0x270/0x270 [ 1349.910995] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1349.912186] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1349.913348] do_syscall_64+0x33/0x40 [ 1349.914182] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1349.915348] RIP: 0033:0x7ff29b41cb19 [ 1349.916184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.920313] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1349.922023] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1349.923643] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1349.925260] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1349.926903] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1349.928509] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1349.930150] CPU: 1 PID: 8436 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1349.931206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1349.932343] Call Trace: [ 1349.932706] dump_stack+0x107/0x167 [ 1349.933210] should_fail.cold+0x5/0xa [ 1349.933739] ? create_object.isra.0+0x3a/0xa30 [ 1349.934358] should_failslab+0x5/0x20 [ 1349.934881] kmem_cache_alloc+0x5b/0x310 [ 1349.935477] create_object.isra.0+0x3a/0xa30 [ 1349.936080] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1349.936776] kmem_cache_alloc+0x159/0x310 [ 1349.937439] __d_alloc+0x2a/0x990 [ 1349.938123] ? find_held_lock+0x2c/0x110 [ 1349.938692] d_alloc_pseudo+0x19/0x70 [ 1349.939249] alloc_file_pseudo+0xce/0x250 [ 1349.939977] ? trace_hardirqs_on+0x5b/0x180 [ 1349.940783] ? alloc_file+0x5a0/0x5a0 [ 1349.941327] anon_inode_getfile+0xc8/0x1f0 [ 1349.941904] io_uring_setup+0x138b/0x2980 [ 1349.942473] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1349.943177] ? wait_for_completion_io+0x270/0x270 [ 1349.943848] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1349.944557] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1349.945256] do_syscall_64+0x33/0x40 [ 1349.945763] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1349.946460] RIP: 0033:0x7f38f4330b19 [ 1349.946962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.949453] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1349.950486] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1349.951453] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1349.952419] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1349.953387] audit: type=1326 audit(1778448382.074:3136): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1349.953506] audit: type=1326 audit(1778448382.074:3137): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1349.956275] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1349.956283] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:22 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) 21:26:22 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) [ 1350.005766] audit: type=1326 audit(1778448382.074:3138): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1350.016129] FAULT_INJECTION: forcing a failure. [ 1350.016129] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.017740] CPU: 1 PID: 8444 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1350.018646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.019762] Call Trace: [ 1350.020115] dump_stack+0x107/0x167 [ 1350.020599] should_fail.cold+0x5/0xa [ 1350.021103] ? create_object.isra.0+0x3a/0xa30 [ 1350.021716] should_failslab+0x5/0x20 [ 1350.022226] kmem_cache_alloc+0x5b/0x310 [ 1350.022776] create_object.isra.0+0x3a/0xa30 [ 1350.023361] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1350.024045] __kmalloc+0x16e/0x390 [ 1350.024537] io_wq_create+0xeb/0xc00 [ 1350.025035] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1350.025714] ? io_import_iovec+0x1120/0x1120 [ 1350.026302] ? io_apoll_task_func+0x2d0/0x2d0 [ 1350.026901] ? __io_req_find_next+0x300/0x300 [ 1350.027503] ? do_raw_spin_lock+0x121/0x260 [ 1350.028083] ? rwlock_bug.part.0+0x90/0x90 [ 1350.028645] __io_uring_add_tctx_node+0x2c6/0x520 [ 1350.029293] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1350.029994] ? alloc_fd+0x2e7/0x670 [ 1350.030060] audit: type=1326 audit(1778448382.143:3139): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1350.030487] io_uring_setup+0x1fbb/0x2980 [ 1350.035799] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.036459] ? wait_for_completion_io+0x270/0x270 [ 1350.037123] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.037834] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.038522] do_syscall_64+0x33/0x40 [ 1350.039022] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.039711] RIP: 0033:0x7f606cee6b19 [ 1350.040204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.042621] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.043637] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1350.044575] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.045524] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.046469] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.047404] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:22 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) finit_module(r0, &(0x7f0000000140)='$,#-}~/]%/-\x00', 0x1) r1 = fsmount(r0, 0x0, 0x8) r2 = perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x3, 0x6, 0x32, 0x2c, 0x0, 0x200, 0x2, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x2, 0x3ff}, 0x40, 0x0, 0x3f, 0x8, 0xb9e, 0x80000001, 0x5, 0x0, 0x5, 0x0, 0x3ff}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x8c14dcd92ebecbf5) copy_file_range(r1, &(0x7f00000001c0)=0x81, r2, &(0x7f0000000280)=0x8, 0x6, 0x0) lseek(r0, 0x0, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x300000a, 0x1010, r0, 0x10000000) syz_io_uring_submit(0x0, r3, &(0x7f0000000180)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x23456}, 0x6ae2b38b) [ 1350.059418] audit: type=1326 audit(1778448382.143:3140): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:22 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) [ 1350.074833] FAULT_INJECTION: forcing a failure. [ 1350.074833] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.076365] CPU: 1 PID: 8446 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1350.077251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.078315] Call Trace: [ 1350.078661] dump_stack+0x107/0x167 [ 1350.079144] should_fail.cold+0x5/0xa [ 1350.079643] ? __alloc_file+0x21/0x320 [ 1350.080151] should_failslab+0x5/0x20 [ 1350.080645] kmem_cache_alloc+0x5b/0x310 [ 1350.081170] __alloc_file+0x21/0x320 [ 1350.081653] alloc_empty_file+0x6d/0x170 [ 1350.082176] alloc_file+0x5e/0x5a0 [ 1350.082636] alloc_file_pseudo+0x16a/0x250 [ 1350.083187] ? alloc_file+0x5a0/0x5a0 [ 1350.083697] anon_inode_getfile+0xc8/0x1f0 [ 1350.084243] io_uring_setup+0x138b/0x2980 [ 1350.084378] audit: type=1326 audit(1778448382.143:3141): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1350.084783] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.090175] ? wait_for_completion_io+0x270/0x270 [ 1350.090805] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.091481] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.092156] do_syscall_64+0x33/0x40 [ 1350.092640] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.093291] RIP: 0033:0x7f38f4330b19 [ 1350.093785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.096158] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.097129] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1350.098034] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.098936] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.099852] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.100759] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:22 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1350.113047] audit: type=1326 audit(1778448382.177:3142): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:22 executing program 6: ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x2}}, './file0\x00'}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000040)={0x286, 0x1000, 0x401, 0x1098, 0x11, "90a8f32303fa43e1c6e537a052dbefe4c2030b"}) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x6ac681, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f00000000c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) 21:26:22 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1350.131323] FAULT_INJECTION: forcing a failure. [ 1350.131323] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.133041] CPU: 1 PID: 8449 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1350.133898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.134439] audit: type=1326 audit(1778448382.178:3143): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8424 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1350.134940] Call Trace: [ 1350.134972] dump_stack+0x107/0x167 [ 1350.134993] should_fail.cold+0x5/0xa [ 1350.140973] ? xas_alloc+0x336/0x440 [ 1350.141438] should_failslab+0x5/0x20 [ 1350.141912] kmem_cache_alloc+0x5b/0x310 [ 1350.142420] ? stack_trace_consume_entry+0x160/0x160 [ 1350.143055] xas_alloc+0x336/0x440 [ 1350.143515] xas_create+0x34a/0x10d0 [ 1350.144002] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1350.144659] xas_store+0x8c/0x1c40 [ 1350.145114] __xa_store+0x164/0x2d0 [ 1350.145570] ? xa_delete_node+0x280/0x280 [ 1350.146092] ? trace_hardirqs_on+0x5b/0x180 [ 1350.146637] xa_store+0x31/0x50 [ 1350.147057] __io_uring_add_tctx_node+0x1cf/0x520 [ 1350.147663] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1350.148314] ? alloc_fd+0x2e7/0x670 [ 1350.148781] io_uring_setup+0x1fbb/0x2980 [ 1350.149303] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.149929] ? wait_for_completion_io+0x270/0x270 [ 1350.150548] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.151206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.151850] do_syscall_64+0x33/0x40 [ 1350.152318] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.152957] RIP: 0033:0x7f2d330fab19 [ 1350.153418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.155696] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.156634] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1350.157516] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.158398] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.159284] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.160164] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:22 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:22 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:26:22 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) 21:26:22 executing program 4: fallocate(0xffffffffffffffff, 0x7c, 0xfff, 0x80) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:26:22 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) [ 1350.280478] FAULT_INJECTION: forcing a failure. [ 1350.280478] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.281977] CPU: 1 PID: 8462 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1350.282770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.283749] Call Trace: [ 1350.284064] dump_stack+0x107/0x167 [ 1350.284489] should_fail.cold+0x5/0xa [ 1350.284940] ? create_object.isra.0+0x3a/0xa30 [ 1350.285470] should_failslab+0x5/0x20 [ 1350.285918] kmem_cache_alloc+0x5b/0x310 [ 1350.286390] create_object.isra.0+0x3a/0xa30 [ 1350.286898] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1350.287496] kmem_cache_alloc+0x159/0x310 [ 1350.287983] __alloc_file+0x21/0x320 [ 1350.288411] alloc_empty_file+0x6d/0x170 [ 1350.288884] alloc_file+0x5e/0x5a0 [ 1350.289299] alloc_file_pseudo+0x16a/0x250 [ 1350.289787] ? alloc_file+0x5a0/0x5a0 [ 1350.290239] anon_inode_getfile+0xc8/0x1f0 [ 1350.290742] io_uring_setup+0x138b/0x2980 [ 1350.291235] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.291820] ? wait_for_completion_io+0x270/0x270 [ 1350.292398] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.293010] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.293614] do_syscall_64+0x33/0x40 [ 1350.294047] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.294643] RIP: 0033:0x7f38f4330b19 [ 1350.295074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.297202] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.298082] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1350.298912] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.299735] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.300557] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.301378] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1350.313026] FAULT_INJECTION: forcing a failure. [ 1350.313026] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.315887] CPU: 0 PID: 8468 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1350.317460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.319347] Call Trace: [ 1350.319959] dump_stack+0x107/0x167 [ 1350.320787] should_fail.cold+0x5/0xa [ 1350.321681] ? io_wq_create+0x6ef/0xc00 [ 1350.322635] should_failslab+0x5/0x20 [ 1350.323558] kmem_cache_alloc_node_trace+0x59/0x340 [ 1350.324696] io_wq_create+0x6ef/0xc00 [ 1350.325562] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1350.326711] ? io_import_iovec+0x1120/0x1120 [ 1350.327715] ? io_apoll_task_func+0x2d0/0x2d0 [ 1350.328731] ? __io_req_find_next+0x300/0x300 [ 1350.329732] ? do_raw_spin_lock+0x121/0x260 [ 1350.330698] ? rwlock_bug.part.0+0x90/0x90 [ 1350.331679] __io_uring_add_tctx_node+0x2c6/0x520 [ 1350.332825] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1350.334071] ? alloc_fd+0x2e7/0x670 [ 1350.334913] io_uring_setup+0x1fbb/0x2980 [ 1350.335879] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.337010] ? wait_for_completion_io+0x270/0x270 [ 1350.338129] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.339313] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.340495] do_syscall_64+0x33/0x40 [ 1350.341333] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.342481] RIP: 0033:0x7f606cee6b19 [ 1350.343330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.347431] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.349131] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1350.350775] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.352467] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.354074] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.355695] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1350.375818] FAULT_INJECTION: forcing a failure. [ 1350.375818] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.377193] CPU: 1 PID: 8469 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1350.377970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1350.378913] Call Trace: [ 1350.379226] dump_stack+0x107/0x167 [ 1350.379642] should_fail.cold+0x5/0xa [ 1350.380086] ? create_object.isra.0+0x3a/0xa30 [ 1350.380608] should_failslab+0x5/0x20 [ 1350.381042] kmem_cache_alloc+0x5b/0x310 [ 1350.381508] create_object.isra.0+0x3a/0xa30 [ 1350.382011] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1350.382591] kmem_cache_alloc_trace+0x151/0x320 [ 1350.383140] ? io_async_queue_proc+0x80/0x80 [ 1350.383642] percpu_ref_init+0xd8/0x3d0 [ 1350.384098] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1350.384711] io_uring_setup+0x14f6/0x2980 [ 1350.385190] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1350.385766] ? wait_for_completion_io+0x270/0x270 [ 1350.386340] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1350.386942] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1350.387539] do_syscall_64+0x33/0x40 [ 1350.387962] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1350.388545] RIP: 0033:0x7ff29b41cb19 [ 1350.388968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.391051] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1350.391929] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1350.392734] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1350.393544] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1350.394353] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1350.395171] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:37 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) 21:26:37 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:26:37 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:37 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000340)={0x0, 0x6, 0x1}) 21:26:37 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) 21:26:37 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') write$binfmt_script(r0, &(0x7f0000000140)={'#! ', './file0', [{0x20, 'setgroups\x00'}, {0x20, 'setgroups\x00'}], 0xa, "8e1b4e108b2ab24ed6372cde3ed61920d5cc261d7561b6ca9921ca4e2f62bc82472fcd966acb6b919d2e9874f1623bfa6f7653bf2b04f5c93635dcf029856995f98fb8889163fbb2c3794b34a458e50f2e12a67154fa626c706b433f774db7dc52c41de7e82c035353ea1b4f7bd4753b8febcb972b6cedf6419293f4cf2746722587790ebc16858f9d30da347a9ac47ea70c419fc801ee70db0e0537a05a7bfd43378ac12adacb7a4f7975439555608c86e6503aa417549f797364725a693fbf185af702eb6dfcf2c6ff8dee1bf116d08157beeb2ebea5e28d18d116d58924a29b5e4bc9f48863e6cf577d46176fb837337c88e63b1381fe"}, 0x119) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:26:37 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x2664, &(0x7f0000000000)={0x0, 0x87fd, 0xa99b18fe6eebaef3, 0x2, 0x2fb, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 21:26:37 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) [ 1364.916840] FAULT_INJECTION: forcing a failure. [ 1364.916840] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.918456] CPU: 0 PID: 8483 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1364.919340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1364.920413] Call Trace: [ 1364.920769] dump_stack+0x107/0x167 [ 1364.921239] should_fail.cold+0x5/0xa [ 1364.921730] ? create_object.isra.0+0x3a/0xa30 [ 1364.922343] should_failslab+0x5/0x20 [ 1364.922834] kmem_cache_alloc+0x5b/0x310 [ 1364.923374] create_object.isra.0+0x3a/0xa30 [ 1364.923942] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1364.924623] kmem_cache_alloc+0x159/0x310 [ 1364.925161] xas_alloc+0x336/0x440 [ 1364.925618] xas_create+0x34a/0x10d0 [ 1364.926110] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1364.926782] xas_store+0x8c/0x1c40 [ 1364.927253] __xa_store+0x164/0x2d0 [ 1364.927727] ? xa_delete_node+0x280/0x280 [ 1364.928267] ? trace_hardirqs_on+0x5b/0x180 [ 1364.928831] xa_store+0x31/0x50 [ 1364.929261] __io_uring_add_tctx_node+0x1cf/0x520 [ 1364.929882] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1364.930550] ? alloc_fd+0x2e7/0x670 [ 1364.931027] io_uring_setup+0x1fbb/0x2980 [ 1364.931572] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1364.932221] ? wait_for_completion_io+0x270/0x270 [ 1364.932855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1364.933528] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1364.934186] do_syscall_64+0x33/0x40 [ 1364.934660] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1364.935318] RIP: 0033:0x7f2d330fab19 [ 1364.935790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1364.938119] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1364.939086] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1364.940007] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1364.940923] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1364.941842] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1364.942758] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1364.950130] FAULT_INJECTION: forcing a failure. [ 1364.950130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1364.951708] CPU: 0 PID: 8491 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1364.952608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1364.953148] FAULT_INJECTION: forcing a failure. [ 1364.953148] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.953667] Call Trace: [ 1364.953694] dump_stack+0x107/0x167 [ 1364.956871] should_fail.cold+0x5/0xa [ 1364.957375] _copy_to_user+0x2e/0x180 [ 1364.957876] io_uring_setup+0x11b5/0x2980 [ 1364.958418] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1364.959079] ? wait_for_completion_io+0x270/0x270 [ 1364.959724] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1364.960405] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1364.961070] do_syscall_64+0x33/0x40 [ 1364.961553] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1364.962214] RIP: 0033:0x7ff29b41cb19 [ 1364.962691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1364.965070] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1364.966033] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1364.966951] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1364.967873] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1364.968773] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1364.969673] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1364.970600] CPU: 1 PID: 8489 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1364.972059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1364.973799] Call Trace: [ 1364.974362] dump_stack+0x107/0x167 [ 1364.975138] should_fail.cold+0x5/0xa [ 1364.975949] ? security_file_alloc+0x34/0x170 [ 1364.976891] should_failslab+0x5/0x20 [ 1364.977687] kmem_cache_alloc+0x5b/0x310 [ 1364.978542] security_file_alloc+0x34/0x170 [ 1364.979461] __alloc_file+0xb7/0x320 [ 1364.980249] alloc_empty_file+0x6d/0x170 [ 1364.981127] alloc_file+0x5e/0x5a0 [ 1364.981874] alloc_file_pseudo+0x16a/0x250 [ 1364.982779] ? alloc_file+0x5a0/0x5a0 [ 1364.983604] anon_inode_getfile+0xc8/0x1f0 [ 1364.984515] io_uring_setup+0x138b/0x2980 [ 1364.985396] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1364.986477] ? wait_for_completion_io+0x270/0x270 [ 1364.987521] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1364.988649] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1364.989734] do_syscall_64+0x33/0x40 [ 1364.990533] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1364.991625] RIP: 0033:0x7f38f4330b19 [ 1364.992424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:26:37 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) [ 1364.996271] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1364.998159] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1364.999706] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1365.001245] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1365.002779] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1365.004314] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1365.007088] FAULT_INJECTION: forcing a failure. [ 1365.007088] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.008609] CPU: 0 PID: 8490 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1365.009478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1365.010528] Call Trace: [ 1365.010872] dump_stack+0x107/0x167 [ 1365.011343] should_fail.cold+0x5/0xa [ 1365.011834] ? create_object.isra.0+0x3a/0xa30 [ 1365.012412] should_failslab+0x5/0x20 [ 1365.012891] kmem_cache_alloc+0x5b/0x310 [ 1365.013416] ? io_wq_create+0x114/0xc00 [ 1365.013920] create_object.isra.0+0x3a/0xa30 [ 1365.014472] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1365.015113] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1365.015768] io_wq_create+0x6ef/0xc00 [ 1365.016257] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1365.016896] ? io_import_iovec+0x1120/0x1120 [ 1365.017451] ? io_apoll_task_func+0x2d0/0x2d0 [ 1365.018016] ? __io_req_find_next+0x300/0x300 [ 1365.018578] ? do_raw_spin_lock+0x121/0x260 [ 1365.019121] ? rwlock_bug.part.0+0x90/0x90 [ 1365.019654] __io_uring_add_tctx_node+0x2c6/0x520 [ 1365.020262] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1365.020924] ? alloc_fd+0x2e7/0x670 [ 1365.021394] io_uring_setup+0x1fbb/0x2980 [ 1365.021920] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1365.022560] ? wait_for_completion_io+0x270/0x270 [ 1365.023185] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1365.023856] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1365.024362] FAULT_INJECTION: forcing a failure. [ 1365.024362] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.024516] do_syscall_64+0x33/0x40 [ 1365.027377] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1365.028023] RIP: 0033:0x7f606cee6b19 [ 1365.028492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.030807] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1365.031767] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1365.032656] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1365.033546] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1365.034436] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1365.035330] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1365.036244] CPU: 1 PID: 8494 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1365.037729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1365.039524] Call Trace: [ 1365.040100] dump_stack+0x107/0x167 [ 1365.040889] should_fail.cold+0x5/0xa [ 1365.041717] ? xas_alloc+0x336/0x440 [ 1365.042527] should_failslab+0x5/0x20 [ 1365.043386] kmem_cache_alloc+0x5b/0x310 [ 1365.044268] xas_alloc+0x336/0x440 21:26:37 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000007, 0x12, r1, 0x8000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000600007700000008000300", @ANYRES32=r4], 0x1c}}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x10, r1, 0x8000000) [ 1365.045040] xas_create+0x34a/0x10d0 [ 1365.046023] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1365.047128] xas_store+0x8c/0x1c40 [ 1365.047913] __xa_store+0x164/0x2d0 [ 1365.048678] ? xa_delete_node+0x280/0x280 [ 1365.049554] ? trace_hardirqs_on+0x5b/0x180 [ 1365.050469] xa_store+0x31/0x50 [ 1365.051171] __io_uring_add_tctx_node+0x1cf/0x520 [ 1365.052190] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1365.053284] ? alloc_fd+0x2e7/0x670 [ 1365.054068] io_uring_setup+0x1fbb/0x2980 [ 1365.054951] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1365.056019] ? wait_for_completion_io+0x270/0x270 [ 1365.057059] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1365.058153] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1365.059235] do_syscall_64+0x33/0x40 [ 1365.060026] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1365.061092] RIP: 0033:0x7f2d330fab19 [ 1365.061869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.065735] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1365.067337] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1365.068834] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1365.070324] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1365.071825] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1365.073319] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:37 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1365.089657] kauditd_printk_skb: 49 callbacks suppressed [ 1365.089669] audit: type=1326 audit(1778448397.302:3193): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.094666] audit: type=1326 audit(1778448397.303:3194): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.104919] audit: type=1326 audit(1778448397.310:3195): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.113501] audit: type=1326 audit(1778448397.317:3196): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:37 executing program 4: ioctl$BTRFS_IOC_BALANCE_CTL(0xffffffffffffffff, 0x40049421, 0x3) fcntl$notify(0xffffffffffffffff, 0x402, 0x80000002) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000140)={0x2, 0x1, 0xe}) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1365.135284] FAULT_INJECTION: forcing a failure. [ 1365.135284] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.136633] CPU: 0 PID: 8501 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1365.137443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1365.138419] Call Trace: [ 1365.138735] dump_stack+0x107/0x167 [ 1365.139166] should_fail.cold+0x5/0xa [ 1365.139632] ? __d_alloc+0x2a/0x990 [ 1365.140058] should_failslab+0x5/0x20 [ 1365.140506] kmem_cache_alloc+0x5b/0x310 [ 1365.140989] __d_alloc+0x2a/0x990 [ 1365.141401] ? find_held_lock+0x2c/0x110 [ 1365.141886] d_alloc_pseudo+0x19/0x70 [ 1365.142334] alloc_file_pseudo+0xce/0x250 [ 1365.142820] ? trace_hardirqs_on+0x5b/0x180 [ 1365.143333] ? alloc_file+0x5a0/0x5a0 [ 1365.143789] anon_inode_getfile+0xc8/0x1f0 [ 1365.144296] io_uring_setup+0x138b/0x2980 [ 1365.144787] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1365.145383] ? wait_for_completion_io+0x270/0x270 [ 1365.145961] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1365.146577] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1365.147181] do_syscall_64+0x33/0x40 [ 1365.147625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1365.148229] RIP: 0033:0x7ff29b41cb19 [ 1365.148664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.150817] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1365.151712] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1365.152550] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1365.153386] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1365.154228] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1365.155059] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1365.156140] audit: type=1326 audit(1778448397.318:3197): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.163979] audit: type=1326 audit(1778448397.318:3198): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.175848] audit: type=1326 audit(1778448397.318:3199): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.178438] audit: type=1326 audit(1778448397.325:3200): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.195490] audit: type=1326 audit(1778448397.325:3201): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1365.198022] audit: type=1326 audit(1778448397.325:3202): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8484 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1379.602350] FAULT_INJECTION: forcing a failure. [ 1379.602350] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.605253] CPU: 0 PID: 8517 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1379.606908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.608918] Call Trace: [ 1379.609555] dump_stack+0x107/0x167 [ 1379.610433] should_fail.cold+0x5/0xa [ 1379.611354] ? xas_alloc+0x336/0x440 [ 1379.612293] should_failslab+0x5/0x20 [ 1379.613095] FAULT_INJECTION: forcing a failure. [ 1379.613095] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.613214] kmem_cache_alloc+0x5b/0x310 [ 1379.615666] xas_alloc+0x336/0x440 [ 1379.616526] xas_create+0x34a/0x10d0 [ 1379.617442] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1379.618707] xas_store+0x8c/0x1c40 [ 1379.619600] __xa_store+0x164/0x2d0 [ 1379.620480] ? xa_delete_node+0x280/0x280 [ 1379.621482] ? trace_hardirqs_on+0x5b/0x180 [ 1379.622521] xa_store+0x31/0x50 [ 1379.623313] __io_uring_add_tctx_node+0x1cf/0x520 [ 1379.624481] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1379.625748] ? alloc_fd+0x2e7/0x670 [ 1379.626653] io_uring_setup+0x1fbb/0x2980 [ 1379.627676] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.628887] ? wait_for_completion_io+0x270/0x270 [ 1379.630077] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.631326] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.632591] do_syscall_64+0x33/0x40 [ 1379.633480] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.634712] RIP: 0033:0x7f2d330fab19 [ 1379.635614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.640025] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.641846] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1379.643543] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.645251] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.646948] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.648644] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.650371] CPU: 1 PID: 8514 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1379.651300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.652422] Call Trace: [ 1379.652780] dump_stack+0x107/0x167 [ 1379.653270] should_fail.cold+0x5/0xa [ 1379.653784] ? create_object.isra.0+0x3a/0xa30 [ 1379.654395] should_failslab+0x5/0x20 [ 1379.654901] kmem_cache_alloc+0x5b/0x310 [ 1379.655448] ? io_wq_create+0x114/0xc00 [ 1379.655980] create_object.isra.0+0x3a/0xa30 [ 1379.656563] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1379.657248] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1379.657930] io_wq_create+0x6ef/0xc00 [ 1379.658439] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1379.659110] ? io_import_iovec+0x1120/0x1120 [ 1379.659699] ? io_apoll_task_func+0x2d0/0x2d0 [ 1379.660291] ? __io_req_find_next+0x300/0x300 [ 1379.660882] ? do_raw_spin_lock+0x121/0x260 [ 1379.661465] ? rwlock_bug.part.0+0x90/0x90 [ 1379.662035] __io_uring_add_tctx_node+0x2c6/0x520 [ 1379.662676] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1379.663367] ? alloc_fd+0x2e7/0x670 [ 1379.663864] io_uring_setup+0x1fbb/0x2980 [ 1379.664425] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.665092] ? wait_for_completion_io+0x270/0x270 [ 1379.665744] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.666442] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.667124] do_syscall_64+0x33/0x40 [ 1379.667633] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.668309] RIP: 0033:0x7f606cee6b19 [ 1379.668801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.671232] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.672241] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1379.673194] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.674149] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.675101] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.676068] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.678359] FAULT_INJECTION: forcing a failure. [ 1379.678359] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.679861] CPU: 1 PID: 8516 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1379.680763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.681864] Call Trace: [ 1379.682215] dump_stack+0x107/0x167 [ 1379.682702] should_fail.cold+0x5/0xa [ 1379.683206] ? security_file_alloc+0x34/0x170 [ 1379.683809] should_failslab+0x5/0x20 [ 1379.684322] kmem_cache_alloc+0x5b/0x310 [ 1379.684870] security_file_alloc+0x34/0x170 [ 1379.685447] __alloc_file+0xb7/0x320 [ 1379.685953] alloc_empty_file+0x6d/0x170 [ 1379.686508] alloc_file+0x5e/0x5a0 [ 1379.686986] alloc_file_pseudo+0x16a/0x250 [ 1379.687554] ? alloc_file+0x5a0/0x5a0 [ 1379.688086] anon_inode_getfile+0xc8/0x1f0 [ 1379.688654] io_uring_setup+0x138b/0x2980 [ 1379.689215] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.689890] ? wait_for_completion_io+0x270/0x270 [ 1379.690570] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.691264] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.691957] do_syscall_64+0x33/0x40 [ 1379.692447] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.693130] RIP: 0033:0x7f38f4330b19 [ 1379.693629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.696074] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.697086] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 21:26:51 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) 21:26:51 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000001, 0x110, r0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:26:51 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) 21:26:51 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) 21:26:51 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:51 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xca}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:26:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000300)) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r2, 0x2a48, 0x7ac, 0x2, &(0x7f0000000380)={[0x10001]}, 0x8) fcntl$notify(r1, 0x402, 0x4) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0) ioctl$CDROM_SEND_PACKET(r3, 0x5393, &(0x7f00000002c0)={"f515e52fd1477bdb1f0cb540", &(0x7f0000000180)="0f5c21f06f99f063d7c7f179c4983faa3ea1c47d0cd16eff2c90d2554986aabcf44e29ac716217a3375a286b58bb4eb06886da5a2387d043ce5939d828fc2c274bc189b5a555c27ac573014b2f1c8f59b757b08ed72309ed6d5c855f9eefeeca89f1b87ef22f753a24a9673b2f33f0a42c9c60bead87aae82f961859d63c010c57311ce70071f87e7fbb777b498ca8beba10207896b3262f9fc84068c6a466930906a4bf7e16ad54692d0586f500bcc22fa80a1e71db659cf895617f2cfff7d38a2d700927b95328005b9528aa4a9d072d308d5af82933246ec8d1f45c0b1e22e0612d22e4ec", 0xe6, 0x0, &(0x7f0000000280)={0x8, 0x1, 0x20, 0x0, 0x0, 0x1, 0x0, "078cfaac", 0x8, "6394216a", 0x8, 0x5, 0x7, "b09ef4", "2594aff395a8a5aab599a2656235f4e5a835c3f4fddb3be7aa6e217d73708e77a2709099a52ac874beb0ba7db0e0"}, 0x3, 0x7, 0x6, &(0x7f0000000340)}) r4 = dup2(r3, r3) ioctl$CDROMPAUSE(r4, 0x5301) 21:26:51 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1379.698293] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.699520] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.700573] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.701530] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.704794] FAULT_INJECTION: forcing a failure. [ 1379.704794] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.707477] CPU: 0 PID: 8521 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1379.709037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.710929] Call Trace: [ 1379.711543] dump_stack+0x107/0x167 [ 1379.712388] should_fail.cold+0x5/0xa [ 1379.713263] ? create_object.isra.0+0x3a/0xa30 [ 1379.714301] should_failslab+0x5/0x20 [ 1379.715172] kmem_cache_alloc+0x5b/0x310 [ 1379.716144] create_object.isra.0+0x3a/0xa30 [ 1379.717142] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1379.718305] kmem_cache_alloc+0x159/0x310 [ 1379.719252] __d_alloc+0x2a/0x990 [ 1379.720043] ? find_held_lock+0x2c/0x110 [ 1379.720978] d_alloc_pseudo+0x19/0x70 [ 1379.721843] alloc_file_pseudo+0xce/0x250 [ 1379.722788] ? trace_hardirqs_on+0x5b/0x180 [ 1379.723770] ? alloc_file+0x5a0/0x5a0 [ 1379.724652] anon_inode_getfile+0xc8/0x1f0 [ 1379.725615] io_uring_setup+0x138b/0x2980 [ 1379.726572] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.727737] ? wait_for_completion_io+0x270/0x270 [ 1379.728868] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.730060] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.731228] do_syscall_64+0x33/0x40 [ 1379.732078] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.733235] RIP: 0033:0x7ff29b41cb19 [ 1379.734077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.738213] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.739959] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1379.741565] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.743182] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.744798] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.746406] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.761163] kauditd_printk_skb: 6 callbacks suppressed [ 1379.761184] audit: type=1326 audit(1778448411.973:3209): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8518 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1379.767520] audit: type=1326 audit(1778448411.974:3210): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8518 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:51 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) 21:26:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) [ 1379.846720] FAULT_INJECTION: forcing a failure. [ 1379.846720] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.848266] CPU: 1 PID: 8534 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1379.849102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.850124] Call Trace: [ 1379.850453] dump_stack+0x107/0x167 [ 1379.850903] should_fail.cold+0x5/0xa [ 1379.851375] ? security_file_alloc+0x34/0x170 [ 1379.851932] should_failslab+0x5/0x20 [ 1379.852398] kmem_cache_alloc+0x5b/0x310 [ 1379.852899] security_file_alloc+0x34/0x170 [ 1379.853422] __alloc_file+0xb7/0x320 [ 1379.853881] alloc_empty_file+0x6d/0x170 [ 1379.854381] alloc_file+0x5e/0x5a0 [ 1379.854821] alloc_file_pseudo+0x16a/0x250 [ 1379.855333] ? alloc_file+0x5a0/0x5a0 [ 1379.855815] anon_inode_getfile+0xc8/0x1f0 [ 1379.856332] io_uring_setup+0x138b/0x2980 21:26:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:52 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) 21:26:52 executing program 7: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xa0200, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000010, 0x11, r0, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x8010, r0, 0x10000000) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x4, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1}, 0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) [ 1379.856847] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.857643] ? wait_for_completion_io+0x270/0x270 [ 1379.858298] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.858931] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.859564] do_syscall_64+0x33/0x40 [ 1379.860018] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.860647] RIP: 0033:0x7f38f4330b19 [ 1379.861094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.863314] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.864237] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1379.865093] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.865957] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.866835] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.867699] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.870423] FAULT_INJECTION: forcing a failure. [ 1379.870423] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.871829] CPU: 1 PID: 8533 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1379.872650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.873648] Call Trace: [ 1379.873965] dump_stack+0x107/0x167 [ 1379.874404] should_fail.cold+0x5/0xa [ 1379.874867] ? xas_alloc+0x336/0x440 [ 1379.875314] should_failslab+0x5/0x20 [ 1379.875783] kmem_cache_alloc+0x5b/0x310 [ 1379.876273] xas_alloc+0x336/0x440 [ 1379.876703] xas_create+0x34a/0x10d0 [ 1379.877162] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1379.877790] xas_store+0x8c/0x1c40 [ 1379.878231] __xa_store+0x164/0x2d0 [ 1379.878677] ? xa_delete_node+0x280/0x280 [ 1379.879181] ? trace_hardirqs_on+0x5b/0x180 [ 1379.879714] xa_store+0x31/0x50 [ 1379.880114] __io_uring_add_tctx_node+0x1cf/0x520 [ 1379.880692] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1379.881317] ? alloc_fd+0x2e7/0x670 [ 1379.881762] io_uring_setup+0x1fbb/0x2980 [ 1379.882266] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.882875] ? wait_for_completion_io+0x270/0x270 [ 1379.883473] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.884123] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.884765] do_syscall_64+0x33/0x40 [ 1379.885226] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.885859] RIP: 0033:0x7f2d330fab19 [ 1379.886318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.888598] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.889534] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1379.890412] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.891299] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.892184] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.893065] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1379.904373] audit: type=1326 audit(1778448412.117:3211): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1379.909742] audit: type=1326 audit(1778448412.117:3212): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:26:52 executing program 4: pread64(0xffffffffffffffff, &(0x7f0000000000)=""/249, 0xf9, 0x7) creat(&(0x7f0000000100)='./file0\x00', 0x80) 21:26:52 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r8, r7, &(0x7f0000000d40)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0xa, &(0x7f0000000780)={0x77359400}}, 0x10001) recvmmsg(0xffffffffffffffff, &(0x7f0000000bc0)=[{{&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000340)=""/194, 0xc2}, {&(0x7f0000000080)=""/189, 0xbd}, {&(0x7f0000000440)=""/234, 0xea}, {&(0x7f0000000180)=""/96, 0x60}, {&(0x7f0000000240)=""/53, 0x35}, {&(0x7f0000000280)=""/38, 0x26}], 0x6, &(0x7f00000005c0)=""/224, 0xe0}, 0x3}, {{&(0x7f00000006c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000740)=""/35, 0x23}, {&(0x7f0000000780)}, {&(0x7f00000007c0)=""/21, 0x15}, {&(0x7f0000000800)=""/154, 0x9a}, {&(0x7f00000008c0)=""/101, 0x65}], 0x5, &(0x7f00000009c0)=""/16, 0x10}, 0x1ff}, {{&(0x7f0000000a00)=@isdn, 0x80, &(0x7f0000000b80)=[{&(0x7f0000000a80)=""/238, 0xee}], 0x1}, 0x401}], 0x3, 0x40000000, &(0x7f0000000c80)={0x0, 0x989680}) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r7, &(0x7f0000000d00)=@IORING_OP_SEND={0x1a, 0x3, 0x0, r9, 0x0, &(0x7f0000000cc0)="8ad8c6a572061ba0a572ec51cc7716097803eab142e1314e5154af3ffbdf690a42f5c67a7553", 0x26, 0x10, 0x1, {0x0, r10}}, 0x80000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1379.915342] FAULT_INJECTION: forcing a failure. [ 1379.915342] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.916949] CPU: 1 PID: 8542 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1379.917764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.918744] Call Trace: [ 1379.919063] dump_stack+0x107/0x167 [ 1379.919518] should_fail.cold+0x5/0xa [ 1379.919974] ? io_wq_create+0x6ef/0xc00 [ 1379.920450] should_failslab+0x5/0x20 [ 1379.920903] kmem_cache_alloc_node_trace+0x59/0x340 [ 1379.921493] io_wq_create+0x6ef/0xc00 [ 1379.921949] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1379.922555] ? io_import_iovec+0x1120/0x1120 [ 1379.923076] ? io_apoll_task_func+0x2d0/0x2d0 [ 1379.923611] ? __io_req_find_next+0x300/0x300 [ 1379.924142] ? do_raw_spin_lock+0x121/0x260 [ 1379.924654] ? rwlock_bug.part.0+0x90/0x90 [ 1379.925159] __io_uring_add_tctx_node+0x2c6/0x520 [ 1379.925730] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1379.926348] ? alloc_fd+0x2e7/0x670 [ 1379.926785] io_uring_setup+0x1fbb/0x2980 [ 1379.927278] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1379.927886] ? wait_for_completion_io+0x270/0x270 [ 1379.928471] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.929104] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.929711] do_syscall_64+0x33/0x40 [ 1379.930147] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1379.930747] RIP: 0033:0x7f606cee6b19 [ 1379.931181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.933361] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.934267] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1379.934727] audit: type=1326 audit(1778448412.119:3213): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1379.935101] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1379.935108] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1379.935114] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1379.935121] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:26:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:26:52 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) [ 1380.000968] audit: type=1326 audit(1778448412.120:3214): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1380.025083] audit: type=1326 audit(1778448412.120:3215): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1380.040442] FAULT_INJECTION: forcing a failure. [ 1380.040442] name failslab, interval 1, probability 0, space 0, times 0 [ 1380.041775] CPU: 1 PID: 8551 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1380.042548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1380.043498] Call Trace: [ 1380.043811] dump_stack+0x107/0x167 [ 1380.044226] should_fail.cold+0x5/0xa [ 1380.044665] ? create_object.isra.0+0x3a/0xa30 [ 1380.045183] should_failslab+0x5/0x20 [ 1380.045614] kmem_cache_alloc+0x5b/0x310 [ 1380.046077] create_object.isra.0+0x3a/0xa30 [ 1380.046575] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1380.047045] audit: type=1326 audit(1778448412.120:3216): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1380.047156] kmem_cache_alloc_trace+0x151/0x320 [ 1380.052458] io_uring_alloc_task_context+0x99/0x6a0 [ 1380.053025] ? io_import_iovec+0x1120/0x1120 [ 1380.053522] ? lock_downgrade+0x6d0/0x6d0 [ 1380.053990] ? do_raw_spin_lock+0x121/0x260 [ 1380.054474] ? rwlock_bug.part.0+0x90/0x90 [ 1380.054956] __io_uring_add_tctx_node+0x2c6/0x520 [ 1380.055515] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1380.056109] ? alloc_fd+0x2e7/0x670 [ 1380.056532] io_uring_setup+0x1fbb/0x2980 [ 1380.057010] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1380.057596] ? wait_for_completion_io+0x270/0x270 [ 1380.058158] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1380.058754] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1380.059341] do_syscall_64+0x33/0x40 [ 1380.059781] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1380.060363] RIP: 0033:0x7f38f4330b19 [ 1380.060783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1380.062858] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1380.063546] audit: type=1326 audit(1778448412.120:3217): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1380.063727] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1380.063740] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1380.070134] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1380.070938] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1380.071753] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1380.072221] audit: type=1326 audit(1778448412.120:3218): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8538 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3800004, 0x2010, r0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:27:07 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:27:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) 21:27:07 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) 21:27:07 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) fcntl$setown(r0, 0x8, r1) r2 = syz_open_procfs(r1, &(0x7f0000000000)='attr/fscreate\x00') pread64(r2, &(0x7f0000000040)=""/238, 0xee, 0x7) readv(r2, &(0x7f0000000200)=[{&(0x7f0000000140)=""/182, 0xb6}], 0x1) 21:27:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:07 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r1, 0x4, 0x58, 0x1000003) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/hid_logitech', 0x347882, 0x80) io_uring_enter(r2, 0x5645, 0xf7f8, 0x3, &(0x7f0000000040)={[0x2]}, 0x8) 21:27:07 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) [ 1395.449319] kauditd_printk_skb: 27 callbacks suppressed [ 1395.449338] audit: type=1326 audit(1778448427.661:3246): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1395.454147] FAULT_INJECTION: forcing a failure. [ 1395.454147] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.458277] CPU: 1 PID: 8564 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1395.459861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.461759] Call Trace: [ 1395.462371] dump_stack+0x107/0x167 [ 1395.462609] FAULT_INJECTION: forcing a failure. [ 1395.462609] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.463207] should_fail.cold+0x5/0xa [ 1395.463233] ? create_object.isra.0+0x3a/0xa30 [ 1395.463259] should_failslab+0x5/0x20 [ 1395.468516] kmem_cache_alloc+0x5b/0x310 [ 1395.469441] create_object.isra.0+0x3a/0xa30 [ 1395.470429] kmemleak_alloc_percpu+0xa0/0x100 [ 1395.471441] pcpu_alloc+0x4e2/0x1240 [ 1395.472320] __percpu_counter_init+0x10d/0x2d0 [ 1395.473355] io_uring_alloc_task_context+0xcc/0x6a0 [ 1395.474471] ? io_import_iovec+0x1120/0x1120 [ 1395.475457] ? lock_downgrade+0x6d0/0x6d0 [ 1395.476409] ? do_raw_spin_lock+0x121/0x260 [ 1395.477384] ? rwlock_bug.part.0+0x90/0x90 [ 1395.478344] __io_uring_add_tctx_node+0x2c6/0x520 [ 1395.479421] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1395.480604] ? alloc_fd+0x2e7/0x670 [ 1395.481434] io_uring_setup+0x1fbb/0x2980 [ 1395.482371] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.483503] ? wait_for_completion_io+0x270/0x270 [ 1395.484619] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.485797] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.486971] do_syscall_64+0x33/0x40 [ 1395.487824] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.488983] RIP: 0033:0x7f38f4330b19 [ 1395.489834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.493965] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.495690] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1395.497284] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.498884] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.500489] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.502086] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1395.503740] CPU: 0 PID: 8567 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1395.505325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.506123] FAULT_INJECTION: forcing a failure. [ 1395.506123] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.507188] Call Trace: [ 1395.507224] dump_stack+0x107/0x167 [ 1395.507252] should_fail.cold+0x5/0xa [ 1395.511965] ? create_object.isra.0+0x3a/0xa30 [ 1395.512996] should_failslab+0x5/0x20 [ 1395.513863] kmem_cache_alloc+0x5b/0x310 [ 1395.514782] ? mark_held_locks+0x9e/0xe0 [ 1395.515712] create_object.isra.0+0x3a/0xa30 [ 1395.516705] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1395.517863] kmem_cache_alloc+0x159/0x310 [ 1395.518816] xas_alloc+0x336/0x440 [ 1395.519635] xas_create+0x34a/0x10d0 [ 1395.520498] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1395.521683] xas_store+0x8c/0x1c40 [ 1395.522504] __xa_store+0x164/0x2d0 [ 1395.523335] ? xa_delete_node+0x280/0x280 [ 1395.524290] ? trace_hardirqs_on+0x5b/0x180 [ 1395.525272] xa_store+0x31/0x50 [ 1395.526021] __io_uring_add_tctx_node+0x1cf/0x520 [ 1395.527106] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1395.528288] ? alloc_fd+0x2e7/0x670 [ 1395.529130] io_uring_setup+0x1fbb/0x2980 [ 1395.530082] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.531230] ? wait_for_completion_io+0x270/0x270 [ 1395.532360] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.533537] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.534702] do_syscall_64+0x33/0x40 [ 1395.535546] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.536706] RIP: 0033:0x7f2d330fab19 [ 1395.537545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.541675] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.543388] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1395.544999] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.546601] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.548220] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.549822] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1395.551481] CPU: 1 PID: 8569 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1395.553088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.554956] Call Trace: [ 1395.555568] dump_stack+0x107/0x167 [ 1395.556401] should_fail.cold+0x5/0xa [ 1395.557262] ? __alloc_file+0x21/0x320 [ 1395.558139] should_failslab+0x5/0x20 [ 1395.558998] kmem_cache_alloc+0x5b/0x310 [ 1395.559933] __alloc_file+0x21/0x320 [ 1395.560774] alloc_empty_file+0x6d/0x170 [ 1395.561711] alloc_file+0x5e/0x5a0 [ 1395.562528] alloc_file_pseudo+0x16a/0x250 [ 1395.563481] ? alloc_file+0x5a0/0x5a0 [ 1395.564370] anon_inode_getfile+0xc8/0x1f0 [ 1395.565334] io_uring_setup+0x138b/0x2980 [ 1395.566282] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.567421] ? wait_for_completion_io+0x270/0x270 [ 1395.568548] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.569732] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.570899] do_syscall_64+0x33/0x40 [ 1395.571755] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.572911] RIP: 0033:0x7ff29b41cb19 [ 1395.573755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.577905] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.579630] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1395.581232] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.582833] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.584446] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.586049] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1395.591816] audit: type=1326 audit(1778448427.803:3247): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1395.594958] FAULT_INJECTION: forcing a failure. [ 1395.594958] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.599304] CPU: 1 PID: 8566 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1395.600872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.602739] Call Trace: [ 1395.603343] dump_stack+0x107/0x167 [ 1395.604183] should_fail.cold+0x5/0xa [ 1395.605045] ? xas_alloc+0x336/0x440 [ 1395.605882] should_failslab+0x5/0x20 [ 1395.606738] kmem_cache_alloc+0x5b/0x310 [ 1395.607662] ? stack_trace_consume_entry+0x160/0x160 [ 1395.608808] xas_alloc+0x336/0x440 [ 1395.609615] xas_create+0x34a/0x10d0 [ 1395.610469] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1395.611666] xas_store+0x8c/0x1c40 [ 1395.612495] __xa_store+0x164/0x2d0 [ 1395.613320] ? xa_delete_node+0x280/0x280 [ 1395.614261] ? trace_hardirqs_on+0x5b/0x180 [ 1395.615240] xa_store+0x31/0x50 [ 1395.615999] __io_uring_add_tctx_node+0x1cf/0x520 [ 1395.617081] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1395.618256] ? alloc_fd+0x2e7/0x670 [ 1395.619089] io_uring_setup+0x1fbb/0x2980 [ 1395.620044] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.621177] ? wait_for_completion_io+0x270/0x270 [ 1395.622288] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.623467] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.624639] do_syscall_64+0x33/0x40 [ 1395.625483] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.626637] RIP: 0033:0x7f606cee6b19 [ 1395.627473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.631642] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.633347] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1395.634959] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.636565] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.638170] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.639783] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') ioctl$int_out(r0, 0xabd56121fbb4c1e4, &(0x7f0000000140)) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) pread64(r0, &(0x7f0000000180)=""/83, 0x53, 0xffffffffffffffcd) [ 1395.653279] audit: type=1326 audit(1778448427.865:3248): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1395.658337] audit: type=1326 audit(1778448427.866:3249): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd=r2, 0x1, 0x0, 0x4, 0x0, 0x0, {0x0, r3}}, 0x9) [ 1395.677487] audit: type=1326 audit(1778448427.871:3250): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1e91e61a04 code=0x7ffc0000 [ 1395.699096] audit: type=1326 audit(1778448427.871:3251): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f1e91eb0107 code=0x7ffc0000 21:27:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1395.718682] audit: type=1326 audit(1778448427.871:3252): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:07 executing program 6: sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="222bade89a4749dd2c4fb3113c4e2ebf1f2ed0becb04ccaaea01cadec905fa63dc68a96fb3488a53a5c6eec7c944ce4dc893f5906f7e22e3c3e605661dd2e8e14dc64a4d5bf40525ddec96c7254c68", 0x4f}, {&(0x7f0000000080)="6a1895dba3d5892fe3e7880e06ea36966152135aea10951df043e4913f7e33f4690f6f8d0e934c87af6d984246e5f7d11c392410fe25a834a408a664d4360a27b7a81be6cec3bfe53773ee5133e33c6b22c8824325920c3f9d6dd72ba614fe37b7a51013188c41911cc6fdc0061cd0d5fae9eec788538c862885cbd768047916b8f2df7a325f120c715b0bd4bbbf361f78db98c74d5749632a54e9251986f4d41b", 0xa1}, {&(0x7f0000000b40)="6722bcf31bf353dfd70313ff7edf36012f280644f992d1e36a7804ed9cae51c9dea0419117e7b8031ac1359f518a3ed7acfa04328c7ccd8f1f2c87fdf1bfd2b9e79705f94d81e29a08f089af73c1ac801bcf802e5f92d99909fc408350556532c4b11e4e1ef75c2065bd25df9212b688d1d6c61c3c57b682d367aa6d99d6f68693835cf5f1d06110a93eb0416c97ed97493dcde8ef808e63a298c5e320c73db6fa954f655be65dcaf5bb49ceb71443eb674e6f91ff73bb669d1c68a49be62e44045330fb86a983ea350856449641d5a7a3b1e3d7be3da373ee9c9e947fbf796cdf8ac4b1588d2b24978b615d1d9b489db17b2f581230dbd545eee51bd94ebbbecc82a6085136a21d68e28c451df851675e2e0aa6e1985aa61ae26af3fb4c3868716fade1ff306cb58b18d66485d35abc18b7980c42300dd9a28cf33f2040fb7ddbd6407d33f28ad024", 0x149}, {&(0x7f0000000180)="ce401402e4bb3ca441d3a32e2d869af82bef62db48fa3b7b92819d26cfea07fc770ccc8d0c7eea066abc76da", 0x2c}, {&(0x7f0000000400)="30e2fcb784aa19ef0486f84d7023dfbce84826cd87ffc0b2766572c4d862ef563dcca8c4c23a7c071c0b12820b6daaaed032349bac7fa2da450795153797ade06ce2e3e223f3be07f7ea8b11bca9b747a5968e4db0fb978edc635af2a8b7bb09fac6f3e429187b9a78be239a44ad272b7fad36939c8b99080974e92c28ed6ceb9cae0ff000d25f5b458adf85ebf59e5e168233bbd791fa055cb1e6afd054dc4c1f80da384a4bbcbb142f5d71d2a5d1dc160f7b73e33c770d537745f05e0f307bbb43dbd881e62c", 0xc7}, {&(0x7f0000000500)="77695cb4e74cefe7c0f17d53788882c150d3b2caf6b5cb17ded631f328a0cee4c00798983cf52806be3ce98bb6937dc277786f42080f18fa9db5013214254edba1c69d912e01aeffa6bb9cbb1d0841376a35b893eb62000eda330c256c97dd1d7971fb900800695558e956de0079c82328e258065798755986c021d5046eb1ae0c0f2cf0898c5a9f41f5ef954fc9dbb3aac23034854f0ff3edd7b0da5081b3f6e94ec6c4a7f4c561e8afd8450ccf7950c13799c38c5d2daed63dd7961d6bec74eced19c49c", 0xc5}, {&(0x7f0000000d00)="4f5181dc35c37c37ed630dc8957cde6eadc113af060618df3297cc9f551d20e72046677d5c32dffba243ce51a75c748574af6495ae80f5f926a0dd89a197829c49eec69dd4c0bd870dbaaa2f0a5529fb414ca0ed3c5e9a3bcc23c389b077227048042f2a8d71438b25d90b45f6205a3c5b3482a7933d9d4f345d443b0a01dadbb120d64d4baeecff05e0daf795a1312d8e84eae291da04db00dd232376794605d9bb1d390e9ca7edf502734b6ded9df39145f90c29e90eb3f00277b1055e24669cd27190d09fc3220f406872a5ee997358c6427d80886d038ca4bc912deac5de658d646da08bee7aaf9e789ea3d4c6b0b189325e95ec353fb2285238cc6f57a9647ea0c2a9733d9b579aebd0a2af3d7e25504070955590718b226cc191a1bea644f88b19ea00"/315, 0x13b}, {&(0x7f0000000600)="c5138fec1a5d1871ef4496ea9454a572ec164e154d9b2fd86fdf54d2d95a0317304122dd17c86211d9b0c0a89e822b002b59b7343250197c0c49c04eb1420d530f822614cd9f", 0x46}], 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="10000000000000000b01000001000000e8000000000000000100000003000000718cc6e626bac2b1b61be4c16e26abea554d28db8bd2cca544715d90614a83bd7a716272828a2484c6a408a1985d72443f1fb102ea7108bfdc842672c3112d3385f2ea2bf06f872568cb0d75f9eb42f7ae31445d79b764944871e62b93c57c863b4bd8c590889c73e09a0144be70f6cb86fb2314801d6e92e74ddd20087c941808c007e0f105fa4f1e98c06d1697e58689ded7b90ee9f51619e0463908e426c89ce65ebc3c10b94c8c0ac589a0eb11d39559ad07cc68c523b19abfb2069dd00fce2f0f1854d0406930f599b80000f80000000000000014010000db000000973e84c22f91ba51264ead372746e1c40ee67a34c178c41366b91512f382bd11c78bba09b9aed173f17c7368cd9a430969e46098b653b9b6853a1a587c89eace154b036e2ad2fddce7b717226b58c1e823107e91b6140d53ffa8e28e4c079309fb65acaca23d442c9319609ac2078306a6e0153e354bcc5d906f5ea9c487037dab941fb1512821a69e9501d09d12a3a6374cb27da2610f9f4f7d940ff20e859e5a83609641ab12c482a09d3f6af826d05584be5fb3bb62cd9ec686f6c97c522834f5daf5093b7d973d781804866a97ed8dbb30c18468b122b8457e9911b2b0cf7fe2ba02000000009800000000000000110100000300020013f52e07c3baf3523dbd4b2cc94be47894ca19a81809005d710506c54a76bb7acb2edbb899c01ebf9a001639de9951855e53b4527c64c9161e36007c082a5f8fb19680a6df8de314b2e9a4339f508096fd55e21aa40937397fbae1dff24e8acda367db5f0c52206de050ec69dd2bef0a17ccc191356526c8ccc8c255ffa92e558ce759cf65c7000048000000000000001601000002000000944aedcd9bd8f0eb67b01eff95099319d52c583767ec5695997f3600df848e18830619bad7d70269051840e8da0654312e36a0000000000088000000000000002900000001800000efea10fb45f345841b87704398b2c8ed77ae9786aead3e8951ac64c2d03d948ac2b56fb31d44cd356503b26776b6746597aed3e300ff2994df2e42397ed3ab4d1d461ad6200cbd0911ebfe2b62c4aed16e576c8328910d1f1a3eb73f0eaa713e586029ea17c9520daac96089b724f0059863000000000000a0000000000000000501000006000000ad83d49325b362304058e62ab3238018b44bf321c0ff2d4b7bd2fd4a12b1d3c1cc75930e73b13aa55f223ce3dbbf069f99a10571d0cf25b23bc5f7ddebdc3281d768f22beb67537214d81f766226202f3732a870b53cfe2e4d65522ba9a2eceb385712937ee8eb785ba692be547280364d224adc4f00a617984b8deb0fbc05c02376270ee83b299b4df196a79a4ac40028000000000000001100000000000000842891517918e0a242764ff1f5592ca55f00"/1056], 0x420}, 0x20000000) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) lsetxattr$security_capability(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000cc0)=@v1={0x1000000, [{0x0, 0x11}]}, 0xc, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000e40)={{0x1, 0x1, 0x18, r0, {0xe0000000}}, './file0\x00'}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r2) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000e80)={{{@in=@dev={0xac, 0x14, 0x14, 0x41}, @in=@private=0xa010100, 0x4e23, 0x3, 0x4e22, 0x0, 0x0, 0xa0, 0x80, 0x89, 0x0, r2}, {0xd887, 0xde, 0x100000000, 0x7f, 0x7, 0x6a3, 0x6}, {0x3f, 0x6, 0x200, 0x5}, 0x81, 0x6e6bb3, 0x2, 0x1, 0x2}, {{@in=@loopback, 0x4d4, 0x32}, 0xa, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3505, 0x4, 0x1, 0x7, 0x6, 0x9f, 0x9}}, 0xe8) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x3661, &(0x7f00000002c0)={0x0, 0x2579, 0x1, 0x2, 0x84, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000340)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) io_uring_enter(r0, 0x220f, 0x92d4, 0x1, &(0x7f0000000280)={[0x7]}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x9dba5a81da1fe4b8, 0x11, r0, 0x0) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) io_uring_enter(r4, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r4, 0x265a, 0x842b, 0x1, &(0x7f0000000240)={[0x1]}, 0x8) [ 1395.735142] audit: type=1326 audit(1778448427.871:3253): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f1e91eb0107 code=0x7ffc0000 [ 1395.768197] audit: type=1326 audit(1778448427.871:3254): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1e91e6172b code=0x7ffc0000 [ 1395.787158] audit: type=1326 audit(1778448427.871:3255): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8562 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:08 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) 21:27:08 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) 21:27:08 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_setup(0x79c6, &(0x7f0000000000)={0x0, 0xf6c, 0x38, 0x3, 0x1bf}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000100)=@IORING_OP_MADVISE={0x19, 0x6, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xb, 0x1}, 0x68f91f4a) 21:27:08 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1395.899384] FAULT_INJECTION: forcing a failure. [ 1395.899384] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.902035] CPU: 0 PID: 8594 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1395.903596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.905498] Call Trace: [ 1395.906105] dump_stack+0x107/0x167 [ 1395.906941] should_fail.cold+0x5/0xa [ 1395.907799] ? create_object.isra.0+0x3a/0xa30 [ 1395.908714] should_failslab+0x5/0x20 [ 1395.909164] FAULT_INJECTION: forcing a failure. [ 1395.909164] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.909473] kmem_cache_alloc+0x5b/0x310 [ 1395.909511] create_object.isra.0+0x3a/0xa30 [ 1395.913701] kmemleak_alloc_percpu+0xa0/0x100 [ 1395.914609] pcpu_alloc+0x4e2/0x1240 [ 1395.915379] __percpu_counter_init+0x10d/0x2d0 [ 1395.916303] io_uring_alloc_task_context+0xcc/0x6a0 [ 1395.917300] ? io_import_iovec+0x1120/0x1120 [ 1395.918168] ? lock_downgrade+0x6d0/0x6d0 [ 1395.918995] ? do_raw_spin_lock+0x121/0x260 [ 1395.919860] ? rwlock_bug.part.0+0x90/0x90 [ 1395.920706] __io_uring_add_tctx_node+0x2c6/0x520 [ 1395.921663] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1395.922702] ? alloc_fd+0x2e7/0x670 [ 1395.923445] io_uring_setup+0x1fbb/0x2980 [ 1395.924302] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.925305] ? wait_for_completion_io+0x270/0x270 [ 1395.926294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.927336] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.928374] do_syscall_64+0x33/0x40 [ 1395.929120] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.930138] RIP: 0033:0x7f38f4330b19 [ 1395.930881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.934525] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.936041] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1395.937458] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.938875] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.940299] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.941719] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1395.943172] CPU: 1 PID: 8595 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1395.944764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.946630] Call Trace: [ 1395.947229] dump_stack+0x107/0x167 [ 1395.948057] should_fail.cold+0x5/0xa [ 1395.948917] ? create_object.isra.0+0x3a/0xa30 [ 1395.949942] should_failslab+0x5/0x20 [ 1395.950799] kmem_cache_alloc+0x5b/0x310 [ 1395.951727] create_object.isra.0+0x3a/0xa30 [ 1395.952717] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1395.953864] kmem_cache_alloc+0x159/0x310 [ 1395.954810] xas_alloc+0x336/0x440 [ 1395.955620] xas_create+0x34a/0x10d0 [ 1395.956482] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1395.957658] xas_store+0x8c/0x1c40 [ 1395.958476] __xa_store+0x164/0x2d0 [ 1395.959297] ? xa_delete_node+0x280/0x280 [ 1395.960262] ? trace_hardirqs_on+0x5b/0x180 [ 1395.961244] xa_store+0x31/0x50 [ 1395.961994] __io_uring_add_tctx_node+0x1cf/0x520 [ 1395.963082] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1395.964258] ? alloc_fd+0x2e7/0x670 [ 1395.965086] io_uring_setup+0x1fbb/0x2980 [ 1395.966030] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1395.967168] ? wait_for_completion_io+0x270/0x270 [ 1395.968284] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.969457] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.970621] do_syscall_64+0x33/0x40 [ 1395.971458] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.972623] RIP: 0033:0x7f606cee6b19 [ 1395.973460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.977586] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1395.979282] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1395.980885] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1395.982479] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1395.984077] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1395.985668] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:08 executing program 6: r0 = syz_io_uring_setup(0x7d05, &(0x7f00000002c0)={0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:27:08 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:27:08 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) 21:27:08 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1396.089388] FAULT_INJECTION: forcing a failure. [ 1396.089388] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.091552] CPU: 0 PID: 8604 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1396.092861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.094445] Call Trace: [ 1396.094956] dump_stack+0x107/0x167 [ 1396.095664] should_fail.cold+0x5/0xa [ 1396.096400] ? xas_alloc+0x336/0x440 [ 1396.097116] should_failslab+0x5/0x20 [ 1396.097842] kmem_cache_alloc+0x5b/0x310 [ 1396.098630] xas_alloc+0x336/0x440 [ 1396.099310] xas_create+0x34a/0x10d0 [ 1396.100048] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1396.101052] xas_store+0x8c/0x1c40 [ 1396.101748] __xa_store+0x164/0x2d0 [ 1396.102450] ? xa_delete_node+0x280/0x280 [ 1396.103260] ? trace_hardirqs_on+0x5b/0x180 [ 1396.104115] xa_store+0x31/0x50 [ 1396.104753] __io_uring_add_tctx_node+0x1cf/0x520 21:27:08 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x50, r2, 0x3, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}, @NLBL_UNLABEL_A_SECCTX={0x13, 0x7, '/usr/sbin/ntpd\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}]}, 0x50}}, 0x0) r3 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000500), r4) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000500), r5) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x20, r7, 0x1, 0x0, 0x0, {0x2e}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x0) sendmsg$IEEE802154_LLSEC_LIST_KEY(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, r7, 0x800, 0x70bd27, 0x25dfdbff, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8008}, 0x4000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) [ 1396.105900] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1396.106905] ? alloc_fd+0x2e7/0x670 [ 1396.107630] io_uring_setup+0x1fbb/0x2980 [ 1396.108442] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1396.109413] ? wait_for_completion_io+0x270/0x270 [ 1396.110361] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.111366] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.112378] do_syscall_64+0x33/0x40 [ 1396.113097] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1396.114088] RIP: 0033:0x7f2d330fab19 [ 1396.114803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.118304] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1396.119783] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1396.121167] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1396.122557] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1396.123947] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1396.125343] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1396.150260] FAULT_INJECTION: forcing a failure. [ 1396.150260] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.152963] CPU: 1 PID: 8610 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1396.154542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.156461] Call Trace: [ 1396.157075] dump_stack+0x107/0x167 [ 1396.157923] should_fail.cold+0x5/0xa [ 1396.158806] ? create_object.isra.0+0x3a/0xa30 [ 1396.159861] should_failslab+0x5/0x20 [ 1396.160739] kmem_cache_alloc+0x5b/0x310 [ 1396.161687] create_object.isra.0+0x3a/0xa30 [ 1396.162698] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1396.163888] kmem_cache_alloc+0x159/0x310 [ 1396.164856] __alloc_file+0x21/0x320 [ 1396.165716] alloc_empty_file+0x6d/0x170 [ 1396.166651] alloc_file+0x5e/0x5a0 [ 1396.167480] alloc_file_pseudo+0x16a/0x250 [ 1396.168473] ? alloc_file+0x5a0/0x5a0 [ 1396.169378] anon_inode_getfile+0xc8/0x1f0 [ 1396.170361] io_uring_setup+0x138b/0x2980 [ 1396.171327] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1396.172516] ? wait_for_completion_io+0x270/0x270 [ 1396.173694] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.174908] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.176109] do_syscall_64+0x33/0x40 [ 1396.176949] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1396.178099] RIP: 0033:0x7ff29b41cb19 [ 1396.178959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.183212] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1396.184975] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1396.186619] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1396.188269] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1396.189917] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1396.191563] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:08 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) 21:27:08 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x94d1, 0x0, 0x0, 0x2000}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1396.231487] FAULT_INJECTION: forcing a failure. [ 1396.231487] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.233539] CPU: 0 PID: 8614 Comm: syz-executor.3 Not tainted 5.10.255 #1 21:27:08 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00e|\x00./file0\x00\x00']) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x2000002, 0x1010, r2, 0x0) r3 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x2) [ 1396.234681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.236254] Call Trace: [ 1396.236703] dump_stack+0x107/0x167 [ 1396.237309] should_fail.cold+0x5/0xa [ 1396.237948] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1396.238819] should_failslab+0x5/0x20 [ 1396.239452] kmem_cache_alloc_trace+0x55/0x320 [ 1396.240226] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1396.241068] ? io_import_iovec+0x1120/0x1120 [ 1396.241799] ? lock_downgrade+0x6d0/0x6d0 [ 1396.242490] ? do_raw_spin_lock+0x121/0x260 [ 1396.243205] ? rwlock_bug.part.0+0x90/0x90 [ 1396.243922] __io_uring_add_tctx_node+0x2c6/0x520 [ 1396.244728] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1396.245590] ? alloc_fd+0x2e7/0x670 [ 1396.246204] io_uring_setup+0x1fbb/0x2980 [ 1396.246898] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1396.247740] ? wait_for_completion_io+0x270/0x270 [ 1396.248562] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.249426] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.250278] do_syscall_64+0x33/0x40 [ 1396.250894] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1396.251740] RIP: 0033:0x7f38f4330b19 [ 1396.252356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.255356] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1396.256612] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1396.257779] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1396.258946] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1396.260130] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1396.261341] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1409.970478] FAULT_INJECTION: forcing a failure. [ 1409.970478] name failslab, interval 1, probability 0, space 0, times 0 [ 1409.972970] CPU: 1 PID: 8629 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1409.974425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1409.976198] Call Trace: [ 1409.976765] dump_stack+0x107/0x167 [ 1409.977544] should_fail.cold+0x5/0xa [ 1409.978393] ? ___slab_alloc+0x155/0x700 [ 1409.979394] ? create_object.isra.0+0x3a/0xa30 [ 1409.980511] should_failslab+0x5/0x20 [ 1409.981437] kmem_cache_alloc+0x5b/0x310 [ 1409.982447] create_object.isra.0+0x3a/0xa30 [ 1409.983530] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1409.984784] kmem_cache_alloc+0x159/0x310 [ 1409.985798] xas_alloc+0x336/0x440 [ 1409.986659] xas_create+0x34a/0x10d0 [ 1409.987583] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1409.988857] xas_store+0x8c/0x1c40 [ 1409.989751] __xa_store+0x164/0x2d0 [ 1409.990641] ? xa_delete_node+0x280/0x280 [ 1409.991677] ? trace_hardirqs_on+0x5b/0x180 [ 1409.992765] xa_store+0x31/0x50 [ 1409.993588] __io_uring_add_tctx_node+0x1cf/0x520 [ 1409.994756] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1409.996056] ? alloc_fd+0x2e7/0x670 [ 1409.996977] io_uring_setup+0x1fbb/0x2980 [ 1409.998018] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1409.999269] ? wait_for_completion_io+0x270/0x270 [ 1410.000507] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.001778] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.003056] do_syscall_64+0x33/0x40 [ 1410.003987] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.005246] RIP: 0033:0x7f2d330fab19 [ 1410.006153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.010652] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.012528] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1410.014256] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1410.015997] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1410.017716] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1410.019435] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:22 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) 21:27:22 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:27:22 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:22 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x1010, r0, 0x0) io_uring_enter(r0, 0x1d3, 0x6735, 0x1, &(0x7f0000000040)={[0x9]}, 0x8) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) 21:27:22 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) 21:27:22 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) 21:27:22 executing program 4: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x1) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xdce}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r1, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1410.075567] FAULT_INJECTION: forcing a failure. [ 1410.075567] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.077156] CPU: 0 PID: 8639 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1410.078066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.079181] Call Trace: [ 1410.079540] dump_stack+0x107/0x167 [ 1410.080038] should_fail.cold+0x5/0xa [ 1410.080557] ? xas_alloc+0x336/0x440 [ 1410.081059] should_failslab+0x5/0x20 [ 1410.081571] kmem_cache_alloc+0x5b/0x310 [ 1410.082124] xas_alloc+0x336/0x440 [ 1410.082610] xas_create+0x34a/0x10d0 [ 1410.083120] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.083833] xas_store+0x8c/0x1c40 [ 1410.084321] __xa_store+0x164/0x2d0 [ 1410.084810] ? xa_delete_node+0x280/0x280 [ 1410.085369] ? trace_hardirqs_on+0x5b/0x180 [ 1410.085952] xa_store+0x31/0x50 [ 1410.086401] __io_uring_add_tctx_node+0x1cf/0x520 [ 1410.087037] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1410.087725] ? alloc_fd+0x2e7/0x670 [ 1410.088223] io_uring_setup+0x1fbb/0x2980 [ 1410.088783] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1410.089447] ? wait_for_completion_io+0x270/0x270 [ 1410.090106] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.090798] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.091482] do_syscall_64+0x33/0x40 [ 1410.091979] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.092663] RIP: 0033:0x7f606cee6b19 [ 1410.093154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.095588] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.096604] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1410.097547] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1410.098488] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1410.099427] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1410.100367] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:22 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x800000, 0x10, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000140)) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x10058ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x291c, &(0x7f0000000080)={0x0, 0x6d52, 0x2, 0x0, 0xf8, 0x0, r2}, &(0x7f0000003000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000100)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000006, 0x53, r1, 0x0) [ 1410.106597] FAULT_INJECTION: forcing a failure. [ 1410.106597] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.108118] CPU: 0 PID: 8640 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1410.109017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.110112] Call Trace: [ 1410.110467] dump_stack+0x107/0x167 [ 1410.110956] should_fail.cold+0x5/0xa [ 1410.111460] ? security_file_alloc+0x34/0x170 [ 1410.112056] should_failslab+0x5/0x20 [ 1410.112559] kmem_cache_alloc+0x5b/0x310 [ 1410.113094] security_file_alloc+0x34/0x170 [ 1410.113676] __alloc_file+0xb7/0x320 [ 1410.114170] alloc_empty_file+0x6d/0x170 [ 1410.114721] alloc_file+0x5e/0x5a0 [ 1410.115193] alloc_file_pseudo+0x16a/0x250 [ 1410.115748] ? alloc_file+0x5a0/0x5a0 [ 1410.116268] anon_inode_getfile+0xc8/0x1f0 [ 1410.116830] io_uring_setup+0x138b/0x2980 [ 1410.117387] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1410.118050] ? wait_for_completion_io+0x270/0x270 [ 1410.118716] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.119410] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.120110] do_syscall_64+0x33/0x40 [ 1410.120607] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.121282] RIP: 0033:0x7ff29b41cb19 [ 1410.121768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:27:22 executing program 4: getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f0000000140)={'TPROXY\x00'}, &(0x7f0000000180)=0x1e) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, 0xffffffffffffffff, 0x0) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x80010, r1, 0x0) finit_module(0xffffffffffffffff, &(0x7f00000001c0)='TPROXY\x00', 0x0) [ 1410.124176] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.125374] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1410.126301] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1410.127231] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1410.128182] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1410.129132] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1410.136505] FAULT_INJECTION: forcing a failure. [ 1410.136505] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.138098] CPU: 0 PID: 8647 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1410.138999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.140092] Call Trace: [ 1410.140446] dump_stack+0x107/0x167 [ 1410.140919] should_fail.cold+0x5/0xa [ 1410.141409] ? create_object.isra.0+0x3a/0xa30 [ 1410.141993] should_failslab+0x5/0x20 [ 1410.142492] kmem_cache_alloc+0x5b/0x310 [ 1410.143021] create_object.isra.0+0x3a/0xa30 [ 1410.143595] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1410.144259] kmem_cache_alloc_trace+0x151/0x320 [ 1410.144875] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1410.145529] ? io_import_iovec+0x1120/0x1120 [ 1410.146096] ? lock_downgrade+0x6d0/0x6d0 [ 1410.146630] ? do_raw_spin_lock+0x121/0x260 [ 1410.147189] ? rwlock_bug.part.0+0x90/0x90 [ 1410.147748] __io_uring_add_tctx_node+0x2c6/0x520 [ 1410.148374] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1410.149041] ? alloc_fd+0x2e7/0x670 [ 1410.149529] io_uring_setup+0x1fbb/0x2980 [ 1410.150078] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1410.150739] ? wait_for_completion_io+0x270/0x270 [ 1410.151374] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.152061] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.152727] do_syscall_64+0x33/0x40 [ 1410.153207] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.153865] RIP: 0033:0x7f38f4330b19 [ 1410.154342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.156710] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.157680] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1410.158594] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1410.159506] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1410.160440] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1410.161356] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1410.176848] kauditd_printk_skb: 49 callbacks suppressed [ 1410.176860] audit: type=1326 audit(1778448442.389:3305): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8636 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:38 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:27:38 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/240, 0xf0, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x3, 0x200, 0x1, 0x0, 0x0, [{{r2}, 0x6}]}) [ 1425.898968] audit: type=1326 audit(1778448458.111:3306): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1425.940168] FAULT_INJECTION: forcing a failure. [ 1425.940168] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.942636] CPU: 0 PID: 8668 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1425.944085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1425.945832] Call Trace: [ 1425.946388] dump_stack+0x107/0x167 [ 1425.947153] should_fail.cold+0x5/0xa [ 1425.947967] ? create_object.isra.0+0x3a/0xa30 [ 1425.948933] should_failslab+0x5/0x20 [ 1425.949733] kmem_cache_alloc+0x5b/0x310 [ 1425.950936] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1425.952104] create_object.isra.0+0x3a/0xa30 [ 1425.953022] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1425.954086] kmem_cache_alloc+0x159/0x310 [ 1425.954980] security_file_alloc+0x34/0x170 [ 1425.955887] __alloc_file+0xb7/0x320 [ 1425.956683] alloc_empty_file+0x6d/0x170 [ 1425.957544] alloc_file+0x5e/0x5a0 [ 1425.958295] alloc_file_pseudo+0x16a/0x250 [ 1425.959055] FAULT_INJECTION: forcing a failure. [ 1425.959055] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.959190] ? alloc_file+0x5a0/0x5a0 [ 1425.962806] anon_inode_getfile+0xc8/0x1f0 [ 1425.963710] io_uring_setup+0x138b/0x2980 [ 1425.964605] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1425.965670] ? wait_for_completion_io+0x270/0x270 [ 1425.966714] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1425.967816] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1425.968928] do_syscall_64+0x33/0x40 [ 1425.969724] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.970799] RIP: 0033:0x7ff29b41cb19 [ 1425.971591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.975439] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1425.977006] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1425.978468] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1425.979986] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1425.981477] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1425.982974] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1425.984534] CPU: 1 PID: 8670 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1425.986062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1425.987760] Call Trace: [ 1425.988324] dump_stack+0x107/0x167 [ 1425.989071] should_fail.cold+0x5/0xa [ 1425.989842] ? create_object.isra.0+0x3a/0xa30 [ 1425.990766] should_failslab+0x5/0x20 [ 1425.991536] kmem_cache_alloc+0x5b/0x310 [ 1425.992376] ? mark_held_locks+0x9e/0xe0 [ 1425.993206] create_object.isra.0+0x3a/0xa30 [ 1425.994087] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1425.995122] kmem_cache_alloc+0x159/0x310 [ 1425.995979] xas_alloc+0x336/0x440 [ 1425.996725] xas_create+0x34a/0x10d0 [ 1425.997503] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1425.998577] xas_store+0x8c/0x1c40 [ 1425.999322] __xa_store+0x164/0x2d0 [ 1426.000071] ? xa_delete_node+0x280/0x280 [ 1426.000936] ? trace_hardirqs_on+0x5b/0x180 [ 1426.001817] xa_store+0x31/0x50 [ 1426.002493] __io_uring_add_tctx_node+0x1cf/0x520 [ 1426.003474] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.004549] ? alloc_fd+0x2e7/0x670 [ 1426.005311] io_uring_setup+0x1fbb/0x2980 [ 1426.006162] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.007184] ? wait_for_completion_io+0x270/0x270 [ 1426.008195] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.009267] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.010323] do_syscall_64+0x33/0x40 [ 1426.011089] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.012138] RIP: 0033:0x7f606cee6b19 [ 1426.012901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.016632] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.018184] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1426.019632] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.021080] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.022526] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.023980] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1426.036823] FAULT_INJECTION: forcing a failure. [ 1426.036823] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.039418] CPU: 0 PID: 8672 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1426.040891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1426.042653] Call Trace: [ 1426.043216] dump_stack+0x107/0x167 [ 1426.044016] should_fail.cold+0x5/0xa [ 1426.044829] ? io_wq_create+0xeb/0xc00 [ 1426.045654] should_failslab+0x5/0x20 [ 1426.046655] __kmalloc+0x72/0x390 [ 1426.047467] io_wq_create+0xeb/0xc00 [ 1426.048288] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1426.049371] ? io_import_iovec+0x1120/0x1120 [ 1426.050312] ? io_apoll_task_func+0x2d0/0x2d0 [ 1426.051270] ? __io_req_find_next+0x300/0x300 [ 1426.052230] ? do_raw_spin_lock+0x121/0x260 [ 1426.053145] ? rwlock_bug.part.0+0x90/0x90 [ 1426.054054] __io_uring_add_tctx_node+0x2c6/0x520 [ 1426.055075] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.056191] ? alloc_fd+0x2e7/0x670 [ 1426.056975] io_uring_setup+0x1fbb/0x2980 [ 1426.057873] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.058939] ? wait_for_completion_io+0x270/0x270 [ 1426.059999] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.061109] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.062213] do_syscall_64+0x33/0x40 [ 1426.063011] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.064099] RIP: 0033:0x7f38f4330b19 [ 1426.064887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.068786] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.070398] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1426.071903] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.073424] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.074927] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.076441] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:38 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:38 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) 21:27:38 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x40000, 0x24, 0x2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:27:38 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) 21:27:38 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) 21:27:38 executing program 7: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000026c0)={'ip6gre0\x00', &(0x7f0000002640)={'ip6tnl0\x00', 0x0, 0x29, 0x81, 0x2, 0x81, 0x32, @local, @loopback, 0x10, 0x7, 0x6, 0x3f}}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x20, 0x0, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x20}}, 0x0) sendmmsg$inet(r2, &(0x7f0000002800)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000340)="c1e4e2f6daa7933c59bc2b074defc2f2a551a2e66948c414c42b5a67bbd8780ba44aa6e21e68cc11175f74da7bc179547a03bada4596dcf209874366417d58bf9e59199458153a8f0194a9ba8344f26590b7026e8258d8e61307bfb2d362a95e06fe48669c640f6fae2c77572ee0078b1911d4d168ddede5ec607bc934787ad51aa1041684ad2a2e31df372d8edb6a232f95eed27e09dad352c264ca4eec1b676fb98328434f7e54f1592acaee89bbe72eb8f5353ea5db93f2cacd68b7534a851dfc0a164d9130232bfdd5b2a52881022654f5ec89079cf0", 0xd8}, {&(0x7f0000000100)="502cb43fd24aa6a175", 0x9}, {&(0x7f0000000440)="d51dc2f1cca075fe2a6ed96d5956d7614156e850196a52d1dee0958b6086918ca02a176900e57b9340005a632cae20dd5a2aee4b1ba2eac35cdc4a374b912b1bcab853edf15fba7e5a816471b0a127d56e0f683cca676313fc1d7696db43b3cbbf7a1b4e4f42020f1659b38be495aa3e8d61331a870e7140f66d901b79ee85e1a1b2d0a0bfcb69f711827d9b20c574f7e116c271e0fc2ae952fbf61394827d1959f25487ec964b7a2c811bebcc2ca58eb2730b76ab34bb9a96490a32d3d65b38cf11a54c2a2ca924557fe5ee91bfd75d781710ee0935280b2e1840146ff20e649b631cc2bb86ce06210e6f3ca43f950b0dd90d000e5f307a073e3029dfc11fa821292486336201dbaef0c780545e9a47bd9e487dca3fb99724b393b9b3e7be317a40526bdc2ff33e557dbacfa174330560bd69597698ebcaf5cc177ab9780d22064f7542440cc3babd548a90672298d5c0c1ebbbca750255b72257b76b88852d32021e53ef4d1904af5b98d708b6caf9168271362df979dad1fa3baa668b29e697498c3a6876d063e648107785c1b299a6cc0c385c9844749c5c2860b98992850e418b9deca1767e6456b5d1592a5e7022e035bbc96aef0b18869aaf43e2663490471dc5faef26202a4e4c79b42caf424cd7d0581f8dd5072b53c84c8af5cf460ba48f681de93db4253fed117d4ddff450fcdfe5f73300a321c21286c05269c43cec113b8ee9c953a99c2d03a8e99cf2fbe38deed4207e694b6774f0c4a4ddef3916c9126b53faa1c6dca8c9f858c25123440dbb22307a795c5188d01d33a557315e931cfe9e1aeef14ac20304c115fee8d158c56ff84c960463f6ff7c0e7b6df382b3b85b3f732cc49190b10d42eac7841a5237bd421ef7e545e6f85e99426b232dec721ba98cbadb2c5e6759866983108694a8dd53392c3f317f5c09b0dc7d52f9bafe9816169ef600cdd902e05e0095777d55054fb4729cdbec91150cf61deb3e2e84fdcb7a0564cc117f45ed20f396c362a4d46b301c8ebb69c5673a0e50f51d7890238884e789a8eee911ffecb15dce156f6547d390af1b538193fa6738e6a583cc7c42ad2c253caddfb265e01c384863bc6f4983609db4ce01d904226c04a12fb81b7d45d3e9305505b09b0155064a04d248945e29b906f118bc06bc5eb43f07c841f1379c87cb8d2d0fb23fb2313e5fa17b2e19212d2174a1c5236936270c578c2870d4fa86cce44a5e1756380c3cff7df715d797e0584a4398cb736507d6852f67b18073759f15886d929ea3288d86620b07738187f2a617e067a970d385c8d8b4a10df781c9c1e77fa1869d3e3db584739a6ccdc04eb73862870e9103b3ca6ca21e5464cd34b2f448df050c9f5c745b7d77a64b009f77770b6fd3b83d22feca1aa5ce16649f33ef871ad3b51d0255d42867fd2043b209a872a485fbf2e86b0210dcc638e665edacacf16b8a191b604d366b4ec6b2c0ecf1c1189a7063550e5dac956aaeaee92d832e89476e43d4f94f45f1857027b17ce0fa7fe10dfa96b221bc86488468a6176e669cfa0d5a9425fefc4295585f9a514e7f78777c9f4279ed8a4581c2be5a241c8b61166519b5fb2bada6da1f62fabda9ee3b068f4ed64e6bd1f2b69d748821439b5b1d97aa1491a860e22adcc5fd7032bc12e9d002bba9850125f565cc49f6abd9f56591412c4b37d10137125b78c93ef5fa0f7920f2f510c4e6c6305f50ffc57a4c4e92ac56ea88afc1153aa9b42d118e8a4b293a8cce9004093181775e07d0fe74f3e43ed1cadb1d54d20e48e3fb3d9f649726aed700edea3e05f320108b0b88d1a51a726f3d7152c44e6213d3f602b9a20f56c847a05d18b070b292c43f32dfe20c3033c5f9e2c8ddb1f96a18ae94bd3cd93c8bbb651cd7cad80f19169a8ee0e7303edb100518688f17f89fbc28ab69cdd5e1b2de60a141aa6fba950d7903b46094afc402ffe9370ea61e778c5bfe20adcd1a06496e17a9f279c34fb8006d44f0910dd953a897ff2f1b70a366a1de4958bad2d7b1ddd39a977eb1a8532a7fe5fbc51b0f615c24b31a46228740ebbbcf422b8d9e98b873a8a5fcbede40c327564b321cb5206fed259b7da688a9949891eeb155693186523930358bdabe3d9ba32d2e73b6c1eed997788bb8741e76e838a8e4c66a06aa7f7c2b4c53d709ca7bde2601d663635b7388560cc642d848ee929762a9ce3ddce08fa6291c97c6c83ee2bfafafb23da21ed5befc7052093c4ba1b39a4a533290148796f416989e0736ae91f1f73ee18f8d83d5ea1cc123be0d3365e32226471215f42fc7fe5d8c68d49dd457eefc132b970d9071227a81ff3b1c4fd0f804d260ac7ea2bd5407a4108a87681c11efff99b4082f63a075cc99fbed25fd8ba38c75641e48b38417bbd5077a44651466fcb0da162fefde4bfaa2aaf85c77655d894fe76a34dd047dab5d761ce6a845439ac3651983c45eb99be9b2635ddb81f2048b40dfdc39f22faaec2ff4ae855b6afadae634640cfa884af0f9ad8dfd302f5f46f0ff8dde58026aca4fde9e3a25f2b53e7b81b43da7cca148c075eea022c859741f594f876b17419dc33ae1290effb9c68ba1a5e1d2d1c4d756c92de8ea3b81cda727064074cf5ada3bc09497d81c1e0dad6859a53cfa94dba79a46b7a0ce3ecf7acc89c80b2c4d2e47ded880559264b865da4392dad1548f2276ac2b20359d7144477d4203e7bab3de1d298004bdfeb52889309b276db639cdc761a4a7cc541c707ee13e7cb7105b79e21d64d89ca9a4def3354053403f663ed44f2618f3c69ef28586e985ebc5fe560a8d0c3c685c7286f610535591d9aa7d24ea00ae8fb1b16d5893461417b9092da2f46bb4d59b9c8b70fa4cdc59d1883687ae805c0d48ce747eb215b54db3c9d6f573a80c918c84f90b45af6598ed259992092cd8beab29e7217d721ce78fc99f0ca80b564238479abbd7f60f15abda2eb1eb379340860bffbcd630bb910f5f7b84f8a19fab2a5b6520b3bfb492454212e3a45b01dfc69e8ad9b5ad7c46c40fbace9b1d1b0429b257d1d94f0be3753bc1de40814e936f44470b046029a09a9371e1265bde5dd8bb460344ee950d24055591b773d3374d123cbf7d4633c675ece85fb858e3885ce29f4669fd00a0751d8edfc6408b20afbe980dbb339ee0a91304132c3e232c1e5dab82f6a86406ea001aa6db85100ec809f028b3655bf9a16331e640fbf0ae2865ba9cbb34bbe1b0b4f6539f800f404affbbd3247e63982ed9037bedc3e659bd22e5a36e9161afef5ec2326dd80696e073ef2ee94a2c11f564427f3a4f6f738111436ae5dc2bb8d1412cfde72afd5bce792676f4ca25ba02dbcedc3646a18d1a6d3f63c9d0b90582080d088128d0fff21a5af2fe0bc11e5d9420b01dca4eb71d421f3e175c791e8e8585a96ebee67578490ca65845664c813876a2084e810759fbe6ecedd631ee78f15d9ec910975f2b7fe34d43b8bdefe85fc5ea288f8ff244fb7b9664b940c7a11d862e1659262258d6ae290e742a4dcebcfb665f1cd3efd81499dc9f9505f26fcb8ab03f4c73c09d63a529c5fa901fbac81d4426e0430fc4f09220c3dbd212336f2a938ae7c745ca99e49cda38ebcb3d299714b8781cb8e528f3f01478bfa2ff6dad53a106b6adf8b0a76b8df37c27ad46684f3ea94063086769ff813edc06bb73882c80e8df2124ee69d7b1faf3e5c2ffe320689c0098f859ea20c2d123f74239637d5d9353e95c8febf2797e1e6ccf58fe81b18eba5c84eb26a0a164a4af44f6262adcf688f9e105639cb0344409e72e922db4c5001ebc1205e49c685a1226afe961d99b8f071359b7bc1da868404ef375553f69bcc1bb90a0960df84b0232fa436a462a6f5690cfd43043e1ff05d75ceb224c325e50d4afa8887919589f898f9a3be8aeaf433420209d3cc8369f85e0acb00c1daa4c7be466e9175b07b425105ad5b8fa17912201b00f67f7a147ff1bcfe3eb6e7024276adf4d99dad860e9cb095d554399cb767e36ae24b25968b60381da91c432d50ba3339d13f2f96727c8ed44d44fb8086cf9901d64dd387e69ed59c82771960787df8b240b6ddca399b85283a077dd4a98b32d0e9f256a51d045b5504143ed110c41335983db2e0eca918b6b59b7249bd0731a0feace759a138676617a4c6a0a0a24704979dcec164a132b7958b120ce98e288f9aec2225dedf58c20a87b29aa7552bd808dd6aeea495bfcf67e0f68aedc15829fa2cf17a89753ab613594e18d98af0dec8dbdff8e8a5c0559e032a7d79ae15500cddf66d9d7ff32a38a69b6083f1a0d0d746eb7ae90e27f76c1a37dd5cc5e31aaa1d44bef14ebfa836548ed5c8c9d9715c9a8bf4364864ae63d1290c8fbd693eec1c328a61ce4326879283271df105ad54429a5c83440b4c0270585cf38b1ccf997a311b430450d1324175f7cf9fe1a54f837ef6bee9481e4b0efb661a16b7b655df73919cd31cd0afcbc30c2738ba341875ec869bf7e995757f8f1e5c2b3acc14dff02dc5533e0ca149a1b2c033a729c4ec6d4310e9bb3f649596e8ef974fb21446cc1af152e349416584a182882034bcbd1b965965073e9b4fc658539604436ffac437e4347dcae85386cec9a02b62403477e5b9ebe7e8858be8dc392fc4cbe20d2c6e7bc1d8ab91fe15063e99fc5f16927f28d89c1610b3e1971c962f7d72ab6dcaf05a10638bedf7d6538656cf53ea2edd77eea575540add49f7d2b61cedbf6c8ad969f50a896189b636578a35e0c081963b236b7201a16296c6791ffad979e7ac92aa9e1f1c1ded15100b39f9ae4549f5836c48a1ac60e3ca8817daa0e814b997fee87bd776d522113decb80b91540355722e4d68f224e9588a640a93ac8f4e0c77e6d40582a1b89cefc89f551c0b346672aa44277b51acca387269357d77986453e1f6764da67e061f56e8499078e20105b6768b2d40cf3a2e2cb5591a271352389ab4ba1b52da10d71c76cbac8122dbb0e10cfb33666a9d43d5fb412a0f279e192e2151ff8d5c2c898e70245c59a0ce811fae896e26b3fb0e946729973b48b85e08315e1098668c3e61c1f77640064c7f8619efdb6ce482b414de70b980eb9956fd196b98bd58f61382d384d5c99f65738f3a4aa89c8bf72fd46cda42bec6ff33ab2685baa84cc32ab829f0d210555295a0d2857b2645ba61d5ee5493cb99f8f6c21bf0d7f0efb98351f14bfd7290bdde374d2a3b57fe3ea0eb45e6e7bd869dc7406173f084a810768b79b7e7ef299a9fbbf21017f2fa05906ad55eee964c5fb976fb2569ccd79499d8640e7500e69f233d2a04c15c91e410261e9eaf6fec739dd8c3572ae913cb5166d6f971801399ee20744a3f9ad1e86cf25732e07c714091041f099c7d081d6d777d2506067c7aaef2e950b69524351c20ce32489325bbcfd3f2f7dac3ab558d86b49be64456df01c31f6ff9505eceefd476155771144e30b403e4c82ef3b34c544030b0fdf8c15342e501e11496252f43479f76d2e60dd14557d5ec96b19235c9d0bbf0d53defc7cfc13749ac4f59694a259c9c3feb45bcb6145e73730ca930c8a5424ec29911e79c47700bb54ad79c397edf0b6a0d7a17c341d68bb50e34862b1136b77953b1b122c26315532b7e8996764321df9bcc352ddb0e2df5181a10ca648394388bcfbc0228a7865d875fac64795c133ea8d5879f04a0d9f37ddfc0c821bfe2b2b56e91eb41b57c1441ae3f6bfa8378bf8c9b80b23606ebe827b1b0fc57734e14e2f3fae53b9a6b3947309", 0x1000}, {&(0x7f0000001440)="a9cae7ac06ca579270734ab339bf47a6eab2a942b72465f10489a0dd98232efcec2f9969f79c68d3ab2d37135db56a012968a4cc52f3daf474b22cc378947a56a4fe88c11ef8494e48f3d412fb3af7793f917a1671d8fcec5fc9081b0269cf367f7399d9be8092dd1dfb0288dcb2b31abeca28c6adbc695efcb6805b0be1f396ec32a6be00ef107e03d54ab5e5a6fce54989acf70f9521dea7317ac3e08f30563f57e68876ce7b87d1b52264626a38758637732316d17b3563473af89f00f2f084f3e318291d7f3009866170ab19db", 0xcf}, {&(0x7f0000001540)="3ec771cc4b93ff8d8221ebb16bf196d79407caf035f324a2424b829a913e272a24a1c5772d24e09e5fdb82c965b46098a649c7ae60aa55732ddd108f3d521fb733d9e0d96aa4a83a918bb69ba9319ce97ae3204359d8a095c555f30693c614ee68384cffe00bcc594cbde382299809f17daedd93e473bb4533039bf066cbb70cc632b14d8d55b79b3725d4081d1b0371ed3713b10779999a7f60f46eb28d9bc4e18af5ef77917323e7f08523130991cf0e0bd1eefab5e0ebf1b52150e5ffa5ccbfbbf32e3f2e8f4c389daa1a20f35278e98a0b64127fa7124b9e1f7e9bf0639236e30472e2ef2195abb8f8", 0xeb}], 0x5}}, {{&(0x7f0000000180)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000017c0)=[{&(0x7f0000001640)="92", 0x1}, {&(0x7f0000001680)="eb5e34da344207cbbd0dc2e043a5eab44f4f70cb849dc4d6692b13b01af716674957592ae4eafec35b21e6e8f4a2271004312001e828119ff7e955a20ae938d80f2ee927a45824ff8509448b53d0237843df178e9838b6a85cc83f6301d45fb099e4b0a94cb3aecb510cb820446f5f4ec94ed467cda8f95d7a5820bc5c314d8a", 0x80}, {&(0x7f0000001700)="3c0006bf10959fb9cdfd09dffec8014e70e51bae08ceacb4a45b79a30b0339771784236a9fbc352ed8265dc323beaa3644a5ef253c71369c60feabe26e680daf69499ca78afe2d8edeb33c7c8822645f33d7a1936085cd8e5b6208517249b02d4e07eeb51a63fc6cf563975000ea241d876bab1f82cc604a998a58d51319edef1daff7c04148826d84f0a26b985536131a81312751556a05d275658391e6ca12515ab4f3032e4fb3897e957ee71d6cbbbb951c5f84fbce44fc", 0xb9}], 0x3, &(0x7f0000001800)=[@ip_retopts={{0x10c, 0x0, 0x7, {[@ssrr={0x89, 0x1f, 0x19, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @loopback, @remote, @multicast1, @remote, @loopback]}, @timestamp_prespec={0x44, 0x4c, 0x6e, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x401}, {@private=0xa010102, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@broadcast, 0x7}, {@loopback, 0xeb55}, {@local, 0x800}, {@multicast1, 0x9}, {@loopback, 0x4}]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x23, 0x2b, [@remote, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @multicast2, @broadcast, @multicast2]}, @rr={0x7, 0x1f, 0x64, [@multicast1, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @private=0xa010102, @local, @remote]}, @ssrr={0x89, 0x7, 0x59, [@remote]}, @timestamp_prespec={0x44, 0x3c, 0xe9, 0x3, 0x0, [{@remote, 0xffffffff}, {@private=0xa010102, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x3b}}, {@empty, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast, 0xa40}, {@remote, 0x9}]}, @generic={0x88, 0x5, 'lU\n'}]}}}], 0x110}}, {{&(0x7f0000001940)={0x2, 0x7fff, @broadcast}, 0x10, &(0x7f0000001b40)=[{&(0x7f0000001980)="a003da947792a1ea016a9e12dbab06141c42a14df6db5ea220c08198720d2a138042d353434ac3acd1a396ebd1e87cd222f13ddee90c55cd6ac9e0f16650e8263dc236aa1231ac91a94864ea285172db1fcce33b8b4646b1ea385532de517236c1c12c02864daa41ab416d46ee6dd810511ac1fdfe50915d490a405a3672cb6f4feafd8b", 0x84}, {&(0x7f0000001a40)}, {&(0x7f0000001a80)="75852384e19545265939860d1eacbea8fde76e5a16ba93d0bb25e7ee3b6ac769f376c3af74ecad151ef5939ce5f19c30b9f46044c1aa60c802aa48589a561988fa2fdcd17f6f21851008530259964f4d616fc49b50905ee0dceaf85481278b4ae5ec310d87bb25aa973977b29bcc35d8ee5f3cb4afcc05ff9ba186a47f197adfd43a7d86c7ec39940708e32b1c20808052bb7e96679c307bc79d1c3bd81912f84ad9d79ccd2cee99d9652e44c98336", 0xaf}], 0x3, &(0x7f0000001b80)=[@ip_ttl={{0x14, 0x0, 0x2, 0xffffffff}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp_addr={0x44, 0x34, 0x7b, 0x1, 0xa, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x78}, {@dev={0xac, 0x14, 0x14, 0x1c}, 0x7}, {@multicast1, 0xffff}, {@local, 0x5}, {@private=0xa010101, 0x10001}, {@rand_addr=0x64010101, 0xfffff801}]}, @lsrr={0x83, 0x7, 0x4, [@multicast2]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x200}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0xe0}}, {{&(0x7f0000001c80)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000001fc0)=[{&(0x7f0000001cc0)="e978fd9f1d5ed41d4dfaa6c09b7206f8edf43c2a9dd6ef4eda643e7078118541d93efb0f13912fc5657009ac9901e5f7d41ef54f1c10a541b5124ffd07d4d4ed0f72e36e2b7a64e07bb5b6a15f0b", 0x4e}, {&(0x7f0000001d40)="b897e2deeb9e6d17e419820521d084a34a28f64f13d085b96e4deae53d6943e3cab882df8e1e7c09d835d940f1868ba84455079e9e22d546cf1ef1c181605c48ecf42c04fc87493ccd3d6b6684a862cd6ca0f85a5e98b410dce49ea517eb50871c28e63c715f6de6d407b89572b65317ee5a968b89e3961c445402a5e8f9c99ee9b59a344747218064034878571b68c08d0fcb9169312da4a4712e085915cb650d359fb61e8536be0d1371ba2df615eae54de95e1272054b50261b72889b501a58c8e79da9a25a35ad15563620968bd983396284d65cfd6c8622e76e6080df5794d1cbca38", 0xe5}, {&(0x7f0000001e40)}, {&(0x7f0000001e80)="a00fc4956bc0cb0b6d12a34226a6af80b6fb3419afbad3ac70d6c3bd7bd1ce3e9b8ee749ec55d91df3e73fa0c6ad3366e375e66bd534a808d3390c2507e0f997d0d16e76cb9ff0621a1805d018d50e0ec89f2d3b3a744a54a33f25c6555f49fdc5fbffe624352689330de0b3655d4dbebe2203", 0x73}, {&(0x7f0000001f00)="9d1cbff77bd38c29eedce97fee871eb30ac1bfa29fa4366a0bf29e8bce26d0d541dc19b32b9d58cbb122ef8c9f611dc6131ea9eae2295c812c75152f1e73ec7646206d691b6bf183c8f0a64bb51e74097754bbd841ae6cd30c9a5625c9124d8f33f7e2e7d9eaef83161e", 0x6a}, {&(0x7f0000001f80)="5ec8f156651b8c7d75b435c181494d6f487bd93168086c354f84623a491ee8535752351eedcab34c4386301d1f7b482298903a5de07f22cc971f37d9dd", 0x3d}], 0x6, &(0x7f0000002040)}}, {{&(0x7f0000002080)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10, &(0x7f00000025c0)=[{&(0x7f00000020c0)="77f3e2351904051eac7768b7bfa9d043bc9902fe7295108d9398b5c84394c1ee0d73bf59bae368d315e29c8d3dae1ee375cf0720a07c0b01a9083d68e59ebc170475d17af7977edf53df8ea7a689f360ec30907d3441d914d41a52c3d252d635e94fde1fa97c6c444be42516776b26dddf7b3b89716d76bc72a44fe8e84d12", 0x7f}, {&(0x7f0000002140)="31331ff79aed93fabe92ebdf8c6fa07f061d2b47d6216d07919c3c", 0x1b}, {&(0x7f0000002180)="b3c61a452883738ca10c0d79e001a826bf81c57ef62e4485bb06a8b5db487d8c8aad63adfdd9b87e39d964b530d68ba4c2d2399ad9f4f69042a233b3b86488d5d40b50ea0a519aa2d74d715e0d7edd23bcf3f22817e846534c6680e464765a94f699ad9f29bdcc78c98b472e6059778b044e50dfa1a027ec8c0cf7470f547b9c0ef4111fff42cd842da35d4b340360cd5c1f1702806192e8891116b53cf781ca534c92c49b724b4a9c37ef87543a78d90aecb47241a5cae5c2c9c5f97cdb32fc33253db584153b71e4a588c88e7243394f0255ae387f8a7a0ceb126051ebb57a801ea002ded1b774816ea4350d1d74", 0xef}, {&(0x7f0000002280)="fce4997c4459abb6fdfd5d567ca92f98fad9aa5536b30aecf619bbef455eaf5666be7c938e66", 0x26}, {&(0x7f00000022c0)="334ab642843f73ac63d6c1e0677447a609d3a25c9c36758f8d0a7f062e9369f7d7a2a71cab122ceda48b5cbce6378e575227c1dcdc90ad4dff56de5d34f9fd1684ac9db1d506a4cddc189bfe640138a3dfad56cdc0b0831622545f7f4dc116fa8fa93a8ae0937084a06404da700b755f4f9a44726866c14155a6305fecff76c5f6db6f61414c7febae22b83a70cd1e5b3447e95171d59840a27cbd05b5fb3fbec5c57cbaf0cded21cd7747c3765c2b8085a34d1eee953524af4b95a2ce099a6ecc5d506150ad0f5c1092a052a05ca9794f0e6fce2b4a883f417ee9", 0xdb}, {&(0x7f00000023c0)="bed689d3ca357911f8a1f37b185b9838395da48650b668d9bf162e1b83690acd5dafc96c92252eae8d760f3be8d7da4a5044529e709421007afc1ed04d7d530bc3308e57e69475b767a8ae84a56c9a2951fce3b62f16bd2a184a19ec627e2aeec92b938cc4b190a2abf27582c96afe410677f78554c37156cc22c30b", 0x7c}, {&(0x7f0000002440)="6baaee7f282be2586d133114fc0cdeb92725cc2a6635de4db2cd0a5e945a951c133f2817b4231a4774b7ac4ca640d3373a71d5d274b8931e343fa70397680c87d64e03bfaba27d480b83376a604835ce40436d1f1e3d08bf3f1dcdc36d9f34508354738fd91ee92de3a75524f2181ad07167e5a3cfbd1dbd70c412dd712588dcb1725fb6478f3a2277dc4ddab3ca346f986c462bc44ca33f65c56be39946fd1e61fe33da7fb94cea8e17759a4356f44db056263e3bafcc753104", 0xba}, {&(0x7f0000002500)="c562e4c55cb0953e54eb1540a17cdaef88c1fec1b0f93eaccb82bb9bb34c422ac9fe1750264f593933d8455624f2f46e23158917e5e3e783d12360e6086a6f09112f952b1d3ac1aec8d902e50330f984ebc3960111b3c12184c718cdfca03b94033b71221efd6ed183e0f17a9f7296bb5141ccab6a9150d99000abf4c1b6022a0475cd3550f6816f268e9ac2011cc0", 0x8f}], 0x8, &(0x7f0000002700)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6e}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1d}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @remote}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xfffffff7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2000000}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xed}}], 0xf0}}], 0x5, 0x100) dup3(r1, r0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'dummy0\x00', 0x0}) setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000080)={r5, @local, @loopback}, 0xc) r6 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd=r6, 0x3, 0x0, 0xd1, 0x0, 0x1}, 0x9) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0) [ 1426.085209] audit: type=1326 audit(1778448458.156:3307): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.085421] FAULT_INJECTION: forcing a failure. [ 1426.085421] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.092158] CPU: 0 PID: 8673 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1426.093598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1426.095348] Call Trace: [ 1426.095915] dump_stack+0x107/0x167 [ 1426.096699] should_fail.cold+0x5/0xa [ 1426.097502] ? xas_alloc+0x336/0x440 [ 1426.098297] should_failslab+0x5/0x20 [ 1426.099101] kmem_cache_alloc+0x5b/0x310 [ 1426.099973] xas_alloc+0x336/0x440 [ 1426.100732] xas_create+0x34a/0x10d0 [ 1426.101539] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1426.102662] xas_store+0x8c/0x1c40 [ 1426.103436] __xa_store+0x164/0x2d0 [ 1426.104235] ? xa_delete_node+0x280/0x280 [ 1426.105139] ? trace_hardirqs_on+0x5b/0x180 [ 1426.106069] xa_store+0x31/0x50 [ 1426.106771] __io_uring_add_tctx_node+0x1cf/0x520 [ 1426.107790] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.108906] ? alloc_fd+0x2e7/0x670 [ 1426.109689] io_uring_setup+0x1fbb/0x2980 [ 1426.110580] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.111648] ? wait_for_completion_io+0x270/0x270 [ 1426.112711] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.113820] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.114910] do_syscall_64+0x33/0x40 [ 1426.115695] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.116779] RIP: 0033:0x7f2d330fab19 [ 1426.117573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.121476] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.123083] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1426.124608] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.126123] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.127639] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.129211] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1426.133343] audit: type=1326 audit(1778448458.160:3308): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:38 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:38 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') close(r0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [{0x20, 'setgroups\x00'}], 0xa, "a9a69332c4fbabf1ef9be57e480dd262cbaeb4af22821952b4425cf2953ab05d874aebcea7e3d04831e271874d6486e83000e942e50c6b491cc069059ca5df033bbface7dd6ed0cb86fe892ebdc626afb63eb972175b02dc6a18942bfd958aad13851ec33409f8b0e81c7116c470f3ce7a9a4eeff22f9a9998a840d2b003c45137ecc3af8881bb47dc0f788d07d71e0db52e4d520be3c9416e"}, 0xaf) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000140)={0x7}) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:27:38 executing program 6: r0 = syz_io_uring_setup(0x7e32, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1426.150381] audit: type=1326 audit(1778448458.160:3309): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.171640] audit: type=1326 audit(1778448458.160:3310): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.189268] audit: type=1326 audit(1778448458.163:3311): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.204292] audit: type=1326 audit(1778448458.163:3312): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.218246] audit: type=1326 audit(1778448458.164:3313): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:38 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x500000c, 0x13, r0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x41c302, 0x0) io_uring_enter(r1, 0x20b4, 0xc045, 0x2, &(0x7f0000000040)={[0x2]}, 0x8) [ 1426.235568] audit: type=1326 audit(1778448458.168:3314): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1426.250115] audit: type=1326 audit(1778448458.168:3315): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8662 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:38 executing program 7: sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x24048010) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:27:38 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) fcntl$setown(r0, 0x8, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r3 = getpgrp(0x0) pidfd_open(r3, 0x0) fcntl$setown(r2, 0x8, r3) r4 = syz_open_procfs(r3, &(0x7f0000000000)='mountinfo\x00') ioctl$BTRFS_IOC_SET_FEATURES(r4, 0x40309439, &(0x7f0000000140)={0x1, 0x2, 0x1}) pread64(r4, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:27:38 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:27:38 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) 21:27:38 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) 21:27:38 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1426.404731] FAULT_INJECTION: forcing a failure. [ 1426.404731] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.407156] CPU: 1 PID: 8695 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1426.408657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1426.410473] Call Trace: [ 1426.411057] dump_stack+0x107/0x167 [ 1426.411856] should_fail.cold+0x5/0xa [ 1426.412705] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1426.413833] should_failslab+0x5/0x20 [ 1426.414667] kmem_cache_alloc_trace+0x55/0x320 [ 1426.415676] io_uring_alloc_task_context+0x99/0x6a0 [ 1426.416778] ? io_import_iovec+0x1120/0x1120 [ 1426.417727] ? lock_downgrade+0x6d0/0x6d0 [ 1426.418615] ? do_raw_spin_lock+0x121/0x260 [ 1426.419538] ? rwlock_bug.part.0+0x90/0x90 [ 1426.420465] __io_uring_add_tctx_node+0x2c6/0x520 [ 1426.421498] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.422602] ? alloc_fd+0x2e7/0x670 [ 1426.423392] io_uring_setup+0x1fbb/0x2980 [ 1426.424290] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.425372] ? wait_for_completion_io+0x270/0x270 [ 1426.426416] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.427536] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.428655] do_syscall_64+0x33/0x40 [ 1426.429452] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.430547] RIP: 0033:0x7ff29b41cb19 [ 1426.431343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.435273] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.436888] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1426.438398] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.439894] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.441425] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.442932] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1426.468598] FAULT_INJECTION: forcing a failure. [ 1426.468598] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.471176] CPU: 0 PID: 8699 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1426.472644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1426.474401] Call Trace: [ 1426.474972] dump_stack+0x107/0x167 [ 1426.475749] should_fail.cold+0x5/0xa [ 1426.476593] ? xas_alloc+0x336/0x440 [ 1426.477390] should_failslab+0x5/0x20 [ 1426.478205] kmem_cache_alloc+0x5b/0x310 [ 1426.479074] xas_alloc+0x336/0x440 [ 1426.479833] xas_create+0x34a/0x10d0 [ 1426.480655] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1426.481771] xas_store+0x8c/0x1c40 [ 1426.482547] __xa_store+0x164/0x2d0 [ 1426.483331] ? xa_delete_node+0x280/0x280 [ 1426.483634] FAULT_INJECTION: forcing a failure. [ 1426.483634] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.484227] ? trace_hardirqs_on+0x5b/0x180 [ 1426.484261] xa_store+0x31/0x50 [ 1426.488154] __io_uring_add_tctx_node+0x1cf/0x520 [ 1426.489173] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.490277] ? alloc_fd+0x2e7/0x670 [ 1426.491063] io_uring_setup+0x1fbb/0x2980 [ 1426.491961] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.493041] ? wait_for_completion_io+0x270/0x270 [ 1426.494089] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.495200] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.496300] do_syscall_64+0x33/0x40 [ 1426.497084] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.498169] RIP: 0033:0x7f606cee6b19 [ 1426.498952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.502831] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.504446] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1426.505950] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.507459] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.508972] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.510486] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1426.512037] CPU: 1 PID: 8701 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1426.513487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1426.515234] Call Trace: [ 1426.515799] dump_stack+0x107/0x167 [ 1426.516589] should_fail.cold+0x5/0xa [ 1426.517400] ? create_object.isra.0+0x3a/0xa30 [ 1426.518369] should_failslab+0x5/0x20 [ 1426.519178] kmem_cache_alloc+0x5b/0x310 [ 1426.520055] create_object.isra.0+0x3a/0xa30 [ 1426.520985] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1426.522066] __kmalloc+0x16e/0x390 [ 1426.522842] io_wq_create+0xeb/0xc00 [ 1426.523649] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1426.524724] ? io_import_iovec+0x1120/0x1120 [ 1426.525662] ? io_apoll_task_func+0x2d0/0x2d0 [ 1426.526615] ? __io_req_find_next+0x300/0x300 [ 1426.527554] ? do_raw_spin_lock+0x121/0x260 [ 1426.528475] ? rwlock_bug.part.0+0x90/0x90 [ 1426.529380] __io_uring_add_tctx_node+0x2c6/0x520 [ 1426.530405] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1426.531516] ? alloc_fd+0x2e7/0x670 [ 1426.532311] io_uring_setup+0x1fbb/0x2980 [ 1426.533203] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1426.534279] ? wait_for_completion_io+0x270/0x270 [ 1426.535333] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1426.536438] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1426.537538] do_syscall_64+0x33/0x40 [ 1426.538320] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1426.539409] RIP: 0033:0x7f38f4330b19 [ 1426.540210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1426.544244] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1426.545915] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1426.547471] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1426.549033] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1426.550592] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1426.552154] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:27:52 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) 21:27:52 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) 21:27:52 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f0000000080)={0x0, 0xa8c9, 0x4, 0x1, 0x191}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000040)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:27:52 executing program 4: syz_io_uring_setup(0x3193, &(0x7f0000000140)={0x0, 0x9268, 0x1, 0x2, 0x98}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=0x0) r1 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}}, 0x0) syz_io_uring_submit(0x0, r0, &(0x7f00000003c0)=@IORING_OP_STATX={0x15, 0x2, 0x0, 0xffffffffffffff9c, &(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x2, 0x800, 0x0, {0x0, r4}}, 0xfffffffe) syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(0xffffffffffffffff, &(0x7f0000000040)=""/238, 0xee, 0x80000000000007) 21:27:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) 21:27:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x8000000) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x10000000) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r4 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x4007, @fd=r3, 0x4, &(0x7f0000000040)=""/177, 0xb1, 0x0, 0x0, {0x0, r7}}, 0x7fffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x100010, r4, 0x0) 21:27:52 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1439.855188] FAULT_INJECTION: forcing a failure. [ 1439.855188] name failslab, interval 1, probability 0, space 0, times 0 [ 1439.857597] CPU: 0 PID: 8713 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1439.859043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1439.860785] Call Trace: [ 1439.861344] dump_stack+0x107/0x167 [ 1439.862113] should_fail.cold+0x5/0xa [ 1439.862912] ? create_object.isra.0+0x3a/0xa30 [ 1439.863874] should_failslab+0x5/0x20 [ 1439.864688] kmem_cache_alloc+0x5b/0x310 [ 1439.865538] ? mark_held_locks+0x9e/0xe0 [ 1439.866399] create_object.isra.0+0x3a/0xa30 [ 1439.867311] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1439.868437] kmem_cache_alloc+0x159/0x310 [ 1439.869321] xas_alloc+0x336/0x440 [ 1439.870081] xas_create+0x34a/0x10d0 [ 1439.870257] FAULT_INJECTION: forcing a failure. [ 1439.870257] name failslab, interval 1, probability 0, space 0, times 0 [ 1439.870883] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1439.873290] xas_store+0x8c/0x1c40 [ 1439.874065] __xa_store+0x164/0x2d0 [ 1439.874842] ? xa_delete_node+0x280/0x280 [ 1439.875725] ? trace_hardirqs_on+0x5b/0x180 [ 1439.876659] xa_store+0x31/0x50 [ 1439.877361] __io_uring_add_tctx_node+0x1cf/0x520 [ 1439.878384] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1439.879488] ? alloc_fd+0x2e7/0x670 [ 1439.880278] io_uring_setup+0x1fbb/0x2980 [ 1439.881171] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1439.882235] ? wait_for_completion_io+0x270/0x270 [ 1439.883282] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1439.884404] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1439.885492] do_syscall_64+0x33/0x40 [ 1439.886275] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1439.887365] RIP: 0033:0x7f606cee6b19 [ 1439.888153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1439.892003] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1439.893621] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1439.895128] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1439.896635] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1439.898133] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1439.899633] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1439.901170] CPU: 1 PID: 8722 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1439.901984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1439.902935] Call Trace: [ 1439.903248] dump_stack+0x107/0x167 [ 1439.903667] should_fail.cold+0x5/0xa [ 1439.904121] ? io_wq_create+0x6ef/0xc00 [ 1439.904576] should_failslab+0x5/0x20 [ 1439.905012] kmem_cache_alloc_node_trace+0x59/0x340 [ 1439.905588] io_wq_create+0x6ef/0xc00 [ 1439.906031] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1439.906614] ? io_import_iovec+0x1120/0x1120 [ 1439.907120] ? io_apoll_task_func+0x2d0/0x2d0 [ 1439.907637] ? __io_req_find_next+0x300/0x300 [ 1439.908158] ? do_raw_spin_lock+0x121/0x260 [ 1439.908650] ? rwlock_bug.part.0+0x90/0x90 [ 1439.909141] __io_uring_add_tctx_node+0x2c6/0x520 [ 1439.909690] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1439.910291] ? alloc_fd+0x2e7/0x670 [ 1439.910723] io_uring_setup+0x1fbb/0x2980 [ 1439.911206] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1439.911786] ? wait_for_completion_io+0x270/0x270 [ 1439.912363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1439.912961] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1439.913552] do_syscall_64+0x33/0x40 [ 1439.913983] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1439.914577] RIP: 0033:0x7f38f4330b19 [ 1439.915021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1439.917138] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1439.918013] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1439.918824] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1439.919640] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1439.920463] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1439.921280] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1439.925180] FAULT_INJECTION: forcing a failure. [ 1439.925180] name failslab, interval 1, probability 0, space 0, times 0 [ 1439.925769] FAULT_INJECTION: forcing a failure. [ 1439.925769] name failslab, interval 1, probability 0, space 0, times 0 [ 1439.926493] CPU: 1 PID: 8725 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1439.926510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1439.930587] Call Trace: [ 1439.930896] dump_stack+0x107/0x167 [ 1439.931312] should_fail.cold+0x5/0xa [ 1439.931748] ? xas_alloc+0x336/0x440 [ 1439.932184] should_failslab+0x5/0x20 [ 1439.932620] kmem_cache_alloc+0x5b/0x310 [ 1439.933091] xas_alloc+0x336/0x440 [ 1439.933500] xas_create+0x34a/0x10d0 [ 1439.933938] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1439.934536] xas_store+0x8c/0x1c40 [ 1439.934952] __xa_store+0x164/0x2d0 [ 1439.935368] ? xa_delete_node+0x280/0x280 [ 1439.935854] ? trace_hardirqs_on+0x5b/0x180 [ 1439.936361] xa_store+0x31/0x50 [ 1439.936742] __io_uring_add_tctx_node+0x1cf/0x520 [ 1439.937290] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1439.937885] ? alloc_fd+0x2e7/0x670 [ 1439.938309] io_uring_setup+0x1fbb/0x2980 [ 1439.938800] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1439.939375] ? wait_for_completion_io+0x270/0x270 [ 1439.939937] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1439.940545] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1439.941135] do_syscall_64+0x33/0x40 [ 1439.941559] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1439.942145] RIP: 0033:0x7f2d330fab19 [ 1439.942570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1439.944665] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1439.945531] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1439.946341] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1439.947146] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1439.947958] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1439.948771] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1439.949614] CPU: 0 PID: 8719 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1439.951086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1439.952844] Call Trace: [ 1439.953411] dump_stack+0x107/0x167 [ 1439.954179] should_fail.cold+0x5/0xa [ 1439.954984] ? create_object.isra.0+0x3a/0xa30 [ 1439.955951] should_failslab+0x5/0x20 [ 1439.956761] kmem_cache_alloc+0x5b/0x310 [ 1439.957621] create_object.isra.0+0x3a/0xa30 [ 1439.958548] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1439.959634] kmem_cache_alloc_trace+0x151/0x320 [ 1439.960635] io_uring_alloc_task_context+0x99/0x6a0 [ 1439.961685] ? io_import_iovec+0x1120/0x1120 [ 1439.962609] ? lock_downgrade+0x6d0/0x6d0 [ 1439.963481] ? do_raw_spin_lock+0x121/0x260 [ 1439.964395] ? rwlock_bug.part.0+0x90/0x90 [ 1439.965293] __io_uring_add_tctx_node+0x2c6/0x520 [ 1439.966309] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1439.967414] ? alloc_fd+0x2e7/0x670 [ 1439.968207] io_uring_setup+0x1fbb/0x2980 [ 1439.969091] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1439.970149] ? wait_for_completion_io+0x270/0x270 [ 1439.971188] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1439.972298] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1439.973382] do_syscall_64+0x33/0x40 [ 1439.974172] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1439.975240] RIP: 0033:0x7ff29b41cb19 [ 1439.976031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1439.979889] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1439.981500] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1439.982997] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1439.984508] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1439.986006] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1439.987494] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1439.989967] kauditd_printk_skb: 47 callbacks suppressed [ 1439.989978] audit: type=1326 audit(1778448472.202:3363): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1439.999074] audit: type=1326 audit(1778448472.211:3364): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1440.003962] audit: type=1326 audit(1778448472.216:3365): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:52 executing program 7: ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000040)) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x20b9, 0x5e39, 0x1, &(0x7f0000000000)={[0x5]}, 0x8) [ 1440.018385] audit: type=1326 audit(1778448472.230:3366): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1440.025556] audit: type=1326 audit(1778448472.230:3367): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1440.034639] audit: type=1326 audit(1778448472.230:3368): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:52 executing program 6: r0 = syz_io_uring_setup(0x3668, &(0x7f00000002c0)={0x0, 0xffffffff, 0x20, 0x3, 0xfffffffe}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1440.051657] audit: type=1326 audit(1778448472.231:3369): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1440.056181] audit: type=1326 audit(1778448472.231:3370): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1440.062109] audit: type=1326 audit(1778448472.231:3371): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) 21:27:52 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) ioctl$IOC_PR_REGISTER(r0, 0x401870c8, &(0x7f0000000140)={0x7, 0x6, 0x1}) [ 1440.091375] audit: type=1326 audit(1778448472.237:3372): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8723 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:27:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:27:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) [ 1440.174201] FAULT_INJECTION: forcing a failure. [ 1440.174201] name failslab, interval 1, probability 0, space 0, times 0 [ 1440.175575] CPU: 1 PID: 8744 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1440.176367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1440.177322] Call Trace: [ 1440.177631] dump_stack+0x107/0x167 [ 1440.178054] should_fail.cold+0x5/0xa [ 1440.178495] ? xas_alloc+0x336/0x440 [ 1440.178923] should_failslab+0x5/0x20 [ 1440.179358] kmem_cache_alloc+0x5b/0x310 [ 1440.179832] xas_alloc+0x336/0x440 [ 1440.180258] xas_create+0x34a/0x10d0 [ 1440.180699] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1440.181310] xas_store+0x8c/0x1c40 [ 1440.181726] __xa_store+0x164/0x2d0 [ 1440.182147] ? xa_delete_node+0x280/0x280 [ 1440.182628] ? trace_hardirqs_on+0x5b/0x180 [ 1440.183128] xa_store+0x31/0x50 [ 1440.183511] __io_uring_add_tctx_node+0x1cf/0x520 [ 1440.184064] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1440.184673] ? alloc_fd+0x2e7/0x670 [ 1440.185104] io_uring_setup+0x1fbb/0x2980 [ 1440.185587] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1440.186168] ? wait_for_completion_io+0x270/0x270 [ 1440.186741] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1440.187348] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1440.187945] do_syscall_64+0x33/0x40 [ 1440.188384] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1440.188964] RIP: 0033:0x7f2d330fab19 [ 1440.189391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1440.191491] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1440.192368] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1440.193192] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1440.194017] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1440.194841] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1440.195657] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1454.833954] FAULT_INJECTION: forcing a failure. [ 1454.833954] name failslab, interval 1, probability 0, space 0, times 0 [ 1454.837299] CPU: 0 PID: 8753 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1454.839284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1454.841682] Call Trace: [ 1454.842444] dump_stack+0x107/0x167 [ 1454.843526] should_fail.cold+0x5/0xa [ 1454.844637] ? create_object.isra.0+0x3a/0xa30 [ 1454.845954] should_failslab+0x5/0x20 [ 1454.846853] kmem_cache_alloc+0x5b/0x310 [ 1454.848011] ? mark_held_locks+0x9e/0xe0 [ 1454.848977] create_object.isra.0+0x3a/0xa30 [ 1454.850234] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1454.851705] kmem_cache_alloc+0x159/0x310 [ 1454.852931] xas_alloc+0x336/0x440 [ 1454.853929] xas_create+0x34a/0x10d0 [ 1454.854825] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1454.856056] xas_store+0x8c/0x1c40 [ 1454.856928] __xa_store+0x164/0x2d0 [ 1454.857786] ? xa_delete_node+0x280/0x280 [ 1454.858770] ? trace_hardirqs_on+0x5b/0x180 [ 1454.859792] xa_store+0x31/0x50 [ 1454.860580] __io_uring_add_tctx_node+0x1cf/0x520 [ 1454.861709] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1454.862959] ? alloc_fd+0x2e7/0x670 [ 1454.864015] io_uring_setup+0x1fbb/0x2980 [ 1454.865114] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1454.866398] ? wait_for_completion_io+0x270/0x270 [ 1454.867610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1454.868908] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1454.870166] do_syscall_64+0x33/0x40 [ 1454.871068] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1454.872351] RIP: 0033:0x7f2d330fab19 [ 1454.873274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1454.877752] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1454.879581] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1454.881298] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1454.882984] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1454.884700] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1454.886375] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1454.923650] FAULT_INJECTION: forcing a failure. [ 1454.923650] name failslab, interval 1, probability 0, space 0, times 0 [ 1454.925226] CPU: 1 PID: 8760 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1454.926159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1454.927270] Call Trace: [ 1454.927626] dump_stack+0x107/0x167 [ 1454.928117] should_fail.cold+0x5/0xa [ 1454.928654] ? xas_alloc+0x336/0x440 [ 1454.929158] should_failslab+0x5/0x20 [ 1454.929669] kmem_cache_alloc+0x5b/0x310 [ 1454.930217] xas_alloc+0x336/0x440 [ 1454.930700] xas_create+0x34a/0x10d0 [ 1454.931215] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1454.932076] xas_store+0x8c/0x1c40 [ 1454.932607] __xa_store+0x164/0x2d0 [ 1454.933206] ? xa_delete_node+0x280/0x280 [ 1454.933787] ? trace_hardirqs_on+0x5b/0x180 [ 1454.934684] xa_store+0x31/0x50 21:28:07 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 50) 21:28:07 executing program 6: r0 = syz_io_uring_setup(0x107f, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4010, r0, 0x0) 21:28:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:28:07 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:28:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) 21:28:07 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) 21:28:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000140)=""/238, 0xee, 0x8) 21:28:07 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f00004af000/0x3000)=nil, 0x3000, 0x1, 0x20010, r0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x680b, &(0x7f0000000000)={0x0, 0x6804, 0x8, 0x3, 0x33b, 0x0, r0}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000000100)) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x1ba2, 0xcfd7, 0x2, &(0x7f00000000c0)={[0x4]}, 0x8) [ 1454.935181] __io_uring_add_tctx_node+0x1cf/0x520 [ 1454.935940] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1454.936792] ? alloc_fd+0x2e7/0x670 [ 1454.937398] io_uring_setup+0x1fbb/0x2980 [ 1454.938082] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1454.938895] ? wait_for_completion_io+0x270/0x270 [ 1454.939695] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1454.940541] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1454.941372] do_syscall_64+0x33/0x40 [ 1454.941977] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1454.942809] RIP: 0033:0x7f606cee6b19 [ 1454.943407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1454.946334] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1454.947542] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1454.948675] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1454.949817] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1454.950951] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1454.952077] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1454.957651] kauditd_printk_skb: 25 callbacks suppressed [ 1454.957662] audit: type=1326 audit(1778448487.170:3398): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.965691] audit: type=1326 audit(1778448487.170:3399): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.970426] audit: type=1326 audit(1778448487.175:3400): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.973698] audit: type=1326 audit(1778448487.175:3401): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.979335] audit: type=1326 audit(1778448487.178:3402): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.982045] audit: type=1326 audit(1778448487.182:3403): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.989005] audit: type=1326 audit(1778448487.182:3404): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.991524] FAULT_INJECTION: forcing a failure. [ 1454.991524] name failslab, interval 1, probability 0, space 0, times 0 [ 1454.991573] CPU: 0 PID: 8766 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1454.991584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1454.991591] Call Trace: [ 1454.991617] dump_stack+0x107/0x167 [ 1454.991645] should_fail.cold+0x5/0xa [ 1454.997805] audit: type=1326 audit(1778448487.182:3405): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1454.998241] ? create_object.isra.0+0x3a/0xa30 [ 1454.998270] should_failslab+0x5/0x20 [ 1454.998946] audit: type=1326 audit(1778448487.183:3406): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1455.003443] kmem_cache_alloc+0x5b/0x310 [ 1455.003465] ? io_wq_create+0x114/0xc00 [ 1455.003491] create_object.isra.0+0x3a/0xa30 [ 1455.012210] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1455.013331] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1455.014443] io_wq_create+0x6ef/0xc00 [ 1455.015287] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1455.016406] ? io_import_iovec+0x1120/0x1120 [ 1455.017372] ? io_apoll_task_func+0x2d0/0x2d0 [ 1455.018335] ? __io_req_find_next+0x300/0x300 [ 1455.019297] ? do_raw_spin_lock+0x121/0x260 [ 1455.020225] ? rwlock_bug.part.0+0x90/0x90 [ 1455.021161] __io_uring_add_tctx_node+0x2c6/0x520 [ 1455.022201] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1455.023326] ? alloc_fd+0x2e7/0x670 [ 1455.024124] io_uring_setup+0x1fbb/0x2980 [ 1455.025036] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1455.026128] ? wait_for_completion_io+0x270/0x270 [ 1455.027196] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1455.028334] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1455.029447] do_syscall_64+0x33/0x40 [ 1455.030254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1455.031356] RIP: 0033:0x7f38f4330b19 [ 1455.032157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1455.036087] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1455.037721] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1455.039242] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1455.040768] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1455.042289] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1455.043809] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1455.046046] audit: type=1326 audit(1778448487.183:3407): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8751 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1455.061532] FAULT_INJECTION: forcing a failure. [ 1455.061532] name failslab, interval 1, probability 0, space 0, times 0 [ 1455.062910] CPU: 1 PID: 8761 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1455.063707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1455.064721] Call Trace: [ 1455.065042] dump_stack+0x107/0x167 [ 1455.065471] should_fail.cold+0x5/0xa [ 1455.065928] ? create_object.isra.0+0x3a/0xa30 [ 1455.066472] should_failslab+0x5/0x20 [ 1455.066927] kmem_cache_alloc+0x5b/0x310 [ 1455.067534] create_object.isra.0+0x3a/0xa30 [ 1455.068205] kmemleak_alloc_percpu+0xa0/0x100 [ 1455.068882] pcpu_alloc+0x4e2/0x1240 [ 1455.069457] __percpu_counter_init+0x10d/0x2d0 [ 1455.070145] io_uring_alloc_task_context+0xcc/0x6a0 [ 1455.070902] ? io_import_iovec+0x1120/0x1120 [ 1455.071567] ? lock_downgrade+0x6d0/0x6d0 [ 1455.072186] ? do_raw_spin_lock+0x121/0x260 [ 1455.072838] ? rwlock_bug.part.0+0x90/0x90 [ 1455.073487] __io_uring_add_tctx_node+0x2c6/0x520 [ 1455.074215] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1455.074998] ? alloc_fd+0x2e7/0x670 [ 1455.075553] io_uring_setup+0x1fbb/0x2980 [ 1455.076181] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1455.076947] ? wait_for_completion_io+0x270/0x270 [ 1455.077694] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1455.078489] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1455.079270] do_syscall_64+0x33/0x40 [ 1455.079713] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1455.080488] RIP: 0033:0x7ff29b41cb19 [ 1455.081046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1455.083784] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1455.084935] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1455.086002] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1455.087080] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1455.087956] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1455.089019] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:07 executing program 4: pread64(0xffffffffffffffff, &(0x7f0000000040)=""/238, 0xee, 0x7) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x100}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) 21:28:07 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) 21:28:07 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = syz_io_uring_setup(0x1e14, &(0x7f0000000000)={0x0, 0x94bc, 0x4, 0x2, 0x1c3, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000240)=@IORING_OP_ACCEPT={0xd, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000100)=0x80, &(0x7f0000000180)=@sco, 0x0, 0x0, 0x0, {0x0, r4}}, 0xc921) r5 = pidfd_getfd(0xffffffffffffffff, r2, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000e, 0x13, r5, 0x0) [ 1455.150590] FAULT_INJECTION: forcing a failure. [ 1455.150590] name failslab, interval 1, probability 0, space 0, times 0 [ 1455.152130] CPU: 1 PID: 8774 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1455.152905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1455.153840] Call Trace: [ 1455.154142] dump_stack+0x107/0x167 [ 1455.154557] should_fail.cold+0x5/0xa [ 1455.154986] ? ___slab_alloc+0x360/0x700 [ 1455.155442] ? create_object.isra.0+0x3a/0xa30 [ 1455.155959] should_failslab+0x5/0x20 [ 1455.156396] kmem_cache_alloc+0x5b/0x310 [ 1455.156852] create_object.isra.0+0x3a/0xa30 [ 1455.157355] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1455.158089] kmem_cache_alloc+0x159/0x310 [ 1455.158692] xas_alloc+0x336/0x440 [ 1455.159201] xas_create+0x34a/0x10d0 [ 1455.159747] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1455.160517] xas_store+0x8c/0x1c40 [ 1455.161041] __xa_store+0x164/0x2d0 [ 1455.161570] ? xa_delete_node+0x280/0x280 [ 1455.162177] ? trace_hardirqs_on+0x5b/0x180 [ 1455.162805] xa_store+0x31/0x50 [ 1455.163279] __io_uring_add_tctx_node+0x1cf/0x520 [ 1455.163974] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1455.164741] ? alloc_fd+0x2e7/0x670 [ 1455.165276] io_uring_setup+0x1fbb/0x2980 [ 1455.165881] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1455.166604] ? wait_for_completion_io+0x270/0x270 [ 1455.167308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1455.168056] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1455.168805] do_syscall_64+0x33/0x40 [ 1455.169348] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1455.170088] RIP: 0033:0x7f606cee6b19 [ 1455.170617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1455.173226] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1455.174294] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1455.175325] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1455.176342] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1455.177351] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1455.178369] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:07 executing program 7: sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440), 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x74, 0x3, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x3}, [@CTA_SYNPROXY={0x2c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x800}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3}]}, @CTA_LABELS={0x20, 0x16, 0x1, 0x0, [0xfffffffb, 0x8, 0x8001, 0x1, 0x3, 0xffffffff, 0x9]}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xb246}]}]}, 0x74}}, 0x20000000) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000001, 0x2010, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) syz_io_uring_submit(r7, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r6, &(0x7f0000000180)=@IORING_OP_WRITE={0x17, 0x2, 0x2007, @fd_index=0x9, 0x1fffe000000, &(0x7f0000000040)="acfc267fedcfcd49c276099a634e002cf3e907d3bce7a9b86d3f24f34b9ded4cda826014dd95d5155aa04866604aedde6ab279fc2d839c1e8015531bc11fb50feac9193c816a186956fe3e08e8c2ffc80b34d9aded69c2bf543dfaa36947e35c18afeddc6d9d0b7283121b9a38dbd507d0b8b9be46a12a1273fb039b220105b44deebad62b77d294ce5b0b5af4d7b1cb59559a4114cc9ee1de25c4939beeee15306c84f04bdbf432de38744cdbe6f779b266213662262229378c1e36593f18910a57f39d79f7dcd1c4e00268638bec31d180a152b527e10f76af021fd12e34", 0xdf, 0x1d}, 0x9) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimensat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000400)={{r8, r9/1000+60000}}, 0x0) 21:28:07 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) 21:28:07 executing program 7: ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'gretap0\x00', &(0x7f0000000000)={'erspan0\x00', 0x0, 0x80, 0x20, 0xfffffffe, 0x6, {{0x6, 0x4, 0x2, 0x2, 0x18, 0x68, 0x0, 0x81, 0x4, 0x0, @multicast2, @multicast2, {[@end]}}}}}) r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1455.246169] FAULT_INJECTION: forcing a failure. [ 1455.246169] name failslab, interval 1, probability 0, space 0, times 0 [ 1455.247414] CPU: 1 PID: 8786 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1455.248145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1455.249042] Call Trace: [ 1455.249330] dump_stack+0x107/0x167 [ 1455.249722] should_fail.cold+0x5/0xa [ 1455.250132] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1455.250663] should_failslab+0x5/0x20 [ 1455.251070] kmem_cache_alloc_trace+0x55/0x320 [ 1455.251561] __io_uring_add_tctx_node+0x15c/0x520 [ 1455.252076] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1455.252640] ? alloc_fd+0x2e7/0x670 [ 1455.253036] io_uring_setup+0x1fbb/0x2980 [ 1455.253485] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1455.254024] ? wait_for_completion_io+0x270/0x270 [ 1455.254555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1455.255115] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1455.255667] do_syscall_64+0x33/0x40 [ 1455.256065] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1455.256617] RIP: 0033:0x7f38f4330b19 [ 1455.257014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1455.258964] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1455.259775] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1455.260536] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1455.261299] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1455.262054] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1455.262812] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:07 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r1, 0x942e, 0x0) pread64(r0, &(0x7f0000000140)=""/253, 0xfd, 0xa) [ 1468.280743] FAULT_INJECTION: forcing a failure. [ 1468.280743] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.282431] CPU: 1 PID: 8803 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1468.283432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.284646] Call Trace: [ 1468.285040] dump_stack+0x107/0x167 [ 1468.285581] should_fail.cold+0x5/0xa [ 1468.286140] ? xas_alloc+0x336/0x440 [ 1468.286671] should_failslab+0x5/0x20 [ 1468.287227] kmem_cache_alloc+0x5b/0x310 [ 1468.287818] xas_alloc+0x336/0x440 [ 1468.288338] xas_create+0x34a/0x10d0 [ 1468.288904] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1468.289672] xas_store+0x8c/0x1c40 [ 1468.290202] __xa_store+0x164/0x2d0 [ 1468.290735] ? xa_delete_node+0x280/0x280 [ 1468.291350] ? trace_hardirqs_on+0x5b/0x180 [ 1468.291983] xa_store+0x31/0x50 [ 1468.292476] __io_uring_add_tctx_node+0x1cf/0x520 [ 1468.293206] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.293965] ? alloc_fd+0x2e7/0x670 [ 1468.294502] io_uring_setup+0x1fbb/0x2980 [ 1468.295105] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.295841] ? wait_for_completion_io+0x270/0x270 [ 1468.296573] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.297327] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.298070] do_syscall_64+0x33/0x40 [ 1468.298611] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.299329] RIP: 0033:0x7f606cee6b19 [ 1468.299864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:28:20 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:28:20 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:28:20 executing program 6: r0 = syz_io_uring_setup(0x3b56, &(0x7f0000000240), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000001c0), &(0x7f0000000140)) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0xcf4, 0x3f6f, 0x6a0c309db3630ea1, &(0x7f0000000000)={[0x7]}, 0x8) syz_io_uring_setup(0x727d, &(0x7f0000000080)={0x0, 0x32a9, 0x0, 0x3, 0x128, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000180)) 21:28:20 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) fsetxattr$security_selinux(r1, &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:mouse_device_t:s0\x00', 0x24, 0x3) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:20 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) 21:28:20 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) 21:28:20 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 51) 21:28:20 executing program 7: r0 = syz_io_uring_setup(0x64dc, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000140)) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x4, 0x0, r5, 0x80, &(0x7f0000000040)=@l2tp={0x2, 0x0, @multicast2, 0x2}, 0x0, 0x0, 0x1}, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1468.302526] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.303898] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1468.304923] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.305920] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.306918] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.307909] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1468.317579] kauditd_printk_skb: 31 callbacks suppressed [ 1468.317592] audit: type=1326 audit(1778448500.529:3439): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.333195] FAULT_INJECTION: forcing a failure. [ 1468.333195] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.334862] CPU: 1 PID: 8810 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1468.335814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.337006] Call Trace: [ 1468.337381] dump_stack+0x107/0x167 [ 1468.337890] should_fail.cold+0x5/0xa [ 1468.338431] ? create_object.isra.0+0x3a/0xa30 [ 1468.339065] should_failslab+0x5/0x20 [ 1468.339598] kmem_cache_alloc+0x5b/0x310 [ 1468.340163] create_object.isra.0+0x3a/0xa30 [ 1468.340789] kmemleak_alloc_percpu+0xa0/0x100 [ 1468.341414] pcpu_alloc+0x4e2/0x1240 [ 1468.341940] __percpu_counter_init+0x10d/0x2d0 [ 1468.342576] io_uring_alloc_task_context+0xcc/0x6a0 [ 1468.343261] ? io_import_iovec+0x1120/0x1120 [ 1468.343879] ? lock_downgrade+0x6d0/0x6d0 [ 1468.344457] ? do_raw_spin_lock+0x121/0x260 [ 1468.345061] ? rwlock_bug.part.0+0x90/0x90 [ 1468.345648] __io_uring_add_tctx_node+0x2c6/0x520 [ 1468.346317] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.347050] ? alloc_fd+0x2e7/0x670 [ 1468.347582] io_uring_setup+0x1fbb/0x2980 [ 1468.348172] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.348880] ? wait_for_completion_io+0x270/0x270 [ 1468.349565] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.350293] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.351028] do_syscall_64+0x33/0x40 [ 1468.351564] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.352279] RIP: 0033:0x7ff29b41cb19 [ 1468.352803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1468.355359] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.356428] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1468.357425] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.358415] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.359398] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.360377] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1468.361709] audit: type=1326 audit(1778448500.529:3440): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.368426] FAULT_INJECTION: forcing a failure. [ 1468.368426] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.371282] CPU: 0 PID: 8815 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1468.372931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.374935] Call Trace: [ 1468.375577] dump_stack+0x107/0x167 [ 1468.376465] should_fail.cold+0x5/0xa [ 1468.377405] ? xas_alloc+0x336/0x440 [ 1468.377997] audit: type=1326 audit(1778448500.530:3441): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.378304] should_failslab+0x5/0x20 [ 1468.378330] kmem_cache_alloc+0x5b/0x310 [ 1468.383091] xas_alloc+0x336/0x440 [ 1468.383948] xas_create+0x34a/0x10d0 [ 1468.384868] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1468.386130] xas_store+0x8c/0x1c40 [ 1468.387006] __xa_store+0x164/0x2d0 [ 1468.387879] ? xa_delete_node+0x280/0x280 [ 1468.388892] ? trace_hardirqs_on+0x5b/0x180 [ 1468.389933] xa_store+0x31/0x50 [ 1468.390722] __io_uring_add_tctx_node+0x1cf/0x520 [ 1468.390996] audit: type=1326 audit(1778448500.541:3442): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.391875] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.396012] ? alloc_fd+0x2e7/0x670 [ 1468.396907] io_uring_setup+0x1fbb/0x2980 [ 1468.397906] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.399120] ? wait_for_completion_io+0x270/0x270 [ 1468.400310] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.401568] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.402792] do_syscall_64+0x33/0x40 [ 1468.403684] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.404899] RIP: 0033:0x7f2d330fab19 [ 1468.405785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1468.410161] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.411965] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1468.412119] audit: type=1326 audit(1778448500.541:3443): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.413671] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.413686] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.413700] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.413713] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:20 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) 21:28:20 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x329e, &(0x7f0000000000)={0x0, 0x186d, 0x10, 0x2, 0x301}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1468.465644] FAULT_INJECTION: forcing a failure. [ 1468.465644] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.468126] CPU: 0 PID: 8820 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1468.469608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.471407] Call Trace: [ 1468.471988] dump_stack+0x107/0x167 [ 1468.472799] should_fail.cold+0x5/0xa [ 1468.473631] ? create_object.isra.0+0x3a/0xa30 [ 1468.474630] should_failslab+0x5/0x20 [ 1468.475438] kmem_cache_alloc+0x5b/0x310 [ 1468.476334] create_object.isra.0+0x3a/0xa30 [ 1468.477215] audit: type=1326 audit(1778448500.541:3444): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.477294] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1468.477326] kmem_cache_alloc_trace+0x151/0x320 [ 1468.484434] __io_uring_add_tctx_node+0x15c/0x520 [ 1468.485493] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.486640] ? alloc_fd+0x2e7/0x670 [ 1468.487428] io_uring_setup+0x1fbb/0x2980 [ 1468.488359] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.489487] ? wait_for_completion_io+0x270/0x270 [ 1468.490587] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.491709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.492868] do_syscall_64+0x33/0x40 [ 1468.493705] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.494846] RIP: 0033:0x7f38f4330b19 [ 1468.495677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1468.499746] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.501412] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1468.503026] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.504587] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.506197] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.507798] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:20 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1468.536426] audit: type=1326 audit(1778448500.541:3445): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:20 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r5, r1, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xd57a, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x7fffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1468.556490] audit: type=1326 audit(1778448500.541:3446): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.572777] FAULT_INJECTION: forcing a failure. [ 1468.572777] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.575355] CPU: 1 PID: 8824 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1468.576892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.578747] Call Trace: [ 1468.579344] dump_stack+0x107/0x167 [ 1468.580164] should_fail.cold+0x5/0xa [ 1468.581029] ? create_object.isra.0+0x3a/0xa30 [ 1468.582039] should_failslab+0x5/0x20 [ 1468.582892] kmem_cache_alloc+0x5b/0x310 [ 1468.583802] ? mark_held_locks+0x9e/0xe0 [ 1468.584733] create_object.isra.0+0x3a/0xa30 [ 1468.585713] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1468.586854] kmem_cache_alloc+0x159/0x310 [ 1468.587795] xas_alloc+0x336/0x440 [ 1468.588602] xas_create+0x34a/0x10d0 [ 1468.589456] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1468.590634] xas_store+0x8c/0x1c40 [ 1468.591447] __xa_store+0x164/0x2d0 [ 1468.592255] ? xa_delete_node+0x280/0x280 [ 1468.593193] ? trace_hardirqs_on+0x5b/0x180 [ 1468.594162] xa_store+0x31/0x50 [ 1468.594895] __io_uring_add_tctx_node+0x1cf/0x520 [ 1468.595962] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.597150] ? alloc_fd+0x2e7/0x670 [ 1468.597966] io_uring_setup+0x1fbb/0x2980 [ 1468.598897] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.600019] ? wait_for_completion_io+0x270/0x270 [ 1468.601128] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.602294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.603443] do_syscall_64+0x33/0x40 [ 1468.604275] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.605427] RIP: 0033:0x7f606cee6b19 [ 1468.606255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1468.610335] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.612006] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1468.613581] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.615151] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.616707] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.618276] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1468.623074] audit: type=1326 audit(1778448500.541:3447): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1468.633454] audit: type=1326 audit(1778448500.542:3448): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8800 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:20 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 52) 21:28:20 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000340)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x8a, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) r2 = accept(r0, &(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, &(0x7f00000000c0)=0x80) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f00000002c0)=0x1, 0x4) sendfile(r0, r0, 0x0, 0x19) r3 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0) copy_file_range(r3, &(0x7f0000000180)=0x8001, r0, &(0x7f00000001c0)=0xffffffff80000000, 0x3ff, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) pread64(r4, &(0x7f0000000480)=""/250, 0x114, 0x8000000007) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x1}, 0x4) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x4048110, 0xffffffffffffffff, 0x10000000) recvmsg$unix(r1, &(0x7f0000000940)={&(0x7f00000005c0)=@abs, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000640)=""/39, 0x27}, {&(0x7f0000000680)=""/26, 0x1a}, {&(0x7f00000006c0)=""/231, 0xe7}, {&(0x7f00000007c0)=""/247, 0xf7}], 0x4, &(0x7f0000000900)}, 0x2102) syz_io_uring_submit(0x0, r5, &(0x7f0000000580)=@IORING_OP_MADVISE={0x19, 0xf, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2}, 0x5) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x4, 0x3, 0x81, 0xff, 0x3c, @private0={0xfc, 0x0, '\x00', 0x1}, @private0, 0x7800, 0x8068, 0x1, 0x1bc35009}}) r6 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$BTRFS_IOC_QGROUP_LIMIT(r6, 0x8030942b, &(0x7f0000000080)={0x7, {0x8, 0x9, 0x2, 0x8, 0xffffffff}}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000980)=ANY=[@ANYBLOB="01002081feb335c635fa03e78a965e000100000018000000fb081232ddebaeabacb3cd56eea0587d115b34549fdb4b201e516b86922f1277634dd43b352a9bce63431b23795c265175c1fd9dc5ca77700a173d2240232c886e95caa67fd65ff75f5e64d26e3f2e2161a528cd21829e9f389d030b0d8a061365957d21f1069b42793b47742b4c78d3a706e2e200"/152, @ANYRES32=r0, @ANYBLOB="81000000000000002e2f66696c653000"]) [ 1468.731414] FAULT_INJECTION: forcing a failure. [ 1468.731414] name failslab, interval 1, probability 0, space 0, times 0 [ 1468.734381] CPU: 1 PID: 8836 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1468.736050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1468.738063] Call Trace: [ 1468.738706] dump_stack+0x107/0x167 [ 1468.739590] should_fail.cold+0x5/0xa [ 1468.740525] ? create_object.isra.0+0x3a/0xa30 [ 1468.741628] should_failslab+0x5/0x20 [ 1468.742556] kmem_cache_alloc+0x5b/0x310 [ 1468.743540] ? mark_held_locks+0x9e/0xe0 [ 1468.744534] create_object.isra.0+0x3a/0xa30 [ 1468.745580] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1468.746811] kmem_cache_alloc+0x159/0x310 [ 1468.747815] xas_alloc+0x336/0x440 [ 1468.748692] xas_create+0x34a/0x10d0 [ 1468.749603] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1468.750867] xas_store+0x8c/0x1c40 [ 1468.751746] __xa_store+0x164/0x2d0 [ 1468.752631] ? xa_delete_node+0x280/0x280 [ 1468.753640] ? trace_hardirqs_on+0x5b/0x180 [ 1468.754685] xa_store+0x31/0x50 [ 1468.755480] __io_uring_add_tctx_node+0x1cf/0x520 [ 1468.756651] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1468.757941] ? alloc_fd+0x2e7/0x670 [ 1468.758830] io_uring_setup+0x1fbb/0x2980 [ 1468.759847] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1468.761053] ? wait_for_completion_io+0x270/0x270 [ 1468.762230] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1468.763467] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1468.764690] do_syscall_64+0x33/0x40 [ 1468.765573] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1468.766788] RIP: 0033:0x7f2d330fab19 [ 1468.767658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1468.772028] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1468.773824] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1468.775509] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1468.777185] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1468.778854] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1468.780530] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1485.127666] FAULT_INJECTION: forcing a failure. [ 1485.127666] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.130460] CPU: 0 PID: 8849 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1485.131896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.133698] Call Trace: [ 1485.134274] dump_stack+0x107/0x167 [ 1485.135066] should_fail.cold+0x5/0xa [ 1485.135893] ? xas_alloc+0x336/0x440 [ 1485.136715] should_failslab+0x5/0x20 [ 1485.137538] kmem_cache_alloc+0x5b/0x310 [ 1485.138424] xas_alloc+0x336/0x440 [ 1485.139198] xas_create+0x34a/0x10d0 [ 1485.140012] ? queued_spin_lock_slowpath+0xcc/0x8c0 [ 1485.141113] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1485.142247] xas_store+0x8c/0x1c40 [ 1485.143039] __xa_store+0x164/0x2d0 [ 1485.143830] ? xa_delete_node+0x280/0x280 [ 1485.144746] ? trace_hardirqs_on+0x5b/0x180 [ 1485.145691] xa_store+0x31/0x50 [ 1485.146416] __io_uring_add_tctx_node+0x1cf/0x520 [ 1485.147457] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.148598] ? alloc_fd+0x2e7/0x670 [ 1485.149399] io_uring_setup+0x1fbb/0x2980 [ 1485.150310] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.151402] ? wait_for_completion_io+0x270/0x270 [ 1485.152477] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.153615] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.154738] do_syscall_64+0x33/0x40 [ 1485.155546] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.156665] RIP: 0033:0x7f606cee6b19 [ 1485.157471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.161442] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.163085] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1485.164631] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.166181] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.167721] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.169274] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:37 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 53) 21:28:37 executing program 7: sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x1a}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000050}, 0x800) r0 = syz_io_uring_setup(0x7d04, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = creat(&(0x7f0000000300)='./file0\x00', 0x0) io_uring_setup(0x257b, &(0x7f0000000340)={0x0, 0x77cc, 0x10, 0x1, 0x349, 0x0, r1}) syz_io_uring_setup(0x59b, &(0x7f0000000080)={0x0, 0x9559, 0x8, 0x0, 0x2e7, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000180)) 21:28:37 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) 21:28:37 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) 21:28:37 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='coredump_filter\x00') r1 = open_tree(r0, &(0x7f0000000140)='./file0\x00', 0x8000) readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/32, 0x20}, {&(0x7f00000002c0)=""/191, 0xbf}, {&(0x7f0000000380)=""/55, 0x37}], 0x4) rt_sigprocmask(0x0, &(0x7f0000000080), 0x0, 0x8) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:37 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:28:37 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:28:37 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x41ae, &(0x7f0000000000)={0x0, 0x44fa, 0x10, 0x1, 0x30b, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, @in_args={0x1}}, './file0\x00'}) syz_io_uring_setup(0x7139, &(0x7f0000000240)={0x0, 0x6ec9, 0x4, 0x3, 0x2fc, 0x0, r5}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000340), &(0x7f00000003c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) io_uring_enter(r4, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r6 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd=r4, 0x1600000000000, 0x0, 0xfffff001, 0x1, 0x1, {0x0, r9}}, 0x6) [ 1485.198086] kauditd_printk_skb: 13 callbacks suppressed [ 1485.198105] audit: type=1326 audit(1778448517.410:3462): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.207211] audit: type=1326 audit(1778448517.410:3463): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.211319] FAULT_INJECTION: forcing a failure. [ 1485.211319] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.215491] CPU: 0 PID: 8858 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1485.216976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.218733] Call Trace: [ 1485.219294] dump_stack+0x107/0x167 [ 1485.220068] should_fail.cold+0x5/0xa [ 1485.220888] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1485.221992] should_failslab+0x5/0x20 [ 1485.222797] kmem_cache_alloc_trace+0x55/0x320 [ 1485.223772] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1485.224855] ? io_import_iovec+0x1120/0x1120 [ 1485.225783] ? lock_downgrade+0x6d0/0x6d0 [ 1485.226654] ? do_raw_spin_lock+0x121/0x260 [ 1485.227578] ? rwlock_bug.part.0+0x90/0x90 [ 1485.228489] __io_uring_add_tctx_node+0x2c6/0x520 [ 1485.228631] audit: type=1326 audit(1778448517.419:3464): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.229502] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.229520] ? alloc_fd+0x2e7/0x670 [ 1485.229561] io_uring_setup+0x1fbb/0x2980 [ 1485.236756] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.237828] ? wait_for_completion_io+0x270/0x270 [ 1485.238875] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.239987] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.241095] do_syscall_64+0x33/0x40 [ 1485.241882] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.242959] RIP: 0033:0x7ff29b41cb19 [ 1485.243744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.246031] audit: type=1326 audit(1778448517.420:3465): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.247622] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.247643] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1485.247655] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.247666] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.247677] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.247697] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1485.263739] FAULT_INJECTION: forcing a failure. [ 1485.263739] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.266181] CPU: 0 PID: 8860 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1485.267625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.269393] Call Trace: [ 1485.269959] dump_stack+0x107/0x167 [ 1485.270738] should_fail.cold+0x5/0xa [ 1485.271549] ? xas_alloc+0x336/0x440 [ 1485.272340] should_failslab+0x5/0x20 [ 1485.273154] kmem_cache_alloc+0x5b/0x310 [ 1485.274020] xas_alloc+0x336/0x440 [ 1485.274774] xas_create+0x34a/0x10d0 [ 1485.274835] audit: type=1326 audit(1778448517.420:3466): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.275576] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1485.275601] xas_store+0x8c/0x1c40 [ 1485.275641] __xa_store+0x164/0x2d0 [ 1485.282722] ? xa_delete_node+0x280/0x280 [ 1485.283617] ? trace_hardirqs_on+0x5b/0x180 [ 1485.284548] xa_store+0x31/0x50 [ 1485.285265] __io_uring_add_tctx_node+0x1cf/0x520 [ 1485.286287] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.287388] ? alloc_fd+0x2e7/0x670 [ 1485.288174] io_uring_setup+0x1fbb/0x2980 [ 1485.289065] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.290138] ? wait_for_completion_io+0x270/0x270 [ 1485.291185] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.292289] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.293391] do_syscall_64+0x33/0x40 [ 1485.294177] entry_SYSCALL_64_after_hwframe+0x67/0xd1 21:28:37 executing program 4: setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000140)={@ipv4={'\x00', '\xff\xff', @loopback}}, 0x14) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='ns\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1485.295270] RIP: 0033:0x7f2d330fab19 [ 1485.296195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.300055] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.301673] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1485.303175] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.304681] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.306190] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.307684] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1485.312260] audit: type=1326 audit(1778448517.525:3467): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:37 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000340)={0xfffffffffffff89f, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x4, "a05345bc74c910"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000001340)=ANY=[@ANYRES64=r0, @ANYBLOB="0000000000000000b600000000000000ff000000000000000800000000000000000400000000000040000000000000006900000037000000020000004a454b0f04000000000000000500000000000000060000000000000045c300000000000038000000000000000000000000000000000000000000000000000000000000000000000000000086000000000000000000005e96876ecddc23e54091d05ee6b382dd00"/176]) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) [ 1485.339392] audit: type=1326 audit(1778448517.525:3468): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.345614] FAULT_INJECTION: forcing a failure. [ 1485.345614] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.348084] CPU: 0 PID: 8856 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1485.349542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.351294] Call Trace: [ 1485.351853] dump_stack+0x107/0x167 [ 1485.352643] should_fail.cold+0x5/0xa [ 1485.353454] ? xas_alloc+0x336/0x440 [ 1485.354243] should_failslab+0x5/0x20 21:28:37 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1485.355162] kmem_cache_alloc+0x5b/0x310 [ 1485.356033] ? stack_trace_consume_entry+0x160/0x160 [ 1485.357119] xas_alloc+0x336/0x440 [ 1485.357876] xas_create+0x34a/0x10d0 [ 1485.358686] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1485.359812] xas_store+0x8c/0x1c40 [ 1485.360589] __xa_store+0x164/0x2d0 [ 1485.361365] ? xa_delete_node+0x280/0x280 [ 1485.362247] ? trace_hardirqs_on+0x5b/0x180 [ 1485.363166] xa_store+0x31/0x50 [ 1485.363864] __io_uring_add_tctx_node+0x1cf/0x520 [ 1485.364903] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.366004] ? alloc_fd+0x2e7/0x670 [ 1485.366798] io_uring_setup+0x1fbb/0x2980 [ 1485.367694] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.368762] ? wait_for_completion_io+0x270/0x270 [ 1485.369813] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.370918] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.372010] do_syscall_64+0x33/0x40 [ 1485.372800] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.373869] RIP: 0033:0x7f38f4330b19 [ 1485.374646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.377140] audit: type=1326 audit(1778448517.525:3469): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8853 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.378522] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.378544] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1485.378555] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.378567] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.378585] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.390584] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:37 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = syz_open_dev$vcsu(&(0x7f0000000140), 0x7, 0x20000) tee(r1, 0xffffffffffffffff, 0x7, 0xc004480478343ded) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:37 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 50) [ 1485.441961] audit: type=1326 audit(1778448517.654:3470): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8869 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1485.449496] audit: type=1326 audit(1778448517.655:3471): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8869 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:37 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x200}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x40010, r0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x200e00, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="0200e4ffbfffffff2d2f66696c653000ec9f02ca7ff76e6f7c5e438814bffa588a271b59da1fe7113b112591ed940bb6ffe25cae9134af87fea0e9aaafcd3b33f0ce80d42185071081cb88306553fa7665e3e55622d7dc7966964c412c8774fb7088f94fd5c7cdce732a1dd6f5c00d31a518799ba448d9150e0b8450fdb0c1b9df19b3f07c554cc39bbc8749addab9fd2b0a2929a2308886233fd73b5f2d1ebefb99db05e9d50dc165791853f9c92fedaa616cf243407bb222c8dbe2782aa0f33d4b462da4e5d7c3427177b396"]) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x8050, r0, 0x0) r4 = syz_io_uring_setup(0x22fc, &(0x7f00000001c0)={0x0, 0x9b3c, 0x2, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4000, @fd_index, 0x9, 0xffffffff, 0xff, 0x1d, 0x1, {0x2, r7}}, 0x3) 21:28:37 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1485.519557] FAULT_INJECTION: forcing a failure. [ 1485.519557] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.523039] CPU: 1 PID: 8877 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1485.524484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.526241] Call Trace: [ 1485.526799] dump_stack+0x107/0x167 [ 1485.527572] should_fail.cold+0x5/0xa [ 1485.528383] ? create_object.isra.0+0x3a/0xa30 [ 1485.529354] should_failslab+0x5/0x20 [ 1485.530154] kmem_cache_alloc+0x5b/0x310 [ 1485.531011] ? mark_held_locks+0x9e/0xe0 [ 1485.531880] create_object.isra.0+0x3a/0xa30 [ 1485.532813] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1485.533900] kmem_cache_alloc+0x159/0x310 [ 1485.534781] xas_alloc+0x336/0x440 [ 1485.535540] xas_create+0x34a/0x10d0 [ 1485.536340] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1485.537453] xas_store+0x8c/0x1c40 [ 1485.538235] __xa_store+0x164/0x2d0 [ 1485.539004] ? xa_delete_node+0x280/0x280 [ 1485.539889] ? trace_hardirqs_on+0x5b/0x180 [ 1485.540820] xa_store+0x31/0x50 [ 1485.541527] __io_uring_add_tctx_node+0x1cf/0x520 [ 1485.542549] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.543649] ? alloc_fd+0x2e7/0x670 [ 1485.544431] io_uring_setup+0x1fbb/0x2980 [ 1485.545325] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.546396] ? wait_for_completion_io+0x270/0x270 [ 1485.547440] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.548553] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.549705] do_syscall_64+0x33/0x40 [ 1485.550484] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.551571] RIP: 0033:0x7f606cee6b19 [ 1485.552361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.556233] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.557852] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1485.559355] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.560868] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.562359] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.564021] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:37 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) [ 1485.599972] FAULT_INJECTION: forcing a failure. [ 1485.599972] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.602543] CPU: 0 PID: 8881 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1485.603991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.605752] Call Trace: [ 1485.606317] dump_stack+0x107/0x167 [ 1485.607092] should_fail.cold+0x5/0xa [ 1485.607903] ? create_object.isra.0+0x3a/0xa30 [ 1485.608880] should_failslab+0x5/0x20 [ 1485.609688] kmem_cache_alloc+0x5b/0x310 [ 1485.610556] create_object.isra.0+0x3a/0xa30 [ 1485.611485] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1485.612566] kmem_cache_alloc_trace+0x151/0x320 21:28:37 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 54) 21:28:37 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) io_uring_enter(r0, 0x29eb, 0x11c6, 0x3, &(0x7f0000000000), 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1485.613572] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1485.614837] ? io_import_iovec+0x1120/0x1120 [ 1485.615765] ? lock_downgrade+0x6d0/0x6d0 [ 1485.616656] ? do_raw_spin_lock+0x121/0x260 [ 1485.617567] ? rwlock_bug.part.0+0x90/0x90 [ 1485.618466] __io_uring_add_tctx_node+0x2c6/0x520 [ 1485.619486] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.620591] ? alloc_fd+0x2e7/0x670 [ 1485.621376] io_uring_setup+0x1fbb/0x2980 [ 1485.622260] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.623330] ? wait_for_completion_io+0x270/0x270 [ 1485.624381] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.625492] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.626592] do_syscall_64+0x33/0x40 [ 1485.627377] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.628457] RIP: 0033:0x7ff29b41cb19 [ 1485.629259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.633148] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.634767] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1485.636280] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.637800] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.639303] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.640816] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:37 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) fcntl$setown(r0, 0x8, r1) syz_open_procfs(r1, &(0x7f0000000140)='task\x00') r2 = eventfd2(0x5, 0x100801) pread64(r2, &(0x7f0000000040)=""/238, 0xee, 0x7) [ 1485.693575] FAULT_INJECTION: forcing a failure. [ 1485.693575] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.696088] CPU: 1 PID: 8894 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1485.697563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1485.699332] Call Trace: [ 1485.699893] dump_stack+0x107/0x167 [ 1485.700894] should_fail.cold+0x5/0xa [ 1485.701876] ? create_object.isra.0+0x3a/0xa30 [ 1485.703053] should_failslab+0x5/0x20 [ 1485.704035] kmem_cache_alloc+0x5b/0x310 [ 1485.705055] ? mark_held_locks+0x9e/0xe0 [ 1485.705762] create_object.isra.0+0x3a/0xa30 [ 1485.706549] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1485.707430] kmem_cache_alloc+0x159/0x310 [ 1485.708171] xas_alloc+0x336/0x440 [ 1485.708809] xas_create+0x34a/0x10d0 [ 1485.709470] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1485.710391] xas_store+0x8c/0x1c40 [ 1485.711029] __xa_store+0x164/0x2d0 [ 1485.711677] ? xa_delete_node+0x280/0x280 [ 1485.712415] ? trace_hardirqs_on+0x5b/0x180 [ 1485.713203] xa_store+0x31/0x50 [ 1485.713795] __io_uring_add_tctx_node+0x1cf/0x520 [ 1485.714652] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1485.715579] ? alloc_fd+0x2e7/0x670 [ 1485.716234] io_uring_setup+0x1fbb/0x2980 [ 1485.716999] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1485.717883] ? wait_for_completion_io+0x270/0x270 [ 1485.718764] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1485.719701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.720626] do_syscall_64+0x33/0x40 [ 1485.721281] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1485.722206] RIP: 0033:0x7f2d330fab19 [ 1485.722880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.726142] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1485.727485] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1485.728774] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1485.730058] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1485.731345] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1485.732642] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 55) 21:28:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x2d0b}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r6, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_OPENAT2={0x1c, 0x5, 0x0, r6, &(0x7f0000000000)={0x0, 0x40, 0x5}, &(0x7f0000000040)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r7}}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:28:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) [ 1500.163598] kauditd_printk_skb: 33 callbacks suppressed [ 1500.163611] audit: type=1326 audit(1778448532.376:3505): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.182838] audit: type=1326 audit(1778448532.391:3506): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:52 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:28:52 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:52 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) syz_io_uring_setup(0x348d, &(0x7f0000000000)={0x0, 0x1987, 0x10, 0x3, 0x7, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 21:28:52 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 51) 21:28:52 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) [ 1500.191288] audit: type=1326 audit(1778448532.391:3507): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.192040] FAULT_INJECTION: forcing a failure. [ 1500.192040] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.196685] CPU: 0 PID: 8913 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1500.198169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.199264] audit: type=1326 audit(1778448532.392:3508): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.199949] Call Trace: [ 1500.199976] dump_stack+0x107/0x167 [ 1500.200003] should_fail.cold+0x5/0xa [ 1500.205120] ? xas_alloc+0x336/0x440 [ 1500.205919] should_failslab+0x5/0x20 [ 1500.206732] kmem_cache_alloc+0x5b/0x310 [ 1500.207616] xas_alloc+0x336/0x440 [ 1500.208388] xas_create+0x34a/0x10d0 [ 1500.209212] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.210340] xas_store+0x8c/0x1c40 [ 1500.211123] __xa_store+0x164/0x2d0 [ 1500.211908] ? xa_delete_node+0x280/0x280 [ 1500.212094] audit: type=1326 audit(1778448532.392:3509): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.212816] ? trace_hardirqs_on+0x5b/0x180 [ 1500.216831] xa_store+0x31/0x50 [ 1500.217550] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.218587] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.219708] ? alloc_fd+0x2e7/0x670 [ 1500.220505] io_uring_setup+0x1fbb/0x2980 [ 1500.221414] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.222498] ? wait_for_completion_io+0x270/0x270 [ 1500.223560] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.224684] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.225800] do_syscall_64+0x33/0x40 [ 1500.226604] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.227699] RIP: 0033:0x7f606cee6b19 [ 1500.228496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.230304] audit: type=1326 audit(1778448532.392:3510): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.232436] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.232459] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1500.232471] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.232489] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.238314] FAULT_INJECTION: forcing a failure. [ 1500.238314] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.238669] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.245064] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1500.246619] CPU: 1 PID: 8911 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1500.247727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.249034] Call Trace: [ 1500.249413] dump_stack+0x107/0x167 [ 1500.249943] should_fail.cold+0x5/0xa [ 1500.250494] ? ___slab_alloc+0x470/0x700 [ 1500.251080] ? create_object.isra.0+0x3a/0xa30 [ 1500.251736] should_failslab+0x5/0x20 [ 1500.252279] kmem_cache_alloc+0x5b/0x310 [ 1500.252863] create_object.isra.0+0x3a/0xa30 [ 1500.253488] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.254213] kmem_cache_alloc+0x159/0x310 [ 1500.254809] xas_alloc+0x336/0x440 [ 1500.255324] xas_create+0x34a/0x10d0 [ 1500.255870] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.256624] xas_store+0x8c/0x1c40 [ 1500.257154] __xa_store+0x164/0x2d0 [ 1500.257679] ? xa_delete_node+0x280/0x280 [ 1500.258278] ? trace_hardirqs_on+0x5b/0x180 [ 1500.258902] xa_store+0x31/0x50 [ 1500.259380] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.260072] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.260830] ? alloc_fd+0x2e7/0x670 [ 1500.261366] io_uring_setup+0x1fbb/0x2980 [ 1500.261963] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.262683] ? wait_for_completion_io+0x270/0x270 [ 1500.263390] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.264134] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.264878] do_syscall_64+0x33/0x40 [ 1500.265411] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.266138] RIP: 0033:0x7f2d330fab19 [ 1500.266673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.269283] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.270363] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1500.271367] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.272370] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.273385] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.274408] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1500.298011] FAULT_INJECTION: forcing a failure. [ 1500.298011] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.299591] CPU: 1 PID: 8916 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1500.300500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.301620] Call Trace: [ 1500.301974] dump_stack+0x107/0x167 [ 1500.302454] should_fail.cold+0x5/0xa [ 1500.302963] ? create_object.isra.0+0x3a/0xa30 [ 1500.303572] should_failslab+0x5/0x20 [ 1500.304076] kmem_cache_alloc+0x5b/0x310 [ 1500.304617] create_object.isra.0+0x3a/0xa30 [ 1500.305203] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.305884] kmem_cache_alloc+0x159/0x310 [ 1500.306438] xas_alloc+0x336/0x440 [ 1500.306917] xas_create+0x34a/0x10d0 [ 1500.307426] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.308128] xas_store+0x8c/0x1c40 [ 1500.308611] __xa_store+0x164/0x2d0 [ 1500.309094] ? xa_delete_node+0x280/0x280 [ 1500.309651] ? trace_hardirqs_on+0x5b/0x180 [ 1500.310226] xa_store+0x31/0x50 [ 1500.310667] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.311305] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.312000] ? alloc_fd+0x2e7/0x670 [ 1500.312494] io_uring_setup+0x1fbb/0x2980 [ 1500.313075] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.313748] ? wait_for_completion_io+0x270/0x270 [ 1500.314409] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.315100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.315155] audit: type=1326 audit(1778448532.392:3511): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.315782] do_syscall_64+0x33/0x40 [ 1500.315797] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.315816] RIP: 0033:0x7f38f4330b19 [ 1500.321960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.324392] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.325405] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1500.326330] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.327255] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.328170] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.329102] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1500.330340] audit: type=1326 audit(1778448532.393:3512): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:52 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=0x0, @ANYBLOB="0800010002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa8, 0x0, 0x8, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7fffffff, 0x2f}}}}, [@NL80211_ATTR_HE_OBSS_PD={0x14, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x6}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x12}]}, @acl_policy=[@NL80211_ATTR_MAC_ADDRS={0x34, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8}], @NL80211_ATTR_PBSS={0x4}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac01}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac02}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}], @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_PRIVACY={0x4}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20044000}, 0x20040014) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r1, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) [ 1500.352774] FAULT_INJECTION: forcing a failure. [ 1500.352774] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.355181] CPU: 0 PID: 8919 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1500.356627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.358386] Call Trace: [ 1500.358948] dump_stack+0x107/0x167 [ 1500.359718] should_fail.cold+0x5/0xa [ 1500.360519] ? io_wq_create+0xeb/0xc00 [ 1500.361351] should_failslab+0x5/0x20 [ 1500.362150] __kmalloc+0x72/0x390 [ 1500.362884] io_wq_create+0xeb/0xc00 [ 1500.363675] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1500.364744] ? io_import_iovec+0x1120/0x1120 [ 1500.365671] ? io_apoll_task_func+0x2d0/0x2d0 [ 1500.366610] ? __io_req_find_next+0x300/0x300 [ 1500.367541] ? do_raw_spin_lock+0x121/0x260 [ 1500.368440] ? rwlock_bug.part.0+0x90/0x90 [ 1500.369342] __io_uring_add_tctx_node+0x2c6/0x520 [ 1500.370352] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.371440] ? alloc_fd+0x2e7/0x670 [ 1500.372214] io_uring_setup+0x1fbb/0x2980 [ 1500.373108] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.374166] ? wait_for_completion_io+0x270/0x270 [ 1500.375200] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.376297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.377523] do_syscall_64+0x33/0x40 [ 1500.378339] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.379411] RIP: 0033:0x7ff29b41cb19 [ 1500.380195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.384035] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.385624] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1500.387102] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.388582] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.390067] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.391553] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1500.395735] audit: type=1326 audit(1778448532.393:3513): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1500.411400] audit: type=1326 audit(1778448532.393:3514): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8904 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 21:28:52 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) 21:28:52 executing program 6: syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x200000, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r4 = getpgrp(0x0) pidfd_open(r4, 0x0) fcntl$setown(r3, 0x8, r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000700)={0x1898, 0x31, 0x402, 0x70bd2d, 0x25dfdbff, {0x8}, [@nested={0x134, 0x4c, 0x0, 0x1, [@typed={0x11, 0x6b, 0x0, 0x0, @binary="2c045879ffeb420feb21dd5726"}, @generic="6d498f02c1704cf60cad88f6a1fa4fd93b699d2439441863ff606641a54e1762b5c4c443d480aa4516a62afe451ded7b6e18746d4410c0b2e28609ec75c62c9599cc1abd49cf5336db0d2dc0ee138761e779b6f59f35b3cec643c9d4896ed8061cd26d7a9b183b5140fa821c0fccd7cfde1ccd61a2601ac1093a629c074f056c0aaab7d4221e018e3a627010431261a63465d6c20086b49a61804935f677d85a82b370938a1163d9ae61cf1f158521430d40d8372046cd7ac081ea448a3ba3b5b011e353c38d359d138d1f3ef53074346ed749a515fd67cb6bef6c4f4671846300f33445708a96736388d8f5df0938d93b4d7f6884b7", @generic="5eaa5a1bab42862aeba435bef763a993e136d324483379a2ef89b2d9d6dada592dcdf68cfa56"]}, @nested={0x10b5, 0x22, 0x0, 0x1, [@generic="2ec113581e8be97554f8e721715b0a5e8b6f744928d77f920ff30d8009d7f6e524ccca9dc4165e380487eaaf59d6b383ac52ca1ae8928af2f3a5af62ef53e91cf7b79871325f01b043e629a88ca50ef6005a139e9aa7e29bba7e26f12bc62d58eb0f6124a6724784edb604932960e87bf33f06f1427f963cb5f8a05934606e054f8a70e26f6ef5d3df064ee8b2974e923a1239ba7bdb8376af77189d8c533432760ac742187b4129e1446bfff841103f3ca0a538b94c3bd0d0be8af8f099f815ee345007b91486170e94585a3bb8749d88ee75735fdc82e6b0844bef24aefa97e12e3d5d971094261e665dc01efc005b23693a14e970ebeadd75a9c14bf625deeaeb45adf9dcd7e53019a03906e4ed54d15eb8a31b49712b81b911e7cd8f683663e3e974346be66bb4ed4b344c20bcb9de1b39142dc6d7cf85fa9498374f78aed3868e34b80dccce0b57a410c930f937345a6c5d367633815b88fdd0d38beb2ce47bc82b1208ebf25b6c61acfa183bf38481a82e3e63bb16d8239211c1e94efc02552680a7381ecbef83bee32209eadcde56a6434fe90a0d0f3046496bcea71b690af05687dd7ee39070805300285a8338e31571faec9e602a707ece6f098522a0e3d40b0e7c4cc2846a1f0b4225906fed48b603774c9f987be842ba2a5acdf9bfcbfcb54c96fcc8b42b45ccda6939353a97de4f40ebd3225cbc7aeadf5df230cf57d8115e8f86e951a8e0992e9b3d97634dec38e13e4c617ba37c2812fbc4f78daa9a052283cd29760fdf709127ab1378e90dd4196a29ddce5e812c6a204505ec57bd299ddf9faea96053c2652edc72043b7dd895c2a25d670a477388cd3227f847b28ae81fec887a42aa6f2bddea769b59c5f102929afbe668ed6b83f1fd60bf4f1f6c449c9cbf9ec3d2ebe8756dfb4ecd6f0f12322b12709fe6ad360c25e29476c8d9a250994df438d9d3ee79c5a7757ca88afd6a783962b662ac192e8146929a07bbe441718b162f04a82f58847861a6d4178aa4b902ba24c3546bb12bdff95d2b26726d1f7f9ecad1f45178ed080bf9867791cf0cac40ccc9d2200e9caf4002daf7ca8214b566c8bb732cef9c2fd17490925e996056a7dca1d13226b02bcbb355a54d68565bf6d4feb7e186984ce6021ef9e1a46a7eaec1ff031e8bbe8c42b546a5e5ad9147442c1e9f296b7b686e266ca69a88ca7d2353219fb88b0cc65e49e976b56ca7d37607444d5776220486b1ebced4594b6d418b2a78ff93134d5985cdfa5ce9fd4fe9319d3a8b40abdb7bf9634c331c6c22ba325b0a3b60234081dd01281ddf00366a15b0afde3044593c01d3fe4fd6d2f5d6f208ac5fdaa5a9233ea8bb93e95dd3a5c4625dc4542106c73bc8451f9f5849afa840c5927e5487cd88277c50a96fa8867908e65d558e0936a0a17b107c7a2fafe5133cc3f8945612fb4f0e540fb39c1cc01fcafb7b92d4925673d4e369e23f25e5972b7cb1123c12a57f9e0eaa5ce5c1c7e7e4f6c2959d7481b6cdf2ed01d143398e2812af7f5718e2b86a8fde6d1eaaf38ed96c58c1f92320058790b8cfed04bf16fdfc1b9c4ac04638ca3520711b2504ed4f3af5226f144a82cbb501ce2376f23056481b6dafae20b70d52a282c27d20fbbb9faaa78c36675ae66486c7ccad6a5e075ad14597333823002cd3cb16820df4c13917d3287cfeb596eabf3c6740b188397d11573da1ef8cbb1e3b5e4c378061338a49504102e930ab4d2de5433c932fe64ec2b4e155e7a80de2bc5ef60d8294293bff79a3543d9839ae7bbbe0486c273ff382372380fe7943cca9c96f6788b902b588a009d3ba864d78cc4816537f6d38f87cc1256f9a11571655f4f96e2a8ec683002a73e3e7bd0a43c7ad160a851c529522a28ffba0a7293a126ca09b142de0a1ffb88b509e5a493a9b8aadeb74c6afe8080701fbfd17cf09a56e36b6bf3243ed984b6dbf50d89663967719f7c7d51f76ea21ed2369f0cf340b5dc4f775a912dce16754b2cc1a99b2bc2030837c241a475e37e9427d0c3f94f6ce0cf8cb098772d539b4be9fdfbd89f650ef6aa4adac4c45de317265756a039192b26e84ffdfaf9f15deee8cbd60156aa8a0d861f860c79e96aac7d0e38c944b7dcf75dacdba27fa9d30dbb933db2a4fde1828688ccf895f3ffa805665b519afb125f5f81b056f37dc742553fdc8199e9f9f61703518dc5b32c4487b761937d5a0eedab6dc328d1a82896138df31f76e9fa4a2aff02044d788f8fc0a630db3b3703390126c79a8242bd9309c1bb7a5b4411b86ae50f1d93555ca86a0acae59ee38a76e0a3fc12a7add9a576fd2fb39ece4931c4deaaef5ffd55d133eefe741c07b38e1deabcce20c87956eda37e3bd35dda0fd869ebbc15b397f366a37a97720dbcb241256917208575a0a47059df864e3d2cb0fc906a30f20fafbf66915defb1276f357f3e7a26eb5f27cf5312a6cd1b409a49fda48fb1d4fc3fea69a0f03982c26c1d41d980b6f2acd1221b748135c172a39d3e1288b6d91d168feb960aff66560261c2ac5e75c87bbf935ed50745516f1d77e319916c6747d63b10f1b0378ebd620c2a3c0622c9d34ad7827c3471d19dd820a9c2bf442fcd8700945c2ee5664ac2636d82b1fbe7bdd35954412886f93b99fb7515ffcdf47acd7a9dfe7616f23a9a43fb0067a793f29850ded257ba2058b26dc42373eeca04d3569c7e9502ee553beaa136eaf1f73b944d04932afeed685bdfd3140ee859b8335160371f529d678b52b6740bb79e7891e91b4724502cec63febc13e997a0a535822170e42669b9992fe53b69eee7cdf4bd48ccdab55140a3dc97769d1c35cd85c6cc56535c996ac7e4eb1b62a63710190183f4dcc24c9afa3e5ef64f642596c4a1f604b3ee16910f6435b54fec5214f7148bc4356ffe5cf04d3c9770bc58efa216ea0f0e107078575d75de1382ca4630a21122585ac18c43819236b5ef8d764049105bc0fc4ec8fb750c5c3259272d791a4e57011cc6f8d15b206628a5fb9fb339b4a5dc1399489b2bbbdc096d8546cffd571f986000f8519da588d62ac3d88a5fb2725fa1c91e041030fd052c1750185149bbe57f0d28702aeca584637186fc4a8defce5202267972a76d9641a5ecb1f51cda82637455c27061d407511446d2acb3f0e617ea93cd17eacebb9771561c32b1d50fa27fab7e77dad48b5744c8f1e3abccd8d268ef6e8e89559755959cab2934f829b126a94331d0a731263e3a86cc8c2b66da8efedc2f976626d4e9d64b34fbc58b022b43420bf49fe631ec01d46db5d9a3e6875d827f8bb6ce5c1b80aef52980cc29610ac24501f59ff88efa309a43015bdb2d3d99855b12fda88c5e985bbda191826ef256299785131b764dbd64b049466772d95aa4078edbf121bb23021ebbfb3d72b6c07e455d3870b56b71e0ff1757172d72f48bd9ababaffe1eb00ccbf6f4214fa13eade2e04124e99e60bcbd78915bc9cf8bddad9ea16c1154e0409ba666b79d9c21ee98973b9acc63675ff392f184ae0e99bd80d98bab53aca7b18f0bbb0670acf1914b6ebd759c44acb8a146e7ee07ab861faeb5c68282e905f676c6bbc64ac4cf31a2984de11dd8fe1b60545ab718b1fc09a5dc5ecf9ed0139213b07b93c6f2fd8833810dd77a1f586ca5effbe4bbc46337376e8ede0fd0bf2d2a808ef5272b3a29e628d30419a1477b5b8ced659438ffbd50749bc718a80bc48f1fd39866176bf87baa77134f41008e60718fb8137e569beee76165207d523928e5b944b47326974b784b24d0c3c21d112cdc6bb5ca14365c58dff2c6f60d83035762289360f486c28f8b39163e67c0688ce342ea3b263afa2549684262b8bf03be856844ab2abc33c634acfbc48e94f677ba000038b7edba9204b0d18c60be7f8c03027cffac3f3656f44f83de0c6a33debd842474cd228e409ac4d5a495f67496b5e50677d662b5331948098f2393e64528bdecb44766af38e9f3dddfce1ae5e2b7cf0cdb325dddbd3d7316717cd792f9d85627840ae856ff187f2d96420a31a5926b802a3c3e0bb2b5d396f1b46aea0362f7d485b9b38f8d8e68a0c4da8c63753e141ed76ad05481aad9f19f6497eff5fa62974246f35e927f50e98a860c53fb73bafb657a4b3bc5294d7704db0802cccc30a246e2b25e09d456b57fc8fb9ded564d76881f163bec516efcf79040946f228f563cf65fa9b0380797be9a1561fa1f52354064cdb00d30bfb60fd768f85a25f8319f4f224b1fb756582ed6ad50e1a53cc6d0a6fd3af312ca1c536d6fc5c6a32075717b75eae1f6e26e33eac851280ffd355312a012cf6574634661536f05e28fb4824583f1669f2aace9dfbf3a4d0cb64a0ea2dffddad3a667352fc1ade76755dda698b3375958811fbe32fbd35e004903292546470474b4c3da4ef35119939a171639eae3d23548bcacf83b2195c9bdbc93c75c5bdd7eac319ed03ad0be3c56d60ad100acb35139aa153178586b99b15584da8a846c69e97041e72bfc4fe02f7f5e9ca1a9ca93292e3622059891c1f36bdc70c8db211dfe07fceb14788b42ea7676356f8ad7b36a0708cc2f60780798a6c22571fa10d37758984cfa96f1a222c08bec43a52172612d0838f05eb19eea6b68368a9a8634982a2a3be7ca3d5d6b06db0703561af5d9b019d670b737ff469179f83df5661b1d20c5f45355446afa385b9e1cd55c37b7e71bf56511f47e273adf4e895a36039aff2b8ed636f45d1cef01ec6d71f29ba532c7f39f4da0e9e45579e5cf1a2ba8dc5f2c2866da90d224cdc05ba396e1d95a6969d0c38a170e9a11ed78ff1e0d2a4ed7e030de705a53a671f3fa669535c14c7c0fa9c61d988d49220868bebdda2677bb16ecd47230c1b145607d31899ceb977fc25c18d18ebb7049bb9c98546f9e3a2ae2910c090b99a689258ff0566989beb2d2895e89b69f51b1d14699f125a1b5097ba0ac256adaaedafdb584146971bd01dea490e60aacad983ad71818de7ef96608004bcd2ae241315e1a84946eecea17e315d9c5107ad3e325f142ffa779f2d1406a7aefd9c7557397c991fe3d7da2cbbaeb564d6496a03a9d195e2a161bedb7be84fdcf37ecbfc67a018999118c6bb9c5d8efb7dc3113ed95ff176084cca808a027b965f0d16f55d0ffc0b1111e170049e4899eda8e1787e0606e72fc663ca0cabd4fd96c96b32c67717a55bd37c738a7af6b2b8d10adb524d3f84178ec2871abc157bd84fe6aefbacb9018166b4635fe12c0227289c4da7ab6c4460e51af71ceb5ad327528d28673a6707a99b85ad7131dc2a1c2b9464a4081dbcdc505cb4d930d5a1cc60d656c92e1e35d426f4bca3af40917bf2c3023b57839e07e52e20ee90a90e0c62a2bfc34dc80d2ac079d2f980d98ed8f2e5e1da216f5a5a25ce4e703079e5517fae14a28857c1aa301710b9d7fdae2f7727e17a909c3b2c1a4c64b08b57247ff97673c16d0ce7f9c7748e5f0bee3af6e1258180d049c1fdda9a685e5ad931d153747fef4a95522566e8cc1df20eef1653772d95e0ef526cc2e4edcf49d49ce09c4c66315fd45cabab44d58963fcf344793c1926ae0cba0695826e2c77dd66f889a0faf918245fadd2e1ef0754b1f08a76943e4c589d5cbb0e2ca625e54fd5104974785362e4da61f58cb1942823fb4310f3acfff62c48d94d8803b07f19e1d05793b4a34b717118f0181daf7692af2aa0f3f7dd541afcd73ca2a62b71f6639e960619090e6f1d6dc15c2a45b01ec2f9c3673d788cd30f060e6227fb0a", @generic="735a7739d927d5f3f511fc760519154f479bcc280b286a1bc580afcac499535bd964d6bdd3d1e2d247eb6a4efa9ab7cf49d3f92132ef9acee85ed40f64c7c0e91af43a63281a90", @typed={0x14, 0x69, 0x0, 0x0, @ipv6=@remote}, @typed={0x8, 0x4e, 0x0, 0x0, @pid=r4}, @generic="b39576b3de7bff363120dabfd89ccb1feaef54f759e040811817262a193b5b0773d51427f70f6aad97b3a8f8174bf15152dbc7433daf83982e5d25c078e8c67d955ed2f4f0d340d189f51fdca4cc"]}, @typed={0xc, 0x51, 0x0, 0x0, @u64=0x400}, @nested={0x28b, 0x1a, 0x0, 0x1, [@generic="3dfc42bcc81df7599d1936f46afffc2247e79ebdbd3d2214aa94a6dd490d7de0a256fc744d172129fb01414d0f7464f257c8f2b9fbd673bb9ecd6f6a440462367f25f2d52e2003daec06d3a6f98ea527bbaf84cfa4559e36723c26873698a0230025ef28096d5e1a1430da65c1146614087ae16fd57d370e58af0a49de73593915a39950e73f3798979c28cc223d4651290f828f1da1aba4cc88af37991da9562e4a338f089864619ecdfa39cfd8a3cb542622c64353f77fc13a434e258a979805ab2ea553883e148aeadd7fb142df7f1ffaa07a9f453649ca452fea7e6085f61e1307f795f683569c60acb1734fe8b0df31d7a66c90", @typed={0x4, 0x4a}, @generic="75576531c1470daf745566130b9ab137f8a4809231d7b006fb6cef0f8e06f2960778f0f3f45581d68be1be828d46f971db4c2e61c4b8fc660a9205aecaf7f545af875d591bdd83b785060dc3ed0d6b3861703333840a0e96c30db6c5ae970b10a91cc3a30ccc95b98988addfb8d00da4d71f3a4611f78d4d84ce14314c4cbd05840c8a71fd95803588afe097ba946d0959a2917cb5ffa9ff417069b47a0ed577301ac3381f49344c153d175e8577454c006049c13f28c045a7db502b6186fbb1ba015f02492f11801cca62194f70b8d7", @typed={0x8, 0x7e, 0x0, 0x0, @fd=r5}, @generic="ed5a5959df146394f46aab57f81fa4fb47575eb219c1dcf4cefb8af84eeb58ef9df9b12140490e31e77dfe78638a5483530bd6896a9da5e53c502a60833eca0708b5e909b3801dceef561b9f8b55830b89126b0ef2b27fe88198b54989f85d300075a52a426660a224d0db6a57e1ed186bf39822c8e80b70b37628bc8def87bf8ce1489813b72bedea52faaa3be95ca35f61b485d371f4c9e57e6dadff88906f0121ed22079e96dd9ee766dd97e1d1e08e7bbbe177"]}, @generic="745cc13d35a479c89f13614a06dc0064bfeb966295f6bff5ad78ca10eaffdf3b424db5d548baba52af0211e9785a4f32d8281354ba7a23e7857d5238647298aedf7ef7f366c22ab6a71f5604cd1e5dab0ba1f4a3f4e5f91ad491512f96522f49af210e78cf3fefe8a3872553e628dbbec5fd2572b815be088014aab7038ff65732199c5604bf26ee5d289c8198e9626001d76f3e6858da64c8ca169d196a3dbd27784e558234e67eaf22fe2f7783b2691b8dc5aa2e6717b938b4d5079b3ae3daf3fa37b7a2177c7fda01c5d7c3b25dc777990c", @nested={0x32c, 0xe, 0x0, 0x1, [@generic="4d8748e8c25422d2366ece034bd09878966f7d8d96bd06bd5bc0e97eed246754478ae357302e01f421f5640364df0eab3531e91f191f734d32e20de3ddd5252ac577987da72aecfa635c824e0dc4917fc271037dffa2209ec4216aa4e70f4abff32876", @generic="a8f4c3ee0b5370876aa8cb19e87f767fe53db83fca7ade55e0660309f3bdcf59a6bb018bd055a44471832c0df5ac7710e494bec23d43ab7b13cbee349e6ee272bdb8e97f429b154def75114b4ba7db7eece0b777b5afe528497ed287c0827f242bc2b23344dc2dab92831695b5461c499cda93999871fef3fe730eabb707e6b448281838f982c306ee19385b3d7d4eba0aaeee06ea77a6aa1414ddbd4ab66313c78b84f21b4a59223f327fec129d6bcedd343e4460", @typed={0x8, 0x49, 0x0, 0x0, @pid}, @generic="3830b2e2c444489af48d43be4d0fd49385d3f2bed8a7d8ac5495caf6c40ecac0782470b282d94b8a4daee82ff342d7a90fec6f718c0d6ea4418ce629093bc5ae3226d0bf57dccb43", @typed={0x8, 0x7, 0x0, 0x0, @str='\\/@\x00'}, @generic="c2f4891f654f65b0ae049b668e4350be6e5aaa81c0cb9fe66ec54e2c24d662fdc75cb2c39dede09f6efd94d47ac08723f1ca429b424117975e970cb4b247a72add28b525740925dc86c4950bc3fdc1cdc6b6c4beeb898cc33720bec5e51bda32d3a9dc7a9eca0630994da439c696e5706a74d9d4537a319d4b2e86f93f947674de94b9f5cb6ba1f04cbd31e7738d7defa66561f2ee03c4b3ed675fb0fab80499496cbe20192ed4359b3ad9567ac92c1223ac197be760167468448324d287f04c4a8cca987e7395bd5f07", @generic="2e0dff6c5875d6fb1dc0bb7dec7ac3db4f3f7f69fd0849142bff017564162da219f5bd0928f086ddc0641914a9cab4265a517e65608ec930f95741133b3001eb0ff75863409bb40b5fb3c133fd125ff70d06c2c2eb5a4da15e8fc05113ac5e77e4c98b73d147676b91b1cfabc26d1c3f228ba00b7140c2807ffa5761d9766194184bb01d9bf80ecb300bb1addb69da7d4629cec2722ed4a380484e007acc39d8b00a0ed1428c4f3757b385723562f2283ba830bb125058c03331a853fb13af43bd67fd356014de218e1dd53529eadc79f6a412a5ed81ab8fc9975d4c5f6652af6ec6b051515273684246", @typed={0x4, 0x28}]}]}, 0x1898}, 0x1, 0x0, 0x0, 0x4040890}, 0x80) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002ac0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c00003467003e590d9cf1263fe90907fa76344ef9c8f1e2ea76e95a4e710ca90a9a4bcbae13ab8f41", @ANYRES16=r1, @ANYBLOB="090700000000000000000500000008000300", @ANYRES32=r7, @ANYBLOB], 0x1c}}, 0x0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x28, r8, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x70d, 0x400000f}}}}}, 0x28}, 0x1, 0x0, 0x0, 0xc000000}, 0x4005) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x20, r8, 0x404, 0x170bd26, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) 21:28:52 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x810, r0, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r5 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x2007, @fd=r2, 0x9, 0x6, 0x1f, 0x9, 0x0, {0x2, r8}}, 0xfffffffc) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r9, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r4, &(0x7f0000000140)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x8, 0x0, 0x800, 0x1, 0x1}, 0x0) 21:28:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) 21:28:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 56) 21:28:52 executing program 7: r0 = add_key(&(0x7f0000000100)='.request_key_auth\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffe, r0, 0x1) r1 = syz_io_uring_setup(0x47ef, &(0x7f00000002c0)={0x0, 0xf07c, 0x2, 0x0, 0x3b2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000040)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) [ 1500.499647] FAULT_INJECTION: forcing a failure. [ 1500.499647] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.501069] CPU: 1 PID: 8940 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1500.501544] FAULT_INJECTION: forcing a failure. [ 1500.501544] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.501878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.501899] Call Trace: [ 1500.505572] dump_stack+0x107/0x167 [ 1500.506027] should_fail.cold+0x5/0xa [ 1500.506492] ? create_object.isra.0+0x3a/0xa30 [ 1500.507049] should_failslab+0x5/0x20 [ 1500.507515] kmem_cache_alloc+0x5b/0x310 [ 1500.508018] ? mark_held_locks+0x9e/0xe0 [ 1500.508515] create_object.isra.0+0x3a/0xa30 [ 1500.509061] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.509685] kmem_cache_alloc+0x159/0x310 [ 1500.510196] xas_alloc+0x336/0x440 [ 1500.510636] xas_create+0x34a/0x10d0 [ 1500.511098] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.511736] xas_store+0x8c/0x1c40 [ 1500.512180] __xa_store+0x164/0x2d0 [ 1500.512630] ? xa_delete_node+0x280/0x280 [ 1500.513145] ? trace_hardirqs_on+0x5b/0x180 [ 1500.513675] xa_store+0x31/0x50 [ 1500.514078] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.514667] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.515305] ? alloc_fd+0x2e7/0x670 [ 1500.515751] io_uring_setup+0x1fbb/0x2980 [ 1500.516260] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.516882] ? wait_for_completion_io+0x270/0x270 [ 1500.517479] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.518114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.518740] do_syscall_64+0x33/0x40 [ 1500.519192] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.519809] RIP: 0033:0x7f2d330fab19 [ 1500.520256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.522485] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.523410] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1500.524267] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.525130] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.525991] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.526839] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1500.527724] CPU: 0 PID: 8939 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1500.529231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.531036] Call Trace: [ 1500.531615] dump_stack+0x107/0x167 [ 1500.532408] should_fail.cold+0x5/0xa [ 1500.533246] ? xas_alloc+0x336/0x440 [ 1500.534056] should_failslab+0x5/0x20 [ 1500.534885] kmem_cache_alloc+0x5b/0x310 [ 1500.535776] xas_alloc+0x336/0x440 [ 1500.536554] xas_create+0x34a/0x10d0 [ 1500.537389] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.538530] xas_store+0x8c/0x1c40 [ 1500.539327] __xa_store+0x164/0x2d0 [ 1500.540122] ? xa_delete_node+0x280/0x280 [ 1500.541041] ? trace_hardirqs_on+0x5b/0x180 [ 1500.541987] xa_store+0x31/0x50 [ 1500.542709] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.543756] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.544897] ? alloc_fd+0x2e7/0x670 [ 1500.545704] io_uring_setup+0x1fbb/0x2980 [ 1500.546617] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.547717] ? wait_for_completion_io+0x270/0x270 [ 1500.548802] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.549903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.551029] do_syscall_64+0x33/0x40 [ 1500.551838] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.552958] RIP: 0033:0x7f38f4330b19 [ 1500.553766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.557766] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.559425] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1500.560984] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.562532] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.564079] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.565634] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) syz_io_uring_setup(0x1527, &(0x7f0000000000)={0x0, 0x3d49, 0x2, 0x0, 0x20d, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:28:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x1010, r0, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f0000000080)=@IORING_OP_FADVISE={0x18, 0x2, 0x0, @fd=r1, 0xff, 0x0, 0x100, 0x6, 0x1}, 0x5) r6 = syz_io_uring_setup(0x22f8, &(0x7f00000001c0)={0x0, 0x9b3c, 0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, r9}}, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:28:52 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 52) 21:28:52 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:28:52 executing program 4: ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000140)={0x70, 0x8, 0xf47, 0x0, 0xf, "1a57722b852ddb08"}) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:28:52 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) [ 1500.679199] FAULT_INJECTION: forcing a failure. [ 1500.679199] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.680593] CPU: 1 PID: 8955 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1500.681428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.682399] Call Trace: [ 1500.682722] dump_stack+0x107/0x167 [ 1500.683154] should_fail.cold+0x5/0xa [ 1500.683604] ? create_object.isra.0+0x3a/0xa30 [ 1500.684139] should_failslab+0x5/0x20 [ 1500.684594] kmem_cache_alloc+0x5b/0x310 [ 1500.685086] ? mark_held_locks+0x9e/0xe0 [ 1500.685566] create_object.isra.0+0x3a/0xa30 [ 1500.686075] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.686683] kmem_cache_alloc+0x159/0x310 [ 1500.687178] xas_alloc+0x336/0x440 [ 1500.687599] xas_create+0x34a/0x10d0 [ 1500.688051] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.688670] xas_store+0x8c/0x1c40 [ 1500.689144] __xa_store+0x164/0x2d0 [ 1500.689586] ? xa_delete_node+0x280/0x280 [ 1500.690084] ? trace_hardirqs_on+0x5b/0x180 [ 1500.690596] xa_store+0x31/0x50 [ 1500.690989] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.691553] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.692163] ? alloc_fd+0x2e7/0x670 [ 1500.692605] io_uring_setup+0x1fbb/0x2980 [ 1500.693103] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.693698] ? wait_for_completion_io+0x270/0x270 [ 1500.694278] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.694889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.695498] do_syscall_64+0x33/0x40 [ 1500.695940] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.696540] RIP: 0033:0x7f606cee6b19 [ 1500.696984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.699141] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.700028] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1500.700866] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.701698] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.702537] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.703370] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:52 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 57) [ 1500.724805] FAULT_INJECTION: forcing a failure. [ 1500.724805] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.727362] CPU: 0 PID: 8959 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1500.728852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.730646] Call Trace: [ 1500.731222] dump_stack+0x107/0x167 [ 1500.732015] should_fail.cold+0x5/0xa [ 1500.732859] ? create_object.isra.0+0x3a/0xa30 [ 1500.733845] should_failslab+0x5/0x20 [ 1500.734669] kmem_cache_alloc+0x5b/0x310 [ 1500.735555] create_object.isra.0+0x3a/0xa30 [ 1500.736503] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1500.737612] __kmalloc+0x16e/0x390 [ 1500.738400] io_wq_create+0xeb/0xc00 [ 1500.739219] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1500.740317] ? io_import_iovec+0x1120/0x1120 [ 1500.741277] ? io_apoll_task_func+0x2d0/0x2d0 [ 1500.742245] ? __io_req_find_next+0x300/0x300 [ 1500.743217] ? do_raw_spin_lock+0x121/0x260 [ 1500.744147] ? rwlock_bug.part.0+0x90/0x90 [ 1500.745083] __io_uring_add_tctx_node+0x2c6/0x520 [ 1500.746129] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.747260] ? alloc_fd+0x2e7/0x670 [ 1500.748064] io_uring_setup+0x1fbb/0x2980 [ 1500.748980] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.750073] ? wait_for_completion_io+0x270/0x270 [ 1500.751144] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.752279] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.753412] do_syscall_64+0x33/0x40 [ 1500.754220] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.755328] RIP: 0033:0x7ff29b41cb19 [ 1500.756133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.760156] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.761816] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1500.763357] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.764909] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.766452] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.767995] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:28:52 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x6107, 0x438, 0x2, &(0x7f0000000100)={[0x9bb]}, 0x8) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)={'syz1', "baf72f185c49aa5b7c5561479521b307e78cbb43c613b7233d7a4db1b6796d2c918f08fe8d12b3bddc41d9f15e14d81148c21ce8497adc36f7ace6f6983ced5e76f28a843c2ef0c77a87b3a0d5a6395f7af389338e7a01941d2d754fa81df826bc966e67b65d611269f03075ff4578593edfe4834960bd941d6c072110dbae77cf50fc952e069d29fc236c64caa4315539f2960273b9724c7d64a7a1e261c0f9fe5b29dacc269a5bd316f1753dabf331c7979e2986ebfb8895615f1200"/201}, 0xcd) 21:28:52 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r1, 0x0) openat(r1, &(0x7f0000000140)='./file0\x00', 0x8000, 0x0) [ 1500.803073] FAULT_INJECTION: forcing a failure. [ 1500.803073] name failslab, interval 1, probability 0, space 0, times 0 [ 1500.805648] CPU: 0 PID: 8968 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1500.807114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1500.808899] Call Trace: [ 1500.809472] dump_stack+0x107/0x167 [ 1500.810262] should_fail.cold+0x5/0xa [ 1500.811088] ? xas_alloc+0x336/0x440 [ 1500.811891] should_failslab+0x5/0x20 [ 1500.812712] kmem_cache_alloc+0x5b/0x310 [ 1500.813607] xas_alloc+0x336/0x440 [ 1500.814379] xas_create+0x34a/0x10d0 [ 1500.815205] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1500.816345] xas_store+0x8c/0x1c40 [ 1500.817138] __xa_store+0x164/0x2d0 [ 1500.817926] ? xa_delete_node+0x280/0x280 [ 1500.818828] ? trace_hardirqs_on+0x5b/0x180 [ 1500.819766] xa_store+0x31/0x50 [ 1500.820482] __io_uring_add_tctx_node+0x1cf/0x520 [ 1500.821533] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1500.822656] ? alloc_fd+0x2e7/0x670 [ 1500.823458] io_uring_setup+0x1fbb/0x2980 [ 1500.824361] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1500.825453] ? wait_for_completion_io+0x270/0x270 [ 1500.826512] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1500.827633] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1500.828751] do_syscall_64+0x33/0x40 [ 1500.829552] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1500.830649] RIP: 0033:0x7f2d330fab19 [ 1500.831444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1500.835389] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1500.837031] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1500.838555] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1500.840084] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1500.841611] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1500.843137] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:10 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) 21:29:10 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x125}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x2010, r0, 0x0) 21:29:10 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:29:10 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 53) 21:29:10 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x788dcbcc1e9223c6) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:29:10 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000008, 0x30, r1, 0x8000000) 21:29:10 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 21:29:10 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 58) [ 1518.697662] FAULT_INJECTION: forcing a failure. [ 1518.697662] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.701572] CPU: 0 PID: 8982 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1518.703031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.704789] Call Trace: [ 1518.705364] dump_stack+0x107/0x167 [ 1518.706150] should_fail.cold+0x5/0xa [ 1518.706961] ? create_object.isra.0+0x3a/0xa30 [ 1518.707936] should_failslab+0x5/0x20 [ 1518.708751] kmem_cache_alloc+0x5b/0x310 [ 1518.709624] ? mark_held_locks+0x9e/0xe0 [ 1518.710489] create_object.isra.0+0x3a/0xa30 [ 1518.711416] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1518.712497] kmem_cache_alloc+0x159/0x310 [ 1518.713437] xas_alloc+0x336/0x440 [ 1518.714193] xas_create+0x34a/0x10d0 [ 1518.715003] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1518.716113] xas_store+0x8c/0x1c40 [ 1518.716883] __xa_store+0x164/0x2d0 [ 1518.717662] ? xa_delete_node+0x280/0x280 [ 1518.718547] ? trace_hardirqs_on+0x5b/0x180 [ 1518.719494] xa_store+0x31/0x50 [ 1518.720195] __io_uring_add_tctx_node+0x1cf/0x520 [ 1518.721238] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1518.722352] ? alloc_fd+0x2e7/0x670 [ 1518.723146] io_uring_setup+0x1fbb/0x2980 [ 1518.724036] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1518.725120] ? wait_for_completion_io+0x270/0x270 [ 1518.726173] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.727295] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.728390] do_syscall_64+0x33/0x40 [ 1518.729194] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.730272] RIP: 0033:0x7f38f4330b19 [ 1518.731062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.734980] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1518.736627] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1518.738151] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1518.739663] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1518.741172] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1518.742689] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1518.764458] FAULT_INJECTION: forcing a failure. [ 1518.764458] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.765868] FAULT_INJECTION: forcing a failure. [ 1518.765868] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.767076] CPU: 1 PID: 8992 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1518.770759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.772432] Call Trace: [ 1518.773001] dump_stack+0x107/0x167 [ 1518.773757] should_fail.cold+0x5/0xa [ 1518.774532] ? create_object.isra.0+0x3a/0xa30 [ 1518.775468] should_failslab+0x5/0x20 [ 1518.776246] kmem_cache_alloc+0x5b/0x310 [ 1518.777139] ? mark_held_locks+0x9e/0xe0 [ 1518.778178] create_object.isra.0+0x3a/0xa30 [ 1518.779177] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1518.780470] kmem_cache_alloc+0x159/0x310 [ 1518.781554] xas_alloc+0x336/0x440 [ 1518.782334] xas_create+0x34a/0x10d0 [ 1518.783174] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1518.784362] xas_store+0x8c/0x1c40 [ 1518.785248] __xa_store+0x164/0x2d0 [ 1518.786062] ? xa_delete_node+0x280/0x280 [ 1518.786933] ? trace_hardirqs_on+0x5b/0x180 [ 1518.787835] xa_store+0x31/0x50 [ 1518.788521] __io_uring_add_tctx_node+0x1cf/0x520 [ 1518.789515] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1518.790600] ? alloc_fd+0x2e7/0x670 [ 1518.791543] io_uring_setup+0x1fbb/0x2980 [ 1518.792496] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1518.793783] ? wait_for_completion_io+0x270/0x270 [ 1518.794937] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.796113] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.797266] do_syscall_64+0x33/0x40 [ 1518.798139] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.799270] RIP: 0033:0x7f2d330fab19 [ 1518.800098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.804258] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1518.805959] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1518.807518] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1518.809105] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1518.810692] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1518.812269] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1518.813928] CPU: 0 PID: 8993 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1518.815395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.817160] Call Trace: [ 1518.817728] dump_stack+0x107/0x167 [ 1518.818507] should_fail.cold+0x5/0xa [ 1518.819319] ? io_wq_create+0x6ef/0xc00 [ 1518.820167] should_failslab+0x5/0x20 [ 1518.820980] kmem_cache_alloc_node_trace+0x59/0x340 [ 1518.822050] io_wq_create+0x6ef/0xc00 [ 1518.822866] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1518.823926] ? io_import_iovec+0x1120/0x1120 [ 1518.824852] ? io_apoll_task_func+0x2d0/0x2d0 [ 1518.825800] ? __io_req_find_next+0x300/0x300 [ 1518.826755] ? do_raw_spin_lock+0x121/0x260 [ 1518.827675] ? rwlock_bug.part.0+0x90/0x90 [ 1518.828568] __io_uring_add_tctx_node+0x2c6/0x520 [ 1518.829602] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1518.830706] ? alloc_fd+0x2e7/0x670 [ 1518.831489] io_uring_setup+0x1fbb/0x2980 [ 1518.832372] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1518.833500] ? wait_for_completion_io+0x270/0x270 [ 1518.834548] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.835672] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.836762] do_syscall_64+0x33/0x40 [ 1518.837550] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.838632] RIP: 0033:0x7ff29b41cb19 [ 1518.839420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.843313] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1518.844923] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1518.846446] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1518.847972] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1518.849503] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1518.851025] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1518.855631] kauditd_printk_skb: 43 callbacks suppressed [ 1518.855648] audit: type=1326 audit(1778448551.068:3558): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8988 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1518.856102] FAULT_INJECTION: forcing a failure. [ 1518.856102] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.856997] audit: type=1326 audit(1778448551.068:3559): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8988 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1518.861611] CPU: 1 PID: 8997 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1518.870588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.872639] Call Trace: [ 1518.873329] dump_stack+0x107/0x167 [ 1518.874143] should_fail.cold+0x5/0xa [ 1518.875001] ? xas_alloc+0x336/0x440 [ 1518.875825] should_failslab+0x5/0x20 [ 1518.876641] kmem_cache_alloc+0x5b/0x310 [ 1518.877537] xas_alloc+0x336/0x440 [ 1518.878325] xas_create+0x34a/0x10d0 [ 1518.879175] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1518.880322] xas_store+0x8c/0x1c40 [ 1518.881209] __xa_store+0x164/0x2d0 [ 1518.882086] ? xa_delete_node+0x280/0x280 [ 1518.883008] ? trace_hardirqs_on+0x5b/0x180 [ 1518.883972] xa_store+0x31/0x50 [ 1518.884677] __io_uring_add_tctx_node+0x1cf/0x520 [ 1518.885767] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1518.886932] ? alloc_fd+0x2e7/0x670 [ 1518.887746] io_uring_setup+0x1fbb/0x2980 [ 1518.888671] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1518.889790] ? wait_for_completion_io+0x270/0x270 [ 1518.890884] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1518.892038] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.893166] do_syscall_64+0x33/0x40 [ 1518.893995] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.895124] RIP: 0033:0x7f606cee6b19 [ 1518.895946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.899967] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1518.901626] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1518.903226] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1518.904810] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1518.906404] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1518.907973] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:11 executing program 7: clock_gettime(0x0, &(0x7f00000020c0)) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002240)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002200)={&(0x7f00000021c0)=ANY=[@ANYBLOB="80976157", @ANYRES16=r0, @ANYBLOB="100026bd7000fcdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x48000}, 0x40005) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) 21:29:28 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) io_uring_enter(r0, 0x1417, 0xfc46, 0x3, &(0x7f0000000000)={[0xa914]}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_setup(0x517f, &(0x7f0000000040)={0x0, 0xc9c3, 0x20, 0x3, 0x388, 0x0, r1}) 21:29:28 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xc, 0x80010, r1, 0xf71e6000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_setup(0xf0e, &(0x7f0000000000)={0x0, 0x31f4, 0x4, 0x1, 0x355}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_NOP={0x0, 0x4}, 0x3) 21:29:28 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 54) 21:29:28 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) fsetxattr$security_selinux(r1, &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:mouse_device_t:s0\x00', 0x24, 0x3) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:29:28 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000000, 0x10, r0, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r4, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}}, 0x0) r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x8ae00, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00'}) io_uring_enter(r1, 0x58ab, 0xfffffffc, 0x0, 0x0, 0x0) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:29:28 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 59) 21:29:28 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) 21:29:28 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1536.381392] FAULT_INJECTION: forcing a failure. [ 1536.381392] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.384309] CPU: 0 PID: 9021 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1536.386064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.388169] Call Trace: [ 1536.388845] dump_stack+0x107/0x167 [ 1536.389790] should_fail.cold+0x5/0xa [ 1536.390764] ? xas_alloc+0x336/0x440 [ 1536.391718] should_failslab+0x5/0x20 [ 1536.392756] kmem_cache_alloc+0x5b/0x310 [ 1536.393864] xas_alloc+0x336/0x440 [ 1536.394780] xas_create+0x34a/0x10d0 [ 1536.395753] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1536.397092] xas_store+0x8c/0x1c40 [ 1536.398034] __xa_store+0x164/0x2d0 [ 1536.398963] ? xa_delete_node+0x280/0x280 [ 1536.400026] ? trace_hardirqs_on+0x5b/0x180 [ 1536.401145] xa_store+0x31/0x50 [ 1536.401999] __io_uring_add_tctx_node+0x1cf/0x520 [ 1536.403254] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.404584] ? alloc_fd+0x2e7/0x670 [ 1536.405532] io_uring_setup+0x1fbb/0x2980 [ 1536.406415] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.407482] ? wait_for_completion_io+0x270/0x270 [ 1536.408521] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.409641] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.410730] do_syscall_64+0x33/0x40 [ 1536.411525] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.412596] RIP: 0033:0x7f606cee6b19 [ 1536.413395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.417252] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.418846] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1536.420352] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.421856] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.423351] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.424875] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1536.434775] FAULT_INJECTION: forcing a failure. [ 1536.434775] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.437299] CPU: 0 PID: 9024 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1536.438753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.440506] Call Trace: [ 1536.441066] dump_stack+0x107/0x167 [ 1536.441851] should_fail.cold+0x5/0xa [ 1536.442670] ? create_object.isra.0+0x3a/0xa30 [ 1536.443645] should_failslab+0x5/0x20 [ 1536.444447] kmem_cache_alloc+0x5b/0x310 [ 1536.445315] ? mark_held_locks+0x9e/0xe0 [ 1536.446186] create_object.isra.0+0x3a/0xa30 [ 1536.447119] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1536.448197] kmem_cache_alloc+0x159/0x310 [ 1536.449085] xas_alloc+0x336/0x440 [ 1536.449849] xas_create+0x34a/0x10d0 [ 1536.450655] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1536.451771] xas_store+0x8c/0x1c40 [ 1536.452542] __xa_store+0x164/0x2d0 [ 1536.453332] ? xa_delete_node+0x280/0x280 [ 1536.454242] ? trace_hardirqs_on+0x5b/0x180 [ 1536.455166] xa_store+0x31/0x50 [ 1536.455869] __io_uring_add_tctx_node+0x1cf/0x520 [ 1536.456891] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.457996] ? alloc_fd+0x2e7/0x670 [ 1536.458791] io_uring_setup+0x1fbb/0x2980 [ 1536.459672] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.460735] ? wait_for_completion_io+0x270/0x270 [ 1536.461782] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.462893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.463982] do_syscall_64+0x33/0x40 [ 1536.464777] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.465871] RIP: 0033:0x7f2d330fab19 [ 1536.466657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.470526] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.472129] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1536.473644] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.475145] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.476652] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.478163] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1536.492248] FAULT_INJECTION: forcing a failure. [ 1536.492248] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.494674] CPU: 0 PID: 9026 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1536.496115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.497867] Call Trace: [ 1536.498429] dump_stack+0x107/0x167 [ 1536.499210] should_fail.cold+0x5/0xa [ 1536.500025] ? create_object.isra.0+0x3a/0xa30 [ 1536.500993] should_failslab+0x5/0x20 [ 1536.501807] kmem_cache_alloc+0x5b/0x310 [ 1536.502670] ? io_wq_create+0x114/0xc00 [ 1536.503518] create_object.isra.0+0x3a/0xa30 [ 1536.504448] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1536.505537] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1536.506616] io_wq_create+0x6ef/0xc00 [ 1536.507434] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1536.508506] ? io_import_iovec+0x1120/0x1120 [ 1536.508901] FAULT_INJECTION: forcing a failure. [ 1536.508901] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.509456] ? io_apoll_task_func+0x2d0/0x2d0 [ 1536.512657] ? __io_req_find_next+0x300/0x300 [ 1536.513615] ? do_raw_spin_lock+0x121/0x260 [ 1536.514524] ? rwlock_bug.part.0+0x90/0x90 [ 1536.515424] __io_uring_add_tctx_node+0x2c6/0x520 [ 1536.516455] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.517570] ? alloc_fd+0x2e7/0x670 [ 1536.518363] io_uring_setup+0x1fbb/0x2980 [ 1536.519255] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.520323] ? wait_for_completion_io+0x270/0x270 [ 1536.521387] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.522488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.523585] do_syscall_64+0x33/0x40 [ 1536.524376] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.525476] RIP: 0033:0x7ff29b41cb19 [ 1536.526262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.530152] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.531772] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1536.533286] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.534809] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.536316] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.537834] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1536.539375] CPU: 1 PID: 9027 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1536.540805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.542540] Call Trace: [ 1536.543103] dump_stack+0x107/0x167 [ 1536.543854] should_fail.cold+0x5/0xa [ 1536.544648] ? xas_alloc+0x336/0x440 [ 1536.545429] should_failslab+0x5/0x20 [ 1536.546506] kmem_cache_alloc+0x5b/0x310 [ 1536.547346] xas_alloc+0x336/0x440 [ 1536.548083] xas_create+0x34a/0x10d0 [ 1536.549040] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 21:29:28 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000026c0)={'ip6gre0\x00', &(0x7f0000002640)={'ip6tnl0\x00', 0x0, 0x29, 0x81, 0x2, 0x81, 0x32, @local, @loopback, 0x10, 0x7, 0x6, 0x3f}}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x20, 0x0, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x20}}, 0x0) [ 1536.550429] xas_store+0x8c/0x1c40 sendmmsg$inet(r2, &(0x7f0000002800)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000340)="c1e4e2f6daa7933c59bc2b074defc2f2a551a2e66948c414c42b5a67bbd8780ba44aa6e21e68cc11175f74da7bc179547a03bada4596dcf209874366417d58bf9e59199458153a8f0194a9ba8344f26590b7026e8258d8e61307bfb2d362a95e06fe48669c640f6fae2c77572ee0078b1911d4d168ddede5ec607bc934787ad51aa1041684ad2a2e31df372d8edb6a232f95eed27e09dad352c264ca4eec1b676fb98328434f7e54f1592acaee89bbe72eb8f5353ea5db93f2cacd68b7534a851dfc0a164d9130232bfdd5b2a52881022654f5ec89079cf0", 0xd8}, {&(0x7f0000000100)="502cb43fd24aa6a175", 0x9}, {&(0x7f0000000440)="d51dc2f1cca075fe2a6ed96d5956d7614156e850196a52d1dee0958b6086918ca02a176900e57b9340005a632cae20dd5a2aee4b1ba2eac35cdc4a374b912b1bcab853edf15fba7e5a816471b0a127d56e0f683cca676313fc1d7696db43b3cbbf7a1b4e4f42020f1659b38be495aa3e8d61331a870e7140f66d901b79ee85e1a1b2d0a0bfcb69f711827d9b20c574f7e116c271e0fc2ae952fbf61394827d1959f25487ec964b7a2c811bebcc2ca58eb2730b76ab34bb9a96490a32d3d65b38cf11a54c2a2ca924557fe5ee91bfd75d781710ee0935280b2e1840146ff20e649b631cc2bb86ce06210e6f3ca43f950b0dd90d000e5f307a073e3029dfc11fa821292486336201dbaef0c780545e9a47bd9e487dca3fb99724b393b9b3e7be317a40526bdc2ff33e557dbacfa174330560bd69597698ebcaf5cc177ab9780d22064f7542440cc3babd548a90672298d5c0c1ebbbca750255b72257b76b88852d32021e53ef4d1904af5b98d708b6caf9168271362df979dad1fa3baa668b29e697498c3a6876d063e648107785c1b299a6cc0c385c9844749c5c2860b98992850e418b9deca1767e6456b5d1592a5e7022e035bbc96aef0b18869aaf43e2663490471dc5faef26202a4e4c79b42caf424cd7d0581f8dd5072b53c84c8af5cf460ba48f681de93db4253fed117d4ddff450fcdfe5f73300a321c21286c05269c43cec113b8ee9c953a99c2d03a8e99cf2fbe38deed4207e694b6774f0c4a4ddef3916c9126b53faa1c6dca8c9f858c25123440dbb22307a795c5188d01d33a557315e931cfe9e1aeef14ac20304c115fee8d158c56ff84c960463f6ff7c0e7b6df382b3b85b3f732cc49190b10d42eac7841a5237bd421ef7e545e6f85e99426b232dec721ba98cbadb2c5e6759866983108694a8dd53392c3f317f5c09b0dc7d52f9bafe9816169ef600cdd902e05e0095777d55054fb4729cdbec91150cf61deb3e2e84fdcb7a0564cc117f45ed20f396c362a4d46b301c8ebb69c5673a0e50f51d7890238884e789a8eee911ffecb15dce156f6547d390af1b538193fa6738e6a583cc7c42ad2c253caddfb265e01c384863bc6f4983609db4ce01d904226c04a12fb81b7d45d3e9305505b09b0155064a04d248945e29b906f118bc06bc5eb43f07c841f1379c87cb8d2d0fb23fb2313e5fa17b2e19212d2174a1c5236936270c578c2870d4fa86cce44a5e1756380c3cff7df715d797e0584a4398cb736507d6852f67b18073759f15886d929ea3288d86620b07738187f2a617e067a970d385c8d8b4a10df781c9c1e77fa1869d3e3db584739a6ccdc04eb73862870e9103b3ca6ca21e5464cd34b2f448df050c9f5c745b7d77a64b009f77770b6fd3b83d22feca1aa5ce16649f33ef871ad3b51d0255d42867fd2043b209a872a485fbf2e86b0210dcc638e665edacacf16b8a191b604d366b4ec6b2c0ecf1c1189a7063550e5dac956aaeaee92d832e89476e43d4f94f45f1857027b17ce0fa7fe10dfa96b221bc86488468a6176e669cfa0d5a9425fefc4295585f9a514e7f78777c9f4279ed8a4581c2be5a241c8b61166519b5fb2bada6da1f62fabda9ee3b068f4ed64e6bd1f2b69d748821439b5b1d97aa1491a860e22adcc5fd7032bc12e9d002bba9850125f565cc49f6abd9f56591412c4b37d10137125b78c93ef5fa0f7920f2f510c4e6c6305f50ffc57a4c4e92ac56ea88afc1153aa9b42d118e8a4b293a8cce9004093181775e07d0fe74f3e43ed1cadb1d54d20e48e3fb3d9f649726aed700edea3e05f320108b0b88d1a51a726f3d7152c44e6213d3f602b9a20f56c847a05d18b070b292c43f32dfe20c3033c5f9e2c8ddb1f96a18ae94bd3cd93c8bbb651cd7cad80f19169a8ee0e7303edb100518688f17f89fbc28ab69cdd5e1b2de60a141aa6fba950d7903b46094afc402ffe9370ea61e778c5bfe20adcd1a06496e17a9f279c34fb8006d44f0910dd953a897ff2f1b70a366a1de4958bad2d7b1ddd39a977eb1a8532a7fe5fbc51b0f615c24b31a46228740ebbbcf422b8d9e98b873a8a5fcbede40c327564b321cb5206fed259b7da688a9949891eeb155693186523930358bdabe3d9ba32d2e73b6c1eed997788bb8741e76e838a8e4c66a06aa7f7c2b4c53d709ca7bde2601d663635b7388560cc642d848ee929762a9ce3ddce08fa6291c97c6c83ee2bfafafb23da21ed5befc7052093c4ba1b39a4a533290148796f416989e0736ae91f1f73ee18f8d83d5ea1cc123be0d3365e32226471215f42fc7fe5d8c68d49dd457eefc132b970d9071227a81ff3b1c4fd0f804d260ac7ea2bd5407a4108a87681c11efff99b4082f63a075cc99fbed25fd8ba38c75641e48b38417bbd5077a44651466fcb0da162fefde4bfaa2aaf85c77655d894fe76a34dd047dab5d761ce6a845439ac3651983c45eb99be9b2635ddb81f2048b40dfdc39f22faaec2ff4ae855b6afadae634640cfa884af0f9ad8dfd302f5f46f0ff8dde58026aca4fde9e3a25f2b53e7b81b43da7cca148c075eea022c859741f594f876b17419dc33ae1290effb9c68ba1a5e1d2d1c4d756c92de8ea3b81cda727064074cf5ada3bc09497d81c1e0dad6859a53cfa94dba79a46b7a0ce3ecf7acc89c80b2c4d2e47ded880559264b865da4392dad1548f2276ac2b20359d7144477d4203e7bab3de1d298004bdfeb52889309b276db639cdc761a4a7cc541c707ee13e7cb7105b79e21d64d89ca9a4def3354053403f663ed44f2618f3c69ef28586e985ebc5fe560a8d0c3c685c7286f610535591d9aa7d24ea00ae8fb1b16d5893461417b9092da2f46bb4d59b9c8b70fa4cdc59d1883687ae805c0d48ce747eb215b54db3c9d6f573a80c918c84f90b45af6598ed259992092cd8beab29e7217d721ce78fc99f0ca80b564238479abbd7f60f15abda2eb1eb379340860bffbcd630bb910f5f7b84f8a19fab2a5b6520b3bfb492454212e3a45b01dfc69e8ad9b5ad7c46c40fbace9b1d1b0429b257d1d94f0be3753bc1de40814e936f44470b046029a09a9371e1265bde5dd8bb460344ee950d24055591b773d3374d123cbf7d4633c675ece85fb858e3885ce29f4669fd00a0751d8edfc6408b20afbe980dbb339ee0a91304132c3e232c1e5dab82f6a86406ea001aa6db85100ec809f028b3655bf9a16331e640fbf0ae2865ba9cbb34bbe1b0b4f6539f800f404affbbd3247e63982ed9037bedc3e659bd22e5a36e9161afef5ec2326dd80696e073ef2ee94a2c11f564427f3a4f6f738111436ae5dc2bb8d1412cfde72afd5bce792676f4ca25ba02dbcedc3646a18d1a6d3f63c9d0b90582080d088128d0fff21a5af2fe0bc11e5d9420b01dca4eb71d421f3e175c791e8e8585a96ebee67578490ca65845664c813876a2084e810759fbe6ecedd631ee78f15d9ec910975f2b7fe34d43b8bdefe85fc5ea288f8ff244fb7b9664b940c7a11d862e1659262258d6ae290e742a4dcebcfb665f1cd3efd81499dc9f9505f26fcb8ab03f4c73c09d63a529c5fa901fbac81d4426e0430fc4f09220c3dbd212336f2a938ae7c745ca99e49cda38ebcb3d299714b8781cb8e528f3f01478bfa2ff6dad53a106b6adf8b0a76b8df37c27ad46684f3ea94063086769ff813edc06bb73882c80e8df2124ee69d7b1faf3e5c2ffe320689c0098f859ea20c2d123f74239637d5d9353e95c8febf2797e1e6ccf58fe81b18eba5c84eb26a0a164a4af44f6262adcf688f9e105639cb0344409e72e922db4c5001ebc1205e49c685a1226afe961d99b8f071359b7bc1da868404ef375553f69bcc1bb90a0960df84b0232fa436a462a6f5690cfd43043e1ff05d75ceb224c325e50d4afa8887919589f898f9a3be8aeaf433420209d3cc8369f85e0acb00c1daa4c7be466e9175b07b425105ad5b8fa17912201b00f67f7a147ff1bcfe3eb6e7024276adf4d99dad860e9cb095d554399cb767e36ae24b25968b60381da91c432d50ba3339d13f2f96727c8ed44d44fb8086cf9901d64dd387e69ed59c82771960787df8b240b6ddca399b85283a077dd4a98b32d0e9f256a51d045b5504143ed110c41335983db2e0eca918b6b59b7249bd0731a0feace759a138676617a4c6a0a0a24704979dcec164a132b7958b120ce98e288f9aec2225dedf58c20a87b29aa7552bd808dd6aeea495bfcf67e0f68aedc15829fa2cf17a89753ab613594e18d98af0dec8dbdff8e8a5c0559e032a7d79ae15500cddf66d9d7ff32a38a69b6083f1a0d0d746eb7ae90e27f76c1a37dd5cc5e31aaa1d44bef14ebfa836548ed5c8c9d9715c9a8bf4364864ae63d1290c8fbd693eec1c328a61ce4326879283271df105ad54429a5c83440b4c0270585cf38b1ccf997a311b430450d1324175f7cf9fe1a54f837ef6bee9481e4b0efb661a16b7b655df73919cd31cd0afcbc30c2738ba341875ec869bf7e995757f8f1e5c2b3acc14dff02dc5533e0ca149a1b2c033a729c4ec6d4310e9bb3f649596e8ef974fb21446cc1af152e349416584a182882034bcbd1b965965073e9b4fc658539604436ffac437e4347dcae85386cec9a02b62403477e5b9ebe7e8858be8dc392fc4cbe20d2c6e7bc1d8ab91fe15063e99fc5f16927f28d89c1610b3e1971c962f7d72ab6dcaf05a10638bedf7d6538656cf53ea2edd77eea575540add49f7d2b61cedbf6c8ad969f50a896189b636578a35e0c081963b236b7201a16296c6791ffad979e7ac92aa9e1f1c1ded15100b39f9ae4549f5836c48a1ac60e3ca8817daa0e814b997fee87bd776d522113decb80b91540355722e4d68f224e9588a640a93ac8f4e0c77e6d40582a1b89cefc89f551c0b346672aa44277b51acca387269357d77986453e1f6764da67e061f56e8499078e20105b6768b2d40cf3a2e2cb5591a271352389ab4ba1b52da10d71c76cbac8122dbb0e10cfb33666a9d43d5fb412a0f279e192e2151ff8d5c2c898e70245c59a0ce811fae896e26b3fb0e946729973b48b85e08315e1098668c3e61c1f77640064c7f8619efdb6ce482b414de70b980eb9956fd196b98bd58f61382d384d5c99f65738f3a4aa89c8bf72fd46cda42bec6ff33ab2685baa84cc32ab829f0d210555295a0d2857b2645ba61d5ee5493cb99f8f6c21bf0d7f0efb98351f14bfd7290bdde374d2a3b57fe3ea0eb45e6e7bd869dc7406173f084a810768b79b7e7ef299a9fbbf21017f2fa05906ad55eee964c5fb976fb2569ccd79499d8640e7500e69f233d2a04c15c91e410261e9eaf6fec739dd8c3572ae913cb5166d6f971801399ee20744a3f9ad1e86cf25732e07c714091041f099c7d081d6d777d2506067c7aaef2e950b69524351c20ce32489325bbcfd3f2f7dac3ab558d86b49be64456df01c31f6ff9505eceefd476155771144e30b403e4c82ef3b34c544030b0fdf8c15342e501e11496252f43479f76d2e60dd14557d5ec96b19235c9d0bbf0d53defc7cfc13749ac4f59694a259c9c3feb45bcb6145e73730ca930c8a5424ec29911e79c47700bb54ad79c397edf0b6a0d7a17c341d68bb50e34862b1136b77953b1b122c26315532b7e8996764321df9bcc352ddb0e2df5181a10ca648394388bcfbc0228a7865d875fac64795c133ea8d5879f04a0d9f37ddfc0c821bfe2b2b56e91eb41b57c1441ae3f6bfa8378bf8c9b80b23606ebe827b1b0fc57734e14e2f3fae53b9a6b3947309", 0x1000}, {&(0x7f0000001440)="a9cae7ac06ca579270734ab339bf47a6eab2a942b72465f10489a0dd98232efcec2f9969f79c68d3ab2d37135db56a012968a4cc52f3daf474b22cc378947a56a4fe88c11ef8494e48f3d412fb3af7793f917a1671d8fcec5fc9081b0269cf367f7399d9be8092dd1dfb0288dcb2b31abeca28c6adbc695efcb6805b0be1f396ec32a6be00ef107e03d54ab5e5a6fce54989acf70f9521dea7317ac3e08f30563f57e68876ce7b87d1b52264626a38758637732316d17b3563473af89f00f2f084f3e318291d7f3009866170ab19db", 0xcf}, {&(0x7f0000001540)="3ec771cc4b93ff8d8221ebb16bf196d79407caf035f324a2424b829a913e272a24a1c5772d24e09e5fdb82c965b46098a649c7ae60aa55732ddd108f3d521fb733d9e0d96aa4a83a918bb69ba9319ce97ae3204359d8a095c555f30693c614ee68384cffe00bcc594cbde382299809f17daedd93e473bb4533039bf066cbb70cc632b14d8d55b79b3725d4081d1b0371ed3713b10779999a7f60f46eb28d9bc4e18af5ef77917323e7f08523130991cf0e0bd1eefab5e0ebf1b52150e5ffa5ccbfbbf32e3f2e8f4c389daa1a20f35278e98a0b64127fa7124b9e1f7e9bf0639236e30472e2ef2195abb8f8", 0xeb}], 0x5}}, {{&(0x7f0000000180)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000017c0)=[{&(0x7f0000001640)="92", 0x1}, {&(0x7f0000001680)="eb5e34da344207cbbd0dc2e043a5eab44f4f70cb849dc4d6692b13b01af716674957592ae4eafec35b21e6e8f4a2271004312001e828119ff7e955a20ae938d80f2ee927a45824ff8509448b53d0237843df178e9838b6a85cc83f6301d45fb099e4b0a94cb3aecb510cb820446f5f4ec94ed467cda8f95d7a5820bc5c314d8a", 0x80}, {&(0x7f0000001700)="3c0006bf10959fb9cdfd09dffec8014e70e51bae08ceacb4a45b79a30b0339771784236a9fbc352ed8265dc323beaa3644a5ef253c71369c60feabe26e680daf69499ca78afe2d8edeb33c7c8822645f33d7a1936085cd8e5b6208517249b02d4e07eeb51a63fc6cf563975000ea241d876bab1f82cc604a998a58d51319edef1daff7c04148826d84f0a26b985536131a81312751556a05d275658391e6ca12515ab4f3032e4fb3897e957ee71d6cbbbb951c5f84fbce44fc", 0xb9}], 0x3, &(0x7f0000001800)=[@ip_retopts={{0x10c, 0x0, 0x7, {[@ssrr={0x89, 0x1f, 0x19, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @loopback, @remote, @multicast1, @remote, @loopback]}, @timestamp_prespec={0x44, 0x4c, 0x6e, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x401}, {@private=0xa010102, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@broadcast, 0x7}, {@loopback, 0xeb55}, {@local, 0x800}, {@multicast1, 0x9}, {@loopback, 0x4}]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x23, 0x2b, [@remote, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @multicast2, @broadcast, @multicast2]}, @rr={0x7, 0x1f, 0x64, [@multicast1, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @private=0xa010102, @local, @remote]}, @ssrr={0x89, 0x7, 0x59, [@remote]}, @timestamp_prespec={0x44, 0x3c, 0xe9, 0x3, 0x0, [{@remote, 0xffffffff}, {@private=0xa010102, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x3b}}, {@empty, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast, 0xa40}, {@remote, 0x9}]}, @generic={0x88, 0x5, 'lU\n'}]}}}], 0x110}}, {{&(0x7f0000001940)={0x2, 0x7fff, @broadcast}, 0x10, &(0x7f0000001b40)=[{&(0x7f0000001980)="a003da947792a1ea016a9e12dbab06141c42a14df6db5ea220c08198720d2a138042d353434ac3acd1a396ebd1e87cd222f13ddee90c55cd6ac9e0f16650e8263dc236aa1231ac91a94864ea285172db1fcce33b8b4646b1ea385532de517236c1c12c02864daa41ab416d46ee6dd810511ac1fdfe50915d490a405a3672cb6f4feafd8b", 0x84}, {&(0x7f0000001a40)}, {&(0x7f0000001a80)="75852384e19545265939860d1eacbea8fde76e5a16ba93d0bb25e7ee3b6ac769f376c3af74ecad151ef5939ce5f19c30b9f46044c1aa60c802aa48589a561988fa2fdcd17f6f21851008530259964f4d616fc49b50905ee0dceaf85481278b4ae5ec310d87bb25aa973977b29bcc35d8ee5f3cb4afcc05ff9ba186a47f197adfd43a7d86c7ec39940708e32b1c20808052bb7e96679c307bc79d1c3bd81912f84ad9d79ccd2cee99d9652e44c98336", 0xaf}], 0x3, &(0x7f0000001b80)=[@ip_ttl={{0x14, 0x0, 0x2, 0xffffffff}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp_addr={0x44, 0x34, 0x7b, 0x1, 0xa, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x78}, {@dev={0xac, 0x14, 0x14, 0x1c}, 0x7}, {@multicast1, 0xffff}, {@local, 0x5}, {@private=0xa010101, 0x10001}, {@rand_addr=0x64010101, 0xfffff801}]}, @lsrr={0x83, 0x7, 0x4, [@multicast2]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x200}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0xe0}}, {{&(0x7f0000001c80)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000001fc0)=[{&(0x7f0000001cc0)="e978fd9f1d5ed41d4dfaa6c09b7206f8edf43c2a9dd6ef4eda643e7078118541d93efb0f13912fc5657009ac9901e5f7d41ef54f1c10a541b5124ffd07d4d4ed0f72e36e2b7a64e07bb5b6a15f0b", 0x4e}, {&(0x7f0000001d40)="b897e2deeb9e6d17e419820521d084a34a28f64f13d085b96e4deae53d6943e3cab882df8e1e7c09d835d940f1868ba84455079e9e22d546cf1ef1c181605c48ecf42c04fc87493ccd3d6b6684a862cd6ca0f85a5e98b410dce49ea517eb50871c28e63c715f6de6d407b89572b65317ee5a968b89e3961c445402a5e8f9c99ee9b59a344747218064034878571b68c08d0fcb9169312da4a4712e085915cb650d359fb61e8536be0d1371ba2df615eae54de95e1272054b50261b72889b501a58c8e79da9a25a35ad15563620968bd983396284d65cfd6c8622e76e6080df5794d1cbca38", 0xe5}, {&(0x7f0000001e40)}, {&(0x7f0000001e80)="a00fc4956bc0cb0b6d12a34226a6af80b6fb3419afbad3ac70d6c3bd7bd1ce3e9b8ee749ec55d91df3e73fa0c6ad3366e375e66bd534a808d3390c2507e0f997d0d16e76cb9ff0621a1805d018d50e0ec89f2d3b3a744a54a33f25c6555f49fdc5fbffe624352689330de0b3655d4dbebe2203", 0x73}, {&(0x7f0000001f00)="9d1cbff77bd38c29eedce97fee871eb30ac1bfa29fa4366a0bf29e8bce26d0d541dc19b32b9d58cbb122ef8c9f611dc6131ea9eae2295c812c75152f1e73ec7646206d691b6bf183c8f0a64bb51e74097754bbd841ae6cd30c9a5625c9124d8f33f7e2e7d9eaef83161e", 0x6a}, {&(0x7f0000001f80)="5ec8f156651b8c7d75b435c181494d6f487bd93168086c354f84623a491ee8535752351eedcab34c4386301d1f7b482298903a5de07f22cc971f37d9dd", 0x3d}], 0x6, &(0x7f0000002040)}}, {{&(0x7f0000002080)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10, &(0x7f00000025c0)=[{&(0x7f00000020c0)="77f3e2351904051eac7768b7bfa9d043bc9902fe7295108d9398b5c84394c1ee0d73bf59bae368d315e29c8d3dae1ee375cf0720a07c0b01a9083d68e59ebc170475d17af7977edf53df8ea7a689f360ec30907d3441d914d41a52c3d252d635e94fde1fa97c6c444be42516776b26dddf7b3b89716d76bc72a44fe8e84d12", 0x7f}, {&(0x7f0000002140)="31331ff79aed93fabe92ebdf8c6fa07f061d2b47d6216d07919c3c", 0x1b}, {&(0x7f0000002180)="b3c61a452883738ca10c0d79e001a826bf81c57ef62e4485bb06a8b5db487d8c8aad63adfdd9b87e39d964b530d68ba4c2d2399ad9f4f69042a233b3b86488d5d40b50ea0a519aa2d74d715e0d7edd23bcf3f22817e846534c6680e464765a94f699ad9f29bdcc78c98b472e6059778b044e50dfa1a027ec8c0cf7470f547b9c0ef4111fff42cd842da35d4b340360cd5c1f1702806192e8891116b53cf781ca534c92c49b724b4a9c37ef87543a78d90aecb47241a5cae5c2c9c5f97cdb32fc33253db584153b71e4a588c88e7243394f0255ae387f8a7a0ceb126051ebb57a801ea002ded1b774816ea4350d1d74", 0xef}, {&(0x7f0000002280)="fce4997c4459abb6fdfd5d567ca92f98fad9aa5536b30aecf619bbef455eaf5666be7c938e66", 0x26}, {&(0x7f00000022c0)="334ab642843f73ac63d6c1e0677447a609d3a25c9c36758f8d0a7f062e9369f7d7a2a71cab122ceda48b5cbce6378e575227c1dcdc90ad4dff56de5d34f9fd1684ac9db1d506a4cddc189bfe640138a3dfad56cdc0b0831622545f7f4dc116fa8fa93a8ae0937084a06404da700b755f4f9a44726866c14155a6305fecff76c5f6db6f61414c7febae22b83a70cd1e5b3447e95171d59840a27cbd05b5fb3fbec5c57cbaf0cded21cd7747c3765c2b8085a34d1eee953524af4b95a2ce099a6ecc5d506150ad0f5c1092a052a05ca9794f0e6fce2b4a883f417ee9", 0xdb}, {&(0x7f00000023c0)="bed689d3ca357911f8a1f37b185b9838395da48650b668d9bf162e1b83690acd5dafc96c92252eae8d760f3be8d7da4a5044529e709421007afc1ed04d7d530bc3308e57e69475b767a8ae84a56c9a2951fce3b62f16bd2a184a19ec627e2aeec92b938cc4b190a2abf27582c96afe410677f78554c37156cc22c30b", 0x7c}, {&(0x7f0000002440)="6baaee7f282be2586d133114fc0cdeb92725cc2a6635de4db2cd0a5e945a951c133f2817b4231a4774b7ac4ca640d3373a71d5d274b8931e343fa70397680c87d64e03bfaba27d480b83376a604835ce40436d1f1e3d08bf3f1dcdc36d9f34508354738fd91ee92de3a75524f2181ad07167e5a3cfbd1dbd70c412dd712588dcb1725fb6478f3a2277dc4ddab3ca346f986c462bc44ca33f65c56be39946fd1e61fe33da7fb94cea8e17759a4356f44db056263e3bafcc753104", 0xba}, {&(0x7f0000002500)="c562e4c55cb0953e54eb1540a17cdaef88c1fec1b0f93eaccb82bb9bb34c422ac9fe1750264f593933d8455624f2f46e23158917e5e3e783d12360e6086a6f09112f952b1d3ac1aec8d902e50330f984ebc3960111b3c12184c718cdfca03b94033b71221efd6ed183e0f17a9f7296bb5141ccab6a9150d99000abf4c1b6022a0475cd3550f6816f268e9ac2011cc0", 0x8f}], 0x8, &(0x7f0000002700)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6e}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1d}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @remote}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xfffffff7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2000000}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xed}}], 0xf0}}], 0x5, 0x100) dup3(r1, r0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'dummy0\x00', 0x0}) setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000080)={r5, @local, @loopback}, 0xc) r6 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd=r6, 0x3, 0x0, 0xd1, 0x0, 0x1}, 0x9) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0) [ 1536.551223] __xa_store+0x164/0x2d0 [ 1536.552154] ? xa_delete_node+0x280/0x280 [ 1536.553045] ? trace_hardirqs_on+0x5b/0x180 [ 1536.553977] xa_store+0x31/0x50 [ 1536.554687] __io_uring_add_tctx_node+0x1cf/0x520 [ 1536.555702] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.556811] ? alloc_fd+0x2e7/0x670 [ 1536.557604] io_uring_setup+0x1fbb/0x2980 [ 1536.558491] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.559568] ? wait_for_completion_io+0x270/0x270 [ 1536.560624] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.561747] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.562837] do_syscall_64+0x33/0x40 [ 1536.563621] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.564700] RIP: 0033:0x7f38f4330b19 [ 1536.565492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.569359] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.570962] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1536.572461] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.573978] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.575495] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.576994] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:28 executing program 6: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) 21:29:28 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 55) 21:29:28 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 60) 21:29:28 executing program 7: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 21:29:28 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1536.717431] FAULT_INJECTION: forcing a failure. [ 1536.717431] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.719854] CPU: 0 PID: 9042 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1536.721295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.723047] Call Trace: [ 1536.723606] dump_stack+0x107/0x167 [ 1536.724380] should_fail.cold+0x5/0xa [ 1536.725200] ? create_object.isra.0+0x3a/0xa30 [ 1536.726162] should_failslab+0x5/0x20 [ 1536.726961] kmem_cache_alloc+0x5b/0x310 [ 1536.727820] ? mark_held_locks+0x9e/0xe0 [ 1536.728684] create_object.isra.0+0x3a/0xa30 [ 1536.729632] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1536.730729] kmem_cache_alloc+0x159/0x310 [ 1536.731622] xas_alloc+0x336/0x440 [ 1536.732375] xas_create+0x34a/0x10d0 [ 1536.733186] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1536.734301] xas_store+0x8c/0x1c40 [ 1536.735078] __xa_store+0x164/0x2d0 [ 1536.735858] ? xa_delete_node+0x280/0x280 [ 1536.736744] ? trace_hardirqs_on+0x5b/0x180 [ 1536.737674] xa_store+0x31/0x50 [ 1536.738377] __io_uring_add_tctx_node+0x1cf/0x520 [ 1536.739394] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.740499] ? alloc_fd+0x2e7/0x670 [ 1536.741296] io_uring_setup+0x1fbb/0x2980 [ 1536.742179] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.743251] ? wait_for_completion_io+0x270/0x270 [ 1536.744300] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.745417] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.746502] do_syscall_64+0x33/0x40 [ 1536.747284] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.748376] RIP: 0033:0x7f2d330fab19 [ 1536.749178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.753242] RSP: 002b:00007f2d30670108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.754836] RAX: ffffffffffffffda RBX: 00007f2d3320df60 RCX: 00007f2d330fab19 [ 1536.756325] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.757836] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.759328] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.760816] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1536.765688] FAULT_INJECTION: forcing a failure. [ 1536.765688] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.768075] CPU: 0 PID: 9041 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1536.769524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.771270] Call Trace: [ 1536.771830] dump_stack+0x107/0x167 [ 1536.772605] should_fail.cold+0x5/0xa [ 1536.773416] ? xas_alloc+0x336/0x440 [ 1536.774210] should_failslab+0x5/0x20 [ 1536.775011] kmem_cache_alloc+0x5b/0x310 [ 1536.775881] xas_alloc+0x336/0x440 [ 1536.776642] xas_create+0x34a/0x10d0 [ 1536.777454] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1536.778564] xas_store+0x8c/0x1c40 [ 1536.779338] __xa_store+0x164/0x2d0 [ 1536.780116] ? xa_delete_node+0x280/0x280 [ 1536.781000] ? trace_hardirqs_on+0x5b/0x180 [ 1536.781934] xa_store+0x31/0x50 [ 1536.782634] __io_uring_add_tctx_node+0x1cf/0x520 [ 1536.783658] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.784771] ? alloc_fd+0x2e7/0x670 [ 1536.785565] io_uring_setup+0x1fbb/0x2980 [ 1536.786445] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.787510] ? wait_for_completion_io+0x270/0x270 [ 1536.788547] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.789662] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.790762] do_syscall_64+0x33/0x40 [ 1536.791549] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.792624] RIP: 0033:0x7f606cee6b19 [ 1536.793416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.797299] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.798892] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1536.800387] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.801895] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.803392] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.804895] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1536.835051] FAULT_INJECTION: forcing a failure. [ 1536.835051] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.837536] CPU: 1 PID: 9045 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1536.838991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.840742] Call Trace: [ 1536.841316] dump_stack+0x107/0x167 [ 1536.842093] should_fail.cold+0x5/0xa [ 1536.842914] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1536.843968] should_failslab+0x5/0x20 [ 1536.844778] kmem_cache_alloc_trace+0x55/0x320 [ 1536.845763] __io_uring_add_tctx_node+0x15c/0x520 [ 1536.846793] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1536.847905] ? alloc_fd+0x2e7/0x670 [ 1536.848693] io_uring_setup+0x1fbb/0x2980 [ 1536.849599] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1536.850677] ? wait_for_completion_io+0x270/0x270 [ 1536.851719] ? io_is_uring_fops+0x40/0x40 [ 1536.852612] do_syscall_64+0x33/0x40 [ 1536.853417] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.854502] RIP: 0033:0x7ff29b41cb19 [ 1536.855293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.859188] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1536.860794] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1536.862307] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1536.863812] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1536.865318] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1536.866823] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:42 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f00000004c0), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9}], 0x2203010, &(0x7f0000000040)={[{@data_writeback}, {@abort}]}) syz_io_uring_setup(0x0, &(0x7f0000001780)={0x0, 0x0, 0x3a9218db8cd352ca, 0x0, 0xee}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000006c0)=0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r2, 0x0, 0x0}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') r5 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={0x0}, 0x0, 0xe90, 0x100, 0x0, 0x0, 0xc4d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, @out_args}, './file0\x00'}) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) pread64(r7, &(0x7f0000000140)=""/196, 0xc4, 0x80000000) syz_io_uring_setup(0x69b0, &(0x7f0000000600)={0x0, 0x7e4d, 0x8, 0x2, 0x24b, 0x0, r7}, &(0x7f0000d1a000/0x2000)=nil, &(0x7f0000d1a000/0x2000)=nil, &(0x7f00000001c0), &(0x7f00000004c0)) ftruncate(r6, 0x8) pread64(r4, &(0x7f0000001100)=""/4095, 0x20001be3, 0xf0ff1f) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r5) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd_index=0x5, 0x0, 0x0, 0x401, 0x0, 0x1, {0x0, r3, r4}}, 0xb7) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000005c0)={0xb8, 0x0, &(0x7f0000000500)=[@clear_death, @exit_looper, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f00000002c0)={@flat=@binder={0x73622a85, 0x1100, 0x3}, @fd, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/62, 0x3e, 0x2, 0x22}}, &(0x7f0000000340)={0x0, 0x18, 0x30}}, 0x1000}, @free_buffer, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f00000003c0)={@fda={0x66646185, 0x3, 0x2, 0x3f}, @fda={0x66646185, 0xa, 0x2, 0x40}, @ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2d}}, &(0x7f0000000440)={0x0, 0x20, 0x40}}, 0x40}], 0x32, 0x0, &(0x7f0000000480)="3f60c9092534918fdde146e9d119eaf46366983ebebb1b8541d5fd35b61f79d493037c3ffec408b4b97edba8a27114e56662"}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)=ANY=[@ANYBLOB="050020000100000018040000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r8 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x0, 0x2, 0x6b}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0) 21:29:42 executing program 2: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd=r2, 0x1, 0x0, 0x4, 0x0, 0x0, {0x0, r3}}, 0x9) 21:29:42 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:29:42 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) 21:29:42 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 56) [ 1549.933419] loop7: detected capacity change from 0 to 262144 [ 1549.944453] FAULT_INJECTION: forcing a failure. [ 1549.944453] name failslab, interval 1, probability 0, space 0, times 0 [ 1549.947438] CPU: 0 PID: 9063 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1549.947658] FAULT_INJECTION: forcing a failure. [ 1549.947658] name failslab, interval 1, probability 0, space 0, times 0 [ 1549.949168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.949178] Call Trace: [ 1549.949210] dump_stack+0x107/0x167 [ 1549.949240] should_fail.cold+0x5/0xa [ 1549.955348] ? create_object.isra.0+0x3a/0xa30 [ 1549.956562] should_failslab+0x5/0x20 [ 1549.957528] kmem_cache_alloc+0x5b/0x310 [ 1549.958589] ? mark_held_locks+0x9e/0xe0 [ 1549.959639] create_object.isra.0+0x3a/0xa30 [ 1549.960745] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1549.962053] kmem_cache_alloc+0x159/0x310 [ 1549.963106] xas_alloc+0x336/0x440 [ 1549.964035] xas_create+0x34a/0x10d0 [ 1549.964997] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1549.966338] xas_store+0x8c/0x1c40 [ 1549.967261] __xa_store+0x164/0x2d0 [ 1549.968192] ? xa_delete_node+0x280/0x280 [ 1549.969248] ? trace_hardirqs_on+0x5b/0x180 [ 1549.970356] xa_store+0x31/0x50 [ 1549.971209] __io_uring_add_tctx_node+0x1cf/0x520 [ 1549.972425] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1549.973753] ? alloc_fd+0x2e7/0x670 [ 1549.974695] io_uring_setup+0x1fbb/0x2980 [ 1549.975773] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1549.977057] ? wait_for_completion_io+0x270/0x270 [ 1549.978285] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1549.979355] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.980428] do_syscall_64+0x33/0x40 [ 1549.981180] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.982234] RIP: 0033:0x7f38f4330b19 [ 1549.982995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.986739] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1549.988338] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1549.989844] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1549.991301] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1549.992786] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1549.994288] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1549.995796] CPU: 1 PID: 9066 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1549.996720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.997847] Call Trace: [ 1549.998218] dump_stack+0x107/0x167 [ 1549.998707] should_fail.cold+0x5/0xa [ 1549.999243] ? create_object.isra.0+0x3a/0xa30 [ 1549.999851] should_failslab+0x5/0x20 [ 1550.000360] kmem_cache_alloc+0x5b/0x310 [ 1550.000902] ? mark_held_locks+0x9e/0xe0 [ 1550.001463] create_object.isra.0+0x3a/0xa30 [ 1550.002063] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1550.002741] kmem_cache_alloc+0x159/0x310 [ 1550.003300] xas_alloc+0x336/0x440 [ 1550.003774] xas_create+0x34a/0x10d0 [ 1550.004282] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1550.004978] xas_store+0x8c/0x1c40 [ 1550.005470] __xa_store+0x164/0x2d0 [ 1550.005783] FAULT_INJECTION: forcing a failure. [ 1550.005783] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.005959] ? xa_delete_node+0x280/0x280 [ 1550.005980] ? trace_hardirqs_on+0x5b/0x180 [ 1550.006001] xa_store+0x31/0x50 [ 1550.009883] __io_uring_add_tctx_node+0x1cf/0x520 [ 1550.010529] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1550.011228] ? alloc_fd+0x2e7/0x670 [ 1550.011728] io_uring_setup+0x1fbb/0x2980 [ 1550.012289] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1550.012967] ? wait_for_completion_io+0x270/0x270 [ 1550.013628] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1550.014328] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.015013] do_syscall_64+0x33/0x40 [ 1550.015506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1550.016189] RIP: 0033:0x7f606cee6b19 [ 1550.016683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.019107] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.020108] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1550.021062] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1550.022014] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1550.022978] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1550.023910] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1550.024877] CPU: 0 PID: 9067 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1550.026333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1550.028076] Call Trace: [ 1550.028634] dump_stack+0x107/0x167 [ 1550.029423] should_fail.cold+0x5/0xa [ 1550.030206] ? vm_area_dup+0x78/0x290 [ 1550.030983] should_failslab+0x5/0x20 [ 1550.031779] kmem_cache_alloc+0x5b/0x310 [ 1550.032620] vm_area_dup+0x78/0x290 [ 1550.033382] ? lock_release+0x680/0x680 [ 1550.034230] ? mark_lock+0xf5/0x2df0 [ 1550.034346] FAULT_INJECTION: forcing a failure. [ 1550.034346] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.035005] ? lock_chain_count+0x20/0x20 [ 1550.035028] ? mark_lock+0xf5/0x2df0 [ 1550.038132] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1550.039256] ? lock_chain_count+0x20/0x20 [ 1550.040128] ? mark_lock+0xf5/0x2df0 [ 1550.040894] ? vm_area_alloc+0x110/0x110 [ 1550.041749] ? __lock_acquire+0x1657/0x5b00 [ 1550.042685] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1550.043748] ? SOFTIRQ_verbose+0x10/0x10 [ 1550.044571] ? vmacache_find+0x55/0x2a0 [ 1550.045405] __split_vma+0xa8/0x4e0 [ 1550.046154] __do_munmap+0x365/0x1260 [ 1550.046938] ? arch_get_unmapped_area+0x450/0x450 [ 1550.047927] ? lock_release+0x680/0x680 [ 1550.048736] mmap_region+0x7cc/0x1500 [ 1550.049554] do_mmap+0x868/0x1370 [ 1550.050277] vm_mmap_pgoff+0x198/0x1f0 [ 1550.051114] ? randomize_page+0xb0/0xb0 [ 1550.051965] ksys_mmap_pgoff+0x41c/0x560 [ 1550.052830] ? find_mergeable_anon_vma+0x250/0x250 [ 1550.053870] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1550.054974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.056065] do_syscall_64+0x33/0x40 [ 1550.056849] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1550.057945] RIP: 0033:0x7f2d330fab62 [ 1550.058737] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1550.062527] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1550.064100] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1550.065554] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1550.067010] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1550.068456] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1550.069908] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1550.071390] CPU: 1 PID: 9056 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1550.072279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1550.073348] Call Trace: [ 1550.073694] dump_stack+0x107/0x167 [ 1550.074166] should_fail.cold+0x5/0xa [ 1550.074664] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1550.075315] should_failslab+0x5/0x20 [ 1550.075806] kmem_cache_alloc_trace+0x55/0x320 [ 1550.076395] __io_uring_add_tctx_node+0x15c/0x520 [ 1550.077010] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1550.077690] ? alloc_fd+0x2e7/0x670 [ 1550.078165] io_uring_setup+0x1fbb/0x2980 [ 1550.078699] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1550.079356] ? wait_for_completion_io+0x270/0x270 [ 1550.079989] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1550.080659] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.081330] do_syscall_64+0x33/0x40 [ 1550.081806] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1550.082468] RIP: 0033:0x7ff29b41cb19 [ 1550.082941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:29:42 executing program 6: r0 = syz_io_uring_setup(0x7d03, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1a0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x10010, r0, 0x8000000) r4 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) syz_io_uring_submit(r7, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r3, r6, &(0x7f0000000800)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x2, 0x200, &(0x7f0000000740)=[{&(0x7f00000000c0)=""/10, 0xa}, {&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000340)=""/148, 0x94}, {&(0x7f0000000400)=""/152, 0x98}, {&(0x7f00000004c0)=""/255, 0xff}, {&(0x7f0000000180)=""/104, 0x68}, {&(0x7f0000000240)=""/122, 0x7a}, {&(0x7f00000005c0)=""/160, 0xa0}, {&(0x7f0000000680)=""/172, 0xac}], 0x9, 0x14, 0x1}, 0x1) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r8, r2, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd=r1, 0x0, 0x0, 0x0, 0x2, 0x1, {0x0, 0x0, r1}}, 0x80000001) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x51a3, 0xadc3, 0x3, &(0x7f0000000000)={[0x592f]}, 0x8) 21:29:42 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 61) 21:29:42 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000140)={r0, 0x8a99, 0x7, 0x3}) pread64(r1, &(0x7f0000000180)=""/106, 0x6a, 0x1000) ioctl$int_in(r1, 0x5452, &(0x7f0000000200)=0x82) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) fcntl$getown(r2, 0x9) [ 1550.085307] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.086581] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1550.087490] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1550.088399] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1550.089320] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1550.090219] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1550.115324] loop7: detected capacity change from 0 to 262144 21:29:42 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 57) [ 1550.179540] FAULT_INJECTION: forcing a failure. [ 1550.179540] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.182065] CPU: 0 PID: 9079 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1550.183510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1550.185300] Call Trace: [ 1550.185894] dump_stack+0x107/0x167 [ 1550.186677] should_fail.cold+0x5/0xa [ 1550.187501] ? xas_alloc+0x336/0x440 [ 1550.188294] should_failslab+0x5/0x20 [ 1550.189075] kmem_cache_alloc+0x5b/0x310 [ 1550.189957] xas_alloc+0x336/0x440 [ 1550.190783] xas_create+0x34a/0x10d0 [ 1550.191597] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1550.192707] xas_store+0x8c/0x1c40 [ 1550.193474] __xa_store+0x164/0x2d0 [ 1550.194225] ? xa_delete_node+0x280/0x280 [ 1550.195084] ? trace_hardirqs_on+0x5b/0x180 [ 1550.196003] xa_store+0x31/0x50 [ 1550.196708] __io_uring_add_tctx_node+0x1cf/0x520 [ 1550.197766] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1550.198869] ? alloc_fd+0x2e7/0x670 [ 1550.199655] io_uring_setup+0x1fbb/0x2980 [ 1550.200540] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1550.201607] ? wait_for_completion_io+0x270/0x270 [ 1550.202653] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1550.203761] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.204848] do_syscall_64+0x33/0x40 [ 1550.205651] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1550.206734] RIP: 0033:0x7f606cee6b19 [ 1550.207512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.211392] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.212953] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1550.214434] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1550.215942] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1550.217451] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1550.218740] FAULT_INJECTION: forcing a failure. [ 1550.218740] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.218974] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1550.221301] CPU: 1 PID: 9086 Comm: syz-executor.3 Not tainted 5.10.255 #1 21:29:42 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3, 0x100010, r0, 0x8000000) 21:29:42 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x25c400, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000180)={0x1, 0x7}) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:29:42 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) [ 1550.222119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1550.223392] Call Trace: [ 1550.223718] dump_stack+0x107/0x167 [ 1550.224160] should_fail.cold+0x5/0xa [ 1550.224619] ? create_object.isra.0+0x3a/0xa30 [ 1550.225167] should_failslab+0x5/0x20 [ 1550.225638] kmem_cache_alloc+0x5b/0x310 [ 1550.226127] ? mark_held_locks+0x9e/0xe0 [ 1550.226612] create_object.isra.0+0x3a/0xa30 [ 1550.227141] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1550.227754] kmem_cache_alloc+0x159/0x310 [ 1550.228257] xas_alloc+0x336/0x440 [ 1550.228684] xas_create+0x34a/0x10d0 [ 1550.229139] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1550.229769] xas_store+0x8c/0x1c40 [ 1550.230205] __xa_store+0x164/0x2d0 [ 1550.230639] ? xa_delete_node+0x280/0x280 [ 1550.231141] ? trace_hardirqs_on+0x5b/0x180 [ 1550.231663] xa_store+0x31/0x50 [ 1550.232062] __io_uring_add_tctx_node+0x1cf/0x520 [ 1550.232643] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1550.233265] ? alloc_fd+0x2e7/0x670 [ 1550.233714] io_uring_setup+0x1fbb/0x2980 [ 1550.234215] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1550.234827] ? wait_for_completion_io+0x270/0x270 [ 1550.235425] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1550.236061] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.236683] do_syscall_64+0x33/0x40 [ 1550.237135] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1550.237760] RIP: 0033:0x7f38f4330b19 [ 1550.238203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.240386] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.241299] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1550.242146] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1550.242995] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1550.243836] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1550.244685] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:42 executing program 2: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd=r2, 0x1, 0x0, 0x4, 0x0, 0x0, {0x0, r3}}, 0x9) 21:29:42 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x2, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x1, {0x0, r2}}, 0x5) 21:29:42 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x131}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0) r2 = syz_io_uring_setup(0x731, &(0x7f00000002c0)={0x0, 0xff7ffffe, 0x8, 0x2000000, 0x3, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000000)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) r5 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) io_uring_enter(r5, 0x10058ab, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r5, 0x7bf2, 0x9a35, 0x0, &(0x7f0000000100)={[0x3]}, 0x8) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_submit(r6, r1, &(0x7f0000000040), 0x0) tee(r2, r2, 0x2, 0xa) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x2, 0x4003031, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x5, 0x0, @fd_index=0x4, 0x7, &(0x7f0000000400)="a99d135ed45300d728a95a8c39f8944def76119a55c830022634a49556bd489bb38404700d2af406a1b8b505de899691a79d91c14a02b9b2dbf2786e934ada8b827dd565570284544a368409f42b5dc3715880407ce3f5b03f9d1cb9f9a8db31873d8063dfa1d765923deb874a46964666c52f446518bcc408bb165021944bc2205f4697a7325cfe7c2a2e58a4e91055a65fe53dc54ba1914cc59c97b521ec158a83cbbbe17071a2daac0f06f74916afaf7906814f1fde21aa38b716169a8a18b14ce7e62bd29ee1f14811954d3079f8285e4b2a5c97f8ae05a86b609f", 0xdd, 0xa}, 0x0) syz_io_uring_submit(r8, r1, &(0x7f0000000080)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x1) 21:29:57 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$KDMKTONE(r0, 0x4b30, 0x7fff) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:29:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f00000004c0), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9}], 0x2203010, &(0x7f0000000040)={[{@data_writeback}, {@abort}]}) syz_io_uring_setup(0x0, &(0x7f0000001780)={0x0, 0x0, 0x3a9218db8cd352ca, 0x0, 0xee}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000006c0)=0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r2, 0x0, 0x0}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') r5 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={0x0}, 0x0, 0xe90, 0x100, 0x0, 0x0, 0xc4d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, @out_args}, './file0\x00'}) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) pread64(r7, &(0x7f0000000140)=""/196, 0xc4, 0x80000000) syz_io_uring_setup(0x69b0, &(0x7f0000000600)={0x0, 0x7e4d, 0x8, 0x2, 0x24b, 0x0, r7}, &(0x7f0000d1a000/0x2000)=nil, &(0x7f0000d1a000/0x2000)=nil, &(0x7f00000001c0), &(0x7f00000004c0)) ftruncate(r6, 0x8) pread64(r4, &(0x7f0000001100)=""/4095, 0x20001be3, 0xf0ff1f) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r5) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd_index=0x5, 0x0, 0x0, 0x401, 0x0, 0x1, {0x0, r3, r4}}, 0xb7) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000005c0)={0xb8, 0x0, &(0x7f0000000500)=[@clear_death, @exit_looper, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f00000002c0)={@flat=@binder={0x73622a85, 0x1100, 0x3}, @fd, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/62, 0x3e, 0x2, 0x22}}, &(0x7f0000000340)={0x0, 0x18, 0x30}}, 0x1000}, @free_buffer, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f00000003c0)={@fda={0x66646185, 0x3, 0x2, 0x3f}, @fda={0x66646185, 0xa, 0x2, 0x40}, @ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2d}}, &(0x7f0000000440)={0x0, 0x20, 0x40}}, 0x40}], 0x32, 0x0, &(0x7f0000000480)="3f60c9092534918fdde146e9d119eaf46366983ebebb1b8541d5fd35b61f79d493037c3ffec408b4b97edba8a27114e56662"}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)=ANY=[@ANYBLOB="050020000100000018040000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r8 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x0, 0x2, 0x6b}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0) 21:29:57 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 58) 21:29:57 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 62) 21:29:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0xf491}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x400}, 0x3f) 21:29:57 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:29:57 executing program 6: r0 = syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000003c0), &(0x7f0000000380)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = fsmount(0xffffffffffffffff, 0x0, 0x2) recvmsg$unix(r2, &(0x7f0000000340)={&(0x7f00000000c0), 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/143}], 0x3, &(0x7f0000000280), 0xfe4e}, 0x40000160) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x24}}, 0x40000) fgetxattr(r1, &(0x7f0000000000)=@known='trusted.overlay.opaque\x00', &(0x7f0000000040)=""/100, 0x64) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:29:57 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) [ 1565.363278] FAULT_INJECTION: forcing a failure. [ 1565.363278] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.364827] CPU: 0 PID: 9104 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1565.365732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.366814] Call Trace: [ 1565.367174] dump_stack+0x107/0x167 [ 1565.367651] should_fail.cold+0x5/0xa [ 1565.368151] ? create_object.isra.0+0x3a/0xa30 [ 1565.368749] should_failslab+0x5/0x20 [ 1565.369249] kmem_cache_alloc+0x5b/0x310 [ 1565.369790] ? mark_held_locks+0x9e/0xe0 [ 1565.370327] create_object.isra.0+0x3a/0xa30 [ 1565.370902] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1565.371569] kmem_cache_alloc+0x159/0x310 [ 1565.372120] xas_alloc+0x336/0x440 [ 1565.372589] xas_create+0x34a/0x10d0 [ 1565.373085] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.373783] xas_store+0x8c/0x1c40 [ 1565.374259] __xa_store+0x164/0x2d0 [ 1565.374741] ? xa_delete_node+0x280/0x280 [ 1565.375289] ? trace_hardirqs_on+0x5b/0x180 [ 1565.375860] xa_store+0x31/0x50 [ 1565.376292] __io_uring_add_tctx_node+0x1cf/0x520 [ 1565.376922] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1565.377377] FAULT_INJECTION: forcing a failure. [ 1565.377377] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.377613] ? alloc_fd+0x2e7/0x670 [ 1565.377636] io_uring_setup+0x1fbb/0x2980 [ 1565.381169] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1565.381847] ? wait_for_completion_io+0x270/0x270 [ 1565.382498] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.383185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.383864] do_syscall_64+0x33/0x40 [ 1565.384357] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.385041] RIP: 0033:0x7f606cee6b19 [ 1565.385540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.387925] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1565.388912] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1565.389850] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1565.390781] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1565.391717] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1565.392652] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1565.393678] CPU: 1 PID: 9110 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1565.395247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.397130] Call Trace: [ 1565.397742] dump_stack+0x107/0x167 [ 1565.398574] should_fail.cold+0x5/0xa [ 1565.399448] ? create_object.isra.0+0x3a/0xa30 [ 1565.400492] should_failslab+0x5/0x20 [ 1565.401368] kmem_cache_alloc+0x5b/0x310 [ 1565.402309] create_object.isra.0+0x3a/0xa30 [ 1565.403305] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1565.404467] kmem_cache_alloc+0x159/0x310 [ 1565.405411] vm_area_dup+0x78/0x290 [ 1565.406240] ? lock_release+0x680/0x680 [ 1565.407143] ? mark_lock+0xf5/0x2df0 [ 1565.407995] ? lock_chain_count+0x20/0x20 [ 1565.408911] ? mark_lock+0xf5/0x2df0 [ 1565.409748] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.410939] ? lock_chain_count+0x20/0x20 [ 1565.411881] ? mark_lock+0xf5/0x2df0 [ 1565.412725] ? vm_area_alloc+0x110/0x110 [ 1565.413648] ? __lock_acquire+0x1657/0x5b00 [ 1565.414644] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.415813] ? SOFTIRQ_verbose+0x10/0x10 [ 1565.416724] ? vmacache_find+0x55/0x2a0 [ 1565.417645] __split_vma+0xa8/0x4e0 [ 1565.418467] __do_munmap+0x365/0x1260 [ 1565.419324] ? arch_get_unmapped_area+0x450/0x450 [ 1565.420405] ? lock_release+0x680/0x680 [ 1565.421298] mmap_region+0x7cc/0x1500 [ 1565.422193] do_mmap+0x868/0x1370 [ 1565.423190] vm_mmap_pgoff+0x198/0x1f0 [ 1565.424085] ? randomize_page+0xb0/0xb0 [ 1565.424988] ksys_mmap_pgoff+0x41c/0x560 [ 1565.425906] ? find_mergeable_anon_vma+0x250/0x250 [ 1565.427016] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.428195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.429349] do_syscall_64+0x33/0x40 [ 1565.430192] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.431341] RIP: 0033:0x7f2d330fab62 [ 1565.432166] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1565.436273] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1565.437976] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1565.439566] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1565.441147] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1565.442741] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1565.444302] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1565.488150] loop2: detected capacity change from 0 to 262144 [ 1565.499337] FAULT_INJECTION: forcing a failure. [ 1565.499337] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.500918] CPU: 0 PID: 9120 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1565.501782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.502811] Call Trace: [ 1565.503146] dump_stack+0x107/0x167 [ 1565.503607] should_fail.cold+0x5/0xa [ 1565.504080] ? xas_alloc+0x336/0x440 [ 1565.504550] should_failslab+0x5/0x20 [ 1565.505036] kmem_cache_alloc+0x5b/0x310 [ 1565.505551] ? stack_trace_consume_entry+0x160/0x160 [ 1565.506178] xas_alloc+0x336/0x440 [ 1565.506624] xas_create+0x34a/0x10d0 [ 1565.507107] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.507761] xas_store+0x8c/0x1c40 [ 1565.508215] __xa_store+0x164/0x2d0 [ 1565.508666] ? xa_delete_node+0x280/0x280 [ 1565.509183] ? trace_hardirqs_on+0x5b/0x180 [ 1565.509733] xa_store+0x31/0x50 [ 1565.510144] __io_uring_add_tctx_node+0x1cf/0x520 [ 1565.510747] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1565.511383] ? alloc_fd+0x2e7/0x670 [ 1565.511838] io_uring_setup+0x1fbb/0x2980 [ 1565.512353] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1565.512982] ? wait_for_completion_io+0x270/0x270 [ 1565.513608] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.514249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.514881] do_syscall_64+0x33/0x40 [ 1565.515349] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.515975] RIP: 0033:0x7ff29b41cb19 [ 1565.516440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.518713] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1565.519662] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1565.520528] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1565.521401] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1565.522277] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1565.523143] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:57 executing program 4: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440)={[0x8]}, 0x8) sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf250d0000008c0106801b0003004bd851b56b3ee831e725bb53b5b41ad3bdad74488b0cf100040002000800010000000080960003003a7a4d2466ca4210fcf4a8ffe1a2c4af09c510cffbaf9dc07570fcc4fae832ab80458867e09c850b3459b97348021cf02f5310439859693005780a3aafb6bba3c225748e5cb8c0786c9f82ce6a6993b2ce7093902afbea44ca3d4e080cf5dd5178f66b47ae888b1de48dacfbd5b982238967a8370852dfee3e459427aa65597b72e5369512e62b3204300dc0f76f0338c8d500004500040067636d28616573290000000000000000000000000000000000000000000000001d0000003a163b9db9f83a67f0baf6584c1f0332660e4248e9bd5bb423a25db76200000080000300d9506d46cc021d83703e8da278aaa52c76d091667ae292f0953895ab4a8468fd99a66774d580570fe40288d2dc8caf769dfd61e719f78449d614f58439f39613b98c19d15ea63b613ff9f0190883a66341ecb4656281f0ce01e6509daa78d61b9b2db1c1dc2abef1c9e5f6e4ef7950b3c40f12a8556ae0fb9a5b15bf"], 0x1a0}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000000) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r2, 0x80089419, &(0x7f0000000700)) r3 = getpgrp(0x0) pidfd_open(r3, 0x0) fcntl$setown(r2, 0x8, r3) clone3(&(0x7f0000000380)={0x800, &(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000000200)=0x0, {0x1}, &(0x7f0000000240)=""/157, 0x9d, &(0x7f0000000300)=""/51, &(0x7f0000000340)=[r3, r1, r1, r3, 0xffffffffffffffff], 0x5, {r2}}, 0x58) r5 = syz_open_procfs(r4, &(0x7f0000000740)='net/igmp6\x00') pread64(r5, &(0x7f0000000040)=""/238, 0xee, 0x7) bind$inet6(r5, &(0x7f0000000180)={0xa, 0x4e21, 0x470f61aa, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffffffff}, 0x1c) 21:29:57 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 63) 21:29:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1800000, 0xc0010, r0, 0x8000000) 21:29:57 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/152, 0x98}, {&(0x7f0000000340)=""/216, 0xd8}], 0x2, &(0x7f0000000a00)=ANY=[@ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYBLOB="1c0000000000c8fdc91cdd68fc95d6856e00000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000a972df40193e951b893a20000000100000002000000ca5d52fbd43e84d8531a31c2f59f41efaf041360d0da5ed08a09642a8ba19c75bb3c1d902bf562047d9328813ae431381deb7ce606be18b8ddd4731666ff076fbf83fd05de7ee5c291a034bc75f0ccdcc51757b326c36407d22b2a821cad8557", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000000000000f15f6613a1f71205bb962dc7aae30d433cfd1f1132b2a29ece7acc0f76f247320b583bbdcdbb9155907c4715e666d134b850a7990b43517011dfc5d908b470ef80c2d6285474a8a3850600000000000000c89e7e446843907f6b02766b0f7046a050cdff76", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x138}, 0x2062) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000a, 0x110, r1, 0x0) syz_io_uring_setup(0x4e36, &(0x7f0000000180)={0x0, 0x3e76, 0x8, 0x2, 0x2b, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) ioctl$sock_proto_private(0xffffffffffffffff, 0x89e9, &(0x7f0000000580)="e1c3f3b53fc66940ce575872a5c6830d88e855a5d07237d69be585a89601c6fbbea8b2a6871f1a9f799faff48a91696253bedbee9900b19feae0c9dde58ba62f1e691ed0ee76f26c701b6f3003c5ac4dfca11afb8d060fbea9351bf1544e412b2d0fb7b215ff7fd77280a6deed846d0ee2334f4d6ea639c1e3b9a8ed29f196b4ac628a238fac8ab6ea36cd603eece029755be30a1ee156eef81409b9941b3e195c66f9f0e73104fdeb535ea457f33796807443939b473216673775ffefd2ea56657e5bb9c3d74a9638ed978f2d8c11a2f47baf8a65d8b6f6aa0e") 21:29:57 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 59) [ 1565.621559] FAULT_INJECTION: forcing a failure. [ 1565.621559] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.622959] CPU: 0 PID: 9130 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1565.623759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.624729] Call Trace: [ 1565.625043] dump_stack+0x107/0x167 [ 1565.625481] should_fail.cold+0x5/0xa [ 1565.625929] ? anon_vma_clone+0xdc/0x590 [ 1565.626406] should_failslab+0x5/0x20 [ 1565.626858] kmem_cache_alloc+0x5b/0x310 [ 1565.627340] anon_vma_clone+0xdc/0x590 [ 1565.627801] __split_vma+0x17c/0x4e0 [ 1565.628239] __do_munmap+0x365/0x1260 [ 1565.628688] ? arch_get_unmapped_area+0x450/0x450 [ 1565.629260] ? lock_release+0x680/0x680 [ 1565.629733] mmap_region+0x7cc/0x1500 [ 1565.630191] do_mmap+0x868/0x1370 [ 1565.630605] vm_mmap_pgoff+0x198/0x1f0 [ 1565.631066] ? randomize_page+0xb0/0xb0 [ 1565.631544] ksys_mmap_pgoff+0x41c/0x560 [ 1565.632021] ? find_mergeable_anon_vma+0x250/0x250 [ 1565.632593] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.633205] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.633814] do_syscall_64+0x33/0x40 [ 1565.634249] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.634845] RIP: 0033:0x7f2d330fab62 [ 1565.635278] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1565.637411] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1565.638315] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1565.639142] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1565.639966] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1565.640796] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1565.641634] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:57 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1565.682736] FAULT_INJECTION: forcing a failure. [ 1565.682736] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.684260] CPU: 0 PID: 9122 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1565.685041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.685994] Call Trace: [ 1565.686300] dump_stack+0x107/0x167 [ 1565.686721] should_fail.cold+0x5/0xa [ 1565.687157] ? create_object.isra.0+0x3a/0xa30 [ 1565.687680] should_failslab+0x5/0x20 [ 1565.688115] kmem_cache_alloc+0x5b/0x310 [ 1565.688322] FAULT_INJECTION: forcing a failure. [ 1565.688322] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.688578] ? mark_held_locks+0x9e/0xe0 [ 1565.688593] create_object.isra.0+0x3a/0xa30 [ 1565.688601] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1565.688616] kmem_cache_alloc+0x159/0x310 [ 1565.688635] xas_alloc+0x336/0x440 [ 1565.693490] xas_create+0x34a/0x10d0 [ 1565.693923] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.694519] xas_store+0x8c/0x1c40 [ 1565.694935] __xa_store+0x164/0x2d0 [ 1565.695356] ? xa_delete_node+0x280/0x280 [ 1565.695834] ? trace_hardirqs_on+0x5b/0x180 [ 1565.696331] xa_store+0x31/0x50 [ 1565.696711] __io_uring_add_tctx_node+0x1cf/0x520 [ 1565.697260] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1565.697868] ? alloc_fd+0x2e7/0x670 [ 1565.698290] io_uring_setup+0x1fbb/0x2980 [ 1565.698768] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1565.699345] ? wait_for_completion_io+0x270/0x270 [ 1565.699911] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.700510] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.701104] do_syscall_64+0x33/0x40 [ 1565.701537] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.702119] RIP: 0033:0x7f38f4330b19 [ 1565.702543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.704628] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1565.705496] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1565.706307] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1565.707116] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1565.707926] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1565.708735] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1565.709583] CPU: 1 PID: 9137 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1565.711137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.713007] Call Trace: [ 1565.713611] dump_stack+0x107/0x167 [ 1565.714529] should_fail.cold+0x5/0xa [ 1565.715391] ? xas_alloc+0x336/0x440 [ 1565.716229] should_failslab+0x5/0x20 [ 1565.717085] kmem_cache_alloc+0x5b/0x310 [ 1565.718018] xas_alloc+0x336/0x440 [ 1565.718832] xas_create+0x34a/0x10d0 [ 1565.719690] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.720871] xas_store+0x8c/0x1c40 [ 1565.721701] __xa_store+0x164/0x2d0 [ 1565.722539] ? xa_delete_node+0x280/0x280 [ 1565.723481] ? trace_hardirqs_on+0x5b/0x180 [ 1565.724462] xa_store+0x31/0x50 [ 1565.725214] __io_uring_add_tctx_node+0x1cf/0x520 [ 1565.726307] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1565.727494] ? alloc_fd+0x2e7/0x670 [ 1565.728334] io_uring_setup+0x1fbb/0x2980 [ 1565.729286] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1565.730465] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.731646] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.732819] do_syscall_64+0x33/0x40 [ 1565.733669] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.734819] RIP: 0033:0x7f606cee6b19 [ 1565.735658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.739790] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1565.741517] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1565.743120] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1565.744720] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1565.746330] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1565.747934] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:29:57 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 64) 21:29:57 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f0000000000), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = dup2(r0, r0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000002, 0x8010, r1, 0x8000000) syz_io_uring_setup(0x4cf6, &(0x7f0000000080)={0x0, 0x7, 0x0, 0x0, 0x157, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000180)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x2000, @fd=r0, 0x1ff, 0x0, 0x0, 0xc, 0x1, {0x2}}, 0x7e6d) [ 1565.816546] FAULT_INJECTION: forcing a failure. [ 1565.816546] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.817931] CPU: 0 PID: 9140 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1565.818707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.819658] Call Trace: [ 1565.819969] dump_stack+0x107/0x167 [ 1565.820392] should_fail.cold+0x5/0xa [ 1565.820830] ? create_object.isra.0+0x3a/0xa30 [ 1565.821355] should_failslab+0x5/0x20 [ 1565.821796] kmem_cache_alloc+0x5b/0x310 [ 1565.822263] create_object.isra.0+0x3a/0xa30 [ 1565.822761] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1565.823343] kmem_cache_alloc+0x159/0x310 [ 1565.823819] xas_alloc+0x336/0x440 [ 1565.824226] xas_create+0x34a/0x10d0 [ 1565.824661] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1565.825262] xas_store+0x8c/0x1c40 [ 1565.825685] __xa_store+0x164/0x2d0 [ 1565.826108] ? xa_delete_node+0x280/0x280 [ 1565.826585] ? trace_hardirqs_on+0x5b/0x180 [ 1565.827086] xa_store+0x31/0x50 [ 1565.827463] __io_uring_add_tctx_node+0x1cf/0x520 [ 1565.828012] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1565.828606] ? alloc_fd+0x2e7/0x670 [ 1565.829032] io_uring_setup+0x1fbb/0x2980 [ 1565.829517] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1565.830095] ? wait_for_completion_io+0x270/0x270 [ 1565.830657] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.831254] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.831842] do_syscall_64+0x33/0x40 [ 1565.832272] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.832853] RIP: 0033:0x7ff29b41cb19 [ 1565.833276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.835374] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1565.836241] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1565.837056] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1565.837817] FAULT_INJECTION: forcing a failure. [ 1565.837817] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.837879] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1565.837886] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1565.837901] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1565.842823] CPU: 1 PID: 9143 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1565.844366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1565.846250] Call Trace: [ 1565.846848] dump_stack+0x107/0x167 [ 1565.847676] should_fail.cold+0x5/0xa [ 1565.848538] ? anon_vma_clone+0xdc/0x590 [ 1565.849458] should_failslab+0x5/0x20 [ 1565.850317] kmem_cache_alloc+0x5b/0x310 [ 1565.851242] anon_vma_clone+0xdc/0x590 [ 1565.852133] __split_vma+0x17c/0x4e0 [ 1565.852978] __do_munmap+0x365/0x1260 [ 1565.853842] ? arch_get_unmapped_area+0x450/0x450 [ 1565.854934] ? lock_release+0x680/0x680 [ 1565.855838] mmap_region+0x7cc/0x1500 [ 1565.856718] do_mmap+0x868/0x1370 [ 1565.857521] vm_mmap_pgoff+0x198/0x1f0 [ 1565.858406] ? randomize_page+0xb0/0xb0 [ 1565.859321] ksys_mmap_pgoff+0x41c/0x560 [ 1565.860237] ? find_mergeable_anon_vma+0x250/0x250 [ 1565.861344] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1565.862592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.863754] do_syscall_64+0x33/0x40 [ 1565.864586] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1565.865741] RIP: 0033:0x7f2d330fab62 [ 1565.866574] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1565.870714] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1565.872490] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1565.874105] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1565.875701] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1565.877304] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1565.878923] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:13 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 65) 21:30:13 executing program 6: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = syz_io_uring_setup(0x690e, &(0x7f0000000000)={0x0, 0x5cff, 0x8, 0x2, 0x43, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r1, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000100)={0x240000, 0x1ae, 0x18}, &(0x7f0000000180)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r4}}, 0xfffffffa) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x200000f, 0x2010, r2, 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x14d000, 0x0) io_uring_enter(r5, 0x6abd, 0x7e27, 0x2, &(0x7f0000000280)={[0x1]}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0) io_uring_enter(r6, 0x10058ab, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x800, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000a, 0x110, r6, 0x0) 21:30:13 executing program 2: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0xf491}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x400}, 0x3f) 21:30:13 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) 21:30:13 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 60) 21:30:13 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:30:13 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') sendmsg$TIPC_NL_KEY_FLUSH(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x134, 0x0, 0x325463b51816ac47, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x400}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xbe0a}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7ff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3bc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3198097d}]}, @TIPC_NLA_BEARER={0x44, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffff8}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast2}}}}]}, @TIPC_NLA_BEARER={0x70, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @rand_addr=0x64010100}}, {0x14, 0x2, @in={0x2, 0x4e21, @private=0xa010101}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}]}]}]}, 0x134}, 0x1, 0x0, 0x0, 0x801}, 0xc0000) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) pread64(r0, &(0x7f0000000140)=""/45, 0x2d, 0x7) [ 1580.873159] FAULT_INJECTION: forcing a failure. [ 1580.873159] name failslab, interval 1, probability 0, space 0, times 0 [ 1580.875737] CPU: 0 PID: 9164 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1580.877179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1580.878982] Call Trace: [ 1580.879292] FAULT_INJECTION: forcing a failure. [ 1580.879292] name failslab, interval 1, probability 0, space 0, times 0 [ 1580.879553] dump_stack+0x107/0x167 [ 1580.879581] should_fail.cold+0x5/0xa [ 1580.883547] ? create_object.isra.0+0x3a/0xa30 [ 1580.884538] should_failslab+0x5/0x20 [ 1580.885354] kmem_cache_alloc+0x5b/0x310 [ 1580.886229] ? mark_held_locks+0x9e/0xe0 [ 1580.887081] create_object.isra.0+0x3a/0xa30 [ 1580.887994] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1580.889053] kmem_cache_alloc+0x159/0x310 [ 1580.889937] xas_alloc+0x336/0x440 [ 1580.890680] xas_create+0x34a/0x10d0 [ 1580.891471] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1580.892563] xas_store+0x8c/0x1c40 [ 1580.893320] __xa_store+0x164/0x2d0 [ 1580.894092] ? xa_delete_node+0x280/0x280 [ 1580.894969] ? trace_hardirqs_on+0x5b/0x180 [ 1580.895878] xa_store+0x31/0x50 [ 1580.896571] __io_uring_add_tctx_node+0x1cf/0x520 [ 1580.897580] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1580.898677] ? alloc_fd+0x2e7/0x670 [ 1580.899453] io_uring_setup+0x1fbb/0x2980 [ 1580.900328] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1580.901389] ? wait_for_completion_io+0x270/0x270 [ 1580.902428] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1580.903520] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1580.904604] do_syscall_64+0x33/0x40 [ 1580.905379] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1580.906560] RIP: 0033:0x7f606cee6b19 [ 1580.907545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1580.912102] RSP: 002b:00007f606a45c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1580.913747] RAX: ffffffffffffffda RBX: 00007f606cff9f60 RCX: 00007f606cee6b19 [ 1580.915244] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1580.916772] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1580.918317] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1580.919921] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1580.921516] CPU: 1 PID: 9165 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1580.923013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1580.924790] Call Trace: [ 1580.925368] dump_stack+0x107/0x167 [ 1580.925967] FAULT_INJECTION: forcing a failure. [ 1580.925967] name failslab, interval 1, probability 0, space 0, times 0 [ 1580.926165] should_fail.cold+0x5/0xa [ 1580.929380] ? vm_area_alloc+0x1c/0x110 [ 1580.930244] should_failslab+0x5/0x20 [ 1580.931063] kmem_cache_alloc+0x5b/0x310 [ 1580.931945] vm_area_alloc+0x1c/0x110 [ 1580.932765] mmap_region+0x982/0x1500 [ 1580.933611] do_mmap+0x868/0x1370 [ 1580.934379] vm_mmap_pgoff+0x198/0x1f0 [ 1580.935228] ? randomize_page+0xb0/0xb0 [ 1580.936103] ksys_mmap_pgoff+0x41c/0x560 [ 1580.936980] ? find_mergeable_anon_vma+0x250/0x250 [ 1580.938055] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1580.939191] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1580.940306] do_syscall_64+0x33/0x40 [ 1580.941111] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1580.942220] RIP: 0033:0x7f2d330fab62 [ 1580.943025] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1580.946995] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1580.948634] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1580.950176] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1580.951715] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1580.953252] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1580.954808] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1580.956382] CPU: 0 PID: 9160 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1580.957881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1580.959659] Call Trace: [ 1580.960229] dump_stack+0x107/0x167 [ 1580.961022] should_fail.cold+0x5/0xa [ 1580.961850] ? xas_alloc+0x336/0x440 [ 1580.962651] should_failslab+0x5/0x20 [ 1580.963468] kmem_cache_alloc+0x5b/0x310 [ 1580.964348] xas_alloc+0x336/0x440 [ 1580.965118] xas_create+0x34a/0x10d0 [ 1580.965943] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1580.967071] xas_store+0x8c/0x1c40 [ 1580.967854] __xa_store+0x164/0x2d0 [ 1580.968645] ? xa_delete_node+0x280/0x280 [ 1580.969543] ? trace_hardirqs_on+0x5b/0x180 [ 1580.970492] xa_store+0x31/0x50 [ 1580.971206] __io_uring_add_tctx_node+0x1cf/0x520 [ 1580.972245] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1580.973366] ? alloc_fd+0x2e7/0x670 [ 1580.974174] io_uring_setup+0x1fbb/0x2980 [ 1580.975079] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1580.976168] ? wait_for_completion_io+0x270/0x270 [ 1580.977231] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1580.978371] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1580.979482] do_syscall_64+0x33/0x40 [ 1580.980289] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1580.981386] RIP: 0033:0x7ff29b41cb19 [ 1580.982196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1580.986175] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1580.987806] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1580.989338] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1580.990873] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1580.992404] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1580.993939] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1581.046116] FAULT_INJECTION: forcing a failure. [ 1581.046116] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.048681] CPU: 0 PID: 9169 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1581.050157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.051961] Call Trace: [ 1581.052545] dump_stack+0x107/0x167 21:30:13 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/231, 0xe7, 0x10000) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmmsg(r0, &(0x7f0000002680)=[{{0x0, 0x0, &(0x7f0000000240)}}], 0x1, 0x40002060, 0x0) accept$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000180)=0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$IP_SET_OP_GET_BYINDEX(r2, 0x1, 0x53, &(0x7f00000001c0)={0x7, 0x7, 0x2}, &(0x7f0000000200)=0x28) 21:30:13 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (fail_nth: 1) 21:30:13 executing program 6: ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) [ 1581.053318] should_fail.cold+0x5/0xa [ 1581.054413] ? xas_alloc+0x336/0x440 [ 1581.055221] should_failslab+0x5/0x20 [ 1581.056042] kmem_cache_alloc+0x5b/0x310 [ 1581.056937] xas_alloc+0x336/0x440 [ 1581.057725] xas_create+0x34a/0x10d0 [ 1581.058542] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.059673] xas_store+0x8c/0x1c40 [ 1581.060461] __xa_store+0x164/0x2d0 [ 1581.061248] ? xa_delete_node+0x280/0x280 [ 1581.062178] ? trace_hardirqs_on+0x5b/0x180 [ 1581.063113] xa_store+0x31/0x50 [ 1581.063877] __io_uring_add_tctx_node+0x1cf/0x520 [ 1581.064947] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1581.066094] ? alloc_fd+0x2e7/0x670 [ 1581.066897] io_uring_setup+0x1fbb/0x2980 [ 1581.067805] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1581.068893] ? wait_for_completion_io+0x270/0x270 [ 1581.069973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.071102] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.072211] do_syscall_64+0x33/0x40 [ 1581.073011] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.074131] RIP: 0033:0x7f38f4330b19 [ 1581.074928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.078860] RSP: 002b:00007f38f1885108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1581.080496] RAX: ffffffffffffffda RBX: 00007f38f4444020 RCX: 00007f38f4330b19 [ 1581.082027] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1581.083562] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1581.085080] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1581.086618] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:13 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r8 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x8f, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0x7}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r8, 0x0) syz_io_uring_submit(r6, r4, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4, 0x0, r8, &(0x7f0000000080)={0x80000000}, r0}, 0xfffffffa) pidfd_getfd(0xffffffffffffffff, r0, 0x0) r9 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r9, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="24b9167360da6ce1462141bedcebdcc0283fc1982319fbc33f8e7950c28500", @ANYRES16=0x0, @ANYBLOB="0500eca296650000000000000000000000e1", @ANYRES32=0x0, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) ioctl$BTRFS_IOC_FS_INFO(r10, 0x8400941f, &(0x7f0000000400)) io_uring_enter(r9, 0x10058ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000f, 0x13, r9, 0x0) io_uring_enter(r0, 0x579a, 0xdef5, 0x2, &(0x7f0000000040)={[0x5]}, 0x8) 21:30:13 executing program 6: r0 = syz_io_uring_setup(0x394c, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x0, 0xfff7ffff}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 21:30:13 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 61) [ 1581.186882] FAULT_INJECTION: forcing a failure. [ 1581.186882] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.190173] CPU: 1 PID: 9181 Comm: syz-executor.2 Not tainted 5.10.255 #1 [ 1581.191639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.193402] Call Trace: [ 1581.193990] dump_stack+0x107/0x167 [ 1581.194769] should_fail.cold+0x5/0xa [ 1581.195588] ? getname_flags.part.0+0x50/0x4f0 [ 1581.196552] should_failslab+0x5/0x20 [ 1581.197363] kmem_cache_alloc+0x5b/0x310 [ 1581.198245] getname_flags.part.0+0x50/0x4f0 [ 1581.199180] getname+0x8e/0xd0 [ 1581.199864] do_sys_openat2+0xf9/0x4d0 [ 1581.200696] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1581.201848] ? build_open_flags+0x6f0/0x6f0 [ 1581.202772] ? __x64_sys_openat+0x101/0x1f0 [ 1581.203695] __x64_sys_openat+0x13f/0x1f0 [ 1581.204576] ? __ia32_sys_open+0x1c0/0x1c0 [ 1581.205523] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.206645] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.207745] do_syscall_64+0x33/0x40 [ 1581.208537] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.209635] RIP: 0033:0x7f1e91e61a04 [ 1581.210416] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1581.214330] RSP: 002b:00007f1e8f4030b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1581.215932] RAX: ffffffffffffffda RBX: 00007f1e91fc2020 RCX: 00007f1e91e61a04 [ 1581.217446] RDX: 0000000000000000 RSI: 00007f1e91f07f82 RDI: 00000000ffffff9c [ 1581.218965] RBP: 00007f1e91f07f82 R08: 0000000000000000 R09: 0000000000000000 [ 1581.220478] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1581.221995] R13: 00007ffecf7a831f R14: 00007f1e8f403300 R15: 0000000000022000 21:30:13 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 66) [ 1581.258779] audit: type=1326 audit(1778448613.465:3560): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9170 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1581.269121] audit: type=1326 audit(1778448613.480:3561): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9170 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1581.275089] FAULT_INJECTION: forcing a failure. [ 1581.275089] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.277596] CPU: 0 PID: 9185 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1581.279084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.280868] Call Trace: [ 1581.281439] dump_stack+0x107/0x167 [ 1581.282250] should_fail.cold+0x5/0xa [ 1581.283077] ? vm_area_dup+0x78/0x290 [ 1581.283894] should_failslab+0x5/0x20 [ 1581.284720] kmem_cache_alloc+0x5b/0x310 [ 1581.285628] vm_area_dup+0x78/0x290 [ 1581.286403] ? lock_release+0x680/0x680 [ 1581.287262] ? mark_lock+0xf5/0x2df0 [ 1581.288074] ? lock_chain_count+0x20/0x20 [ 1581.288973] ? mark_lock+0xf5/0x2df0 [ 1581.289816] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.290948] ? lock_chain_count+0x20/0x20 [ 1581.291845] ? mark_lock+0xf5/0x2df0 [ 1581.292649] ? vm_area_alloc+0x110/0x110 [ 1581.293535] ? __lock_acquire+0x1657/0x5b00 [ 1581.294516] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.295665] ? SOFTIRQ_verbose+0x10/0x10 [ 1581.296556] ? vmacache_find+0x55/0x2a0 [ 1581.297446] __split_vma+0xa8/0x4e0 [ 1581.298260] __do_munmap+0x365/0x1260 [ 1581.299087] ? arch_get_unmapped_area+0x450/0x450 [ 1581.300119] ? lock_release+0x680/0x680 [ 1581.300973] mmap_region+0x7cc/0x1500 [ 1581.301834] do_mmap+0x868/0x1370 [ 1581.302609] vm_mmap_pgoff+0x198/0x1f0 [ 1581.303443] ? randomize_page+0xb0/0xb0 [ 1581.304269] FAULT_INJECTION: forcing a failure. [ 1581.304269] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.306701] ksys_mmap_pgoff+0x41c/0x560 [ 1581.307584] ? find_mergeable_anon_vma+0x250/0x250 [ 1581.308639] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.309780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.310895] do_syscall_64+0x33/0x40 [ 1581.311697] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.312786] RIP: 0033:0x7f606cee6b62 [ 1581.313593] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1581.318005] RSP: 002b:00007f606a45c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1581.319813] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f606cee6b62 [ 1581.321339] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1581.322904] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1581.324414] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1581.325958] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1581.327553] CPU: 1 PID: 9188 Comm: syz-executor.0 Not tainted 5.10.255 #1 21:30:13 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x10058ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000140)={0x1, 0x71d}) [ 1581.329069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.331081] Call Trace: [ 1581.331648] dump_stack+0x107/0x167 [ 1581.332407] should_fail.cold+0x5/0xa [ 1581.333212] ? create_object.isra.0+0x3a/0xa30 [ 1581.334182] should_failslab+0x5/0x20 [ 1581.334985] kmem_cache_alloc+0x5b/0x310 [ 1581.335840] create_object.isra.0+0x3a/0xa30 [ 1581.336754] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.337843] kmem_cache_alloc+0x159/0x310 [ 1581.338714] vm_area_alloc+0x1c/0x110 [ 1581.339511] mmap_region+0x982/0x1500 [ 1581.340342] do_mmap+0x868/0x1370 [ 1581.341086] vm_mmap_pgoff+0x198/0x1f0 [ 1581.341924] ? randomize_page+0xb0/0xb0 [ 1581.342814] ksys_mmap_pgoff+0x41c/0x560 [ 1581.343662] ? find_mergeable_anon_vma+0x250/0x250 [ 1581.344681] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.345778] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.346858] do_syscall_64+0x33/0x40 [ 1581.347627] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.348690] RIP: 0033:0x7f2d330fab62 [ 1581.349466] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1581.353295] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1581.354870] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1581.356352] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1581.357835] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1581.359334] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1581.360821] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:13 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:30:13 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xc3}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x10010, r0, 0x8000000) [ 1581.486541] FAULT_INJECTION: forcing a failure. [ 1581.486541] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.488985] CPU: 1 PID: 9197 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1581.490432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.492143] Call Trace: [ 1581.492698] dump_stack+0x107/0x167 [ 1581.493451] should_fail.cold+0x5/0xa [ 1581.494267] ? create_object.isra.0+0x3a/0xa30 [ 1581.495203] should_failslab+0x5/0x20 [ 1581.495988] kmem_cache_alloc+0x5b/0x310 [ 1581.496827] ? mark_held_locks+0x9e/0xe0 [ 1581.497706] create_object.isra.0+0x3a/0xa30 [ 1581.498605] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.499670] kmem_cache_alloc+0x159/0x310 [ 1581.500531] xas_alloc+0x336/0x440 [ 1581.501265] xas_create+0x34a/0x10d0 [ 1581.502053] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.503134] xas_store+0x8c/0x1c40 [ 1581.503883] __xa_store+0x164/0x2d0 [ 1581.504637] ? xa_delete_node+0x280/0x280 [ 1581.505500] ? trace_hardirqs_on+0x5b/0x180 [ 1581.506421] xa_store+0x31/0x50 [ 1581.507115] __io_uring_add_tctx_node+0x1cf/0x520 [ 1581.508115] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1581.509199] ? alloc_fd+0x2e7/0x670 [ 1581.509977] io_uring_setup+0x1fbb/0x2980 [ 1581.510847] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1581.511888] ? wait_for_completion_io+0x270/0x270 [ 1581.512914] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.514017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.515096] do_syscall_64+0x33/0x40 [ 1581.515873] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.516929] RIP: 0033:0x7ff29b41cb19 [ 1581.517715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.521525] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1581.523120] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1581.524590] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1581.526055] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1581.527519] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1581.528989] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:30:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="050000000000001000000600000008080300", @ANYRES32=0x0, @ANYBLOB="08000500020000006396f1ebbbd6b089b60ef2222a3b502e7a5e66c5f6ed174ca3b181a6b6a5330ff457aa55b524b8c68a06e0c519beec03828766ef03f0926e28008c171f721347137505c549cc39c8c4fd03c988c3fc4490804eae10f10e27cdb5fdb3af8d9232cf4c09b575d3de42ccc296003500962be92beddfcf1f2653468abe4a1b1e1c14baf59f3317d6d3988c67608d95b0ac52e587"], 0x24}}, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x0, @nl=@kern={0x10, 0x0, 0x0, 0x400000}, @ethernet={0x1, @remote}, @ethernet={0x1, @local}, 0x8000, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)='veth1\x00', 0x0, 0x5, 0xff63}) r1 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) 21:30:30 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 62) 21:30:30 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000010c0)={0x8, &(0x7f0000001080)=[{0x6, 0x8, 0x3, 0x2}, {0x200, 0x5, 0x9, 0x7fffffff}, {0x1, 0x1c, 0x41, 0x3}, {0x1, 0x2d, 0x3f, 0x8001}, {0x3f, 0x0, 0x13, 0x1}, {0x9e9, 0x20, 0x65, 0x19}, {0x4, 0x8, 0x3, 0x2}, {0x4, 0x5, 0x86, 0x1}]}) unlinkat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x200) pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2003) mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x9) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8000000000000005}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (fail_nth: 2) 21:30:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000140)={0x1, 0x303}) pread64(r0, &(0x7f0000000040)=""/238, 0xee, 0x7) 21:30:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) 21:30:30 executing program 0: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 67) 21:30:30 executing program 7: r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) clone3(&(0x7f0000000400)={0x2010000, &(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000100), {0x22}, &(0x7f0000000180)=""/80, 0x50, &(0x7f0000000340)=""/161, &(0x7f0000000240)=[0x0, 0xffffffffffffffff], 0x2}, 0x58) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x7f, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0xe}, 0x10000, 0x2, 0x9, 0x3, 0x7fff, 0x7fc, 0x80, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xa, r2, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x7, 0x1, 0x1f, 0x1, 0x0, 0xffffffff00000000, 0x10000, 0x1c, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7, 0x7, @perf_config_ext={0x8, 0x8}, 0x221, 0x3, 0x5, 0x8, 0x7ff, 0x1f, 0x4, 0x0, 0x3, 0x0, 0x5}, r1, 0xa, r2, 0x8) [ 1597.932214] audit: type=1326 audit(1778448630.144:3562): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1597.942377] FAULT_INJECTION: forcing a failure. [ 1597.942377] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1597.944993] CPU: 0 PID: 9212 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1597.946386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1597.948081] Call Trace: [ 1597.948637] dump_stack+0x107/0x167 [ 1597.949384] should_fail.cold+0x5/0xa [ 1597.950182] __alloc_pages_nodemask+0x182/0x600 [ 1597.951138] ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320 [ 1597.952378] ? walk_mem_res+0x170/0x170 [ 1597.952731] FAULT_INJECTION: forcing a failure. [ 1597.952731] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.953204] alloc_pages_current+0x187/0x280 [ 1597.953233] pte_alloc_one+0x16/0x1a0 [ 1597.957439] __pte_alloc+0x1d/0x330 [ 1597.958504] remap_pfn_range_internal+0x9a3/0xf60 [ 1597.959742] ? lookup_memtype+0x5b/0x200 [ 1597.960794] ? apply_to_existing_page_range+0x40/0x40 [ 1597.962130] remap_pfn_range+0xcd/0x160 [ 1597.963032] ? remap_pfn_range_notrack+0x70/0x70 [ 1597.964026] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1597.965098] io_uring_mmap+0x398/0x530 [ 1597.965928] mmap_file+0x5e/0xe0 [ 1597.966640] mmap_region+0xc4d/0x1500 [ 1597.967456] do_mmap+0x868/0x1370 [ 1597.968195] vm_mmap_pgoff+0x198/0x1f0 [ 1597.969016] ? randomize_page+0xb0/0xb0 [ 1597.969877] ksys_mmap_pgoff+0x41c/0x560 [ 1597.970727] ? find_mergeable_anon_vma+0x250/0x250 [ 1597.971762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1597.972855] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1597.973940] do_syscall_64+0x33/0x40 [ 1597.974723] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1597.975793] RIP: 0033:0x7f2d330fab62 [ 1597.976575] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1597.980425] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1597.982030] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1597.983523] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1597.985014] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1597.986514] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1597.988004] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1597.989540] CPU: 1 PID: 9216 Comm: syz-executor.3 Not tainted 5.10.255 #1 [ 1597.991302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1597.993409] Call Trace: [ 1597.993706] audit: type=1326 audit(1778448630.158:3563): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1597.994085] dump_stack+0x107/0x167 [ 1597.994116] should_fail.cold+0x5/0xa [ 1597.994146] ? create_object.isra.0+0x3a/0xa30 [ 1597.999977] audit: type=1326 audit(1778448630.158:3564): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.000133] should_failslab+0x5/0x20 [ 1598.003453] audit: type=1326 audit(1778448630.158:3565): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.005534] kmem_cache_alloc+0x5b/0x310 [ 1598.005557] ? mark_held_locks+0x9e/0xe0 [ 1598.005585] create_object.isra.0+0x3a/0xa30 [ 1598.008742] audit: type=1326 audit(1778448630.158:3566): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.010839] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1598.010868] kmem_cache_alloc+0x159/0x310 [ 1598.010905] xas_alloc+0x336/0x440 [ 1598.015228] audit: type=1326 audit(1778448630.158:3567): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.017956] xas_create+0x34a/0x10d0 [ 1598.017997] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.024018] audit: type=1326 audit(1778448630.158:3568): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.025062] xas_store+0x8c/0x1c40 [ 1598.025105] __xa_store+0x164/0x2d0 [ 1598.027673] audit: type=1326 audit(1778448630.158:3569): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.031498] ? xa_delete_node+0x280/0x280 [ 1598.031539] ? trace_hardirqs_on+0x5b/0x180 [ 1598.031573] xa_store+0x31/0x50 [ 1598.039917] __io_uring_add_tctx_node+0x1cf/0x520 [ 1598.040946] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1598.042065] ? alloc_fd+0x2e7/0x670 [ 1598.042850] io_uring_setup+0x1fbb/0x2980 [ 1598.043602] audit: type=1326 audit(1778448630.158:3570): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.043735] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1598.049234] ? wait_for_completion_io+0x270/0x270 [ 1598.050290] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.051390] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.051975] FAULT_INJECTION: forcing a failure. [ 1598.051975] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.052482] do_syscall_64+0x33/0x40 [ 1598.052510] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.056581] RIP: 0033:0x7f38f4330b19 [ 1598.057371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1598.061251] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1598.062857] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1598.064365] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1598.065878] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1598.067379] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1598.068879] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1598.070434] CPU: 0 PID: 9217 Comm: syz-executor.5 Not tainted 5.10.255 #1 [ 1598.071890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.073638] Call Trace: [ 1598.074206] dump_stack+0x107/0x167 [ 1598.074983] should_fail.cold+0x5/0xa [ 1598.075806] ? create_object.isra.0+0x3a/0xa30 [ 1598.076775] should_failslab+0x5/0x20 [ 1598.077573] kmem_cache_alloc+0x5b/0x310 [ 1598.078459] create_object.isra.0+0x3a/0xa30 [ 1598.079398] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1598.080470] kmem_cache_alloc+0x159/0x310 [ 1598.081354] vm_area_dup+0x78/0x290 [ 1598.082122] ? perf_trace_lock+0xac/0x490 [ 1598.083019] ? mark_lock+0xf5/0x2df0 [ 1598.083821] ? lock_chain_count+0x20/0x20 [ 1598.084702] ? mark_lock+0xf5/0x2df0 [ 1598.085496] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.086603] ? lock_chain_count+0x20/0x20 [ 1598.087336] FAULT_INJECTION: forcing a failure. [ 1598.087336] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.087471] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1598.087497] ? trace_hardirqs_on+0x5b/0x180 [ 1598.091664] ? mark_lock+0xf5/0x2df0 [ 1598.092449] ? vm_area_alloc+0x110/0x110 [ 1598.093309] ? lock_chain_count+0x20/0x20 [ 1598.094211] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.095317] ? SOFTIRQ_verbose+0x10/0x10 [ 1598.096170] ? vmacache_find+0x55/0x2a0 [ 1598.097006] __split_vma+0xa8/0x4e0 [ 1598.097776] __do_munmap+0x365/0x1260 [ 1598.098603] mmap_region+0x7cc/0x1500 [ 1598.099434] ? __sanitizer_cov_trace_pc+0x4/0x60 [ 1598.100436] do_mmap+0x868/0x1370 [ 1598.101190] vm_mmap_pgoff+0x198/0x1f0 [ 1598.102026] ? randomize_page+0xb0/0xb0 [ 1598.102884] ksys_mmap_pgoff+0x41c/0x560 [ 1598.103743] ? find_mergeable_anon_vma+0x250/0x250 [ 1598.104789] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.105899] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.106999] do_syscall_64+0x33/0x40 [ 1598.107786] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.108877] RIP: 0033:0x7f606cee6b62 [ 1598.109658] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1598.113554] RSP: 002b:00007f606a45c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1598.115163] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f606cee6b62 [ 1598.116664] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1598.118173] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1598.119682] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1598.121191] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1598.122748] CPU: 1 PID: 9210 Comm: syz-executor.2 Not tainted 5.10.255 #1 [ 1598.124221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.124833] audit: type=1326 audit(1778448630.158:3571): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9209 comm="syz-executor.2" exe="/syz-executor.2" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1e91eaeb19 code=0x7ffc0000 [ 1598.125989] Call Trace: [ 1598.126020] dump_stack+0x107/0x167 [ 1598.126044] should_fail.cold+0x5/0xa [ 1598.126074] ? create_object.isra.0+0x3a/0xa30 21:30:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x14, r2, 0x82f3f172b6b59bbf, 0x0, 0x0, {0x7}}, 0x14}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x2f, 0xff, 0x0, 0x1, 0x16, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000, 0x7800, 0x7, 0x2}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0xc0, r2, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x4008c) readv(r1, &(0x7f0000000340)=[{&(0x7f0000000140)=""/91, 0x5b}, {&(0x7f00000001c0)=""/213, 0xd5}, {&(0x7f0000000080)=""/89, 0x59}], 0x3) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x7ff) [ 1598.133770] should_failslab+0x5/0x20 [ 1598.134654] kmem_cache_alloc+0x5b/0x310 [ 1598.135523] ? auditd_test_task+0x11e/0x300 [ 1598.136453] create_object.isra.0+0x3a/0xa30 [ 1598.137383] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1598.138481] kmem_cache_alloc+0x159/0x310 [ 1598.139371] audit_log_start.part.0+0x27e/0x730 [ 1598.140360] ? audit_log_task_context+0x170/0x170 [ 1598.141380] ? audit_filter+0x5d6/0xb10 [ 1598.142241] ? __bpf_prog_run64+0xe0/0xe0 [ 1598.143128] ? audit_compare_dname_path+0x120/0x120 [ 1598.144169] ------------[ cut here ]------------ [ 1598.144205] WARNING: CPU: 0 PID: 9212 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270 [ 1598.145177] ? perf_trace_lock+0xac/0x490 [ 1598.145210] audit_log_start+0x5f/0x90 [ 1598.145232] audit_seccomp+0x5d/0x200 [ 1598.145259] ? lock_downgrade+0x6d0/0x6d0 [ 1598.147143] Modules linked in: [ 1598.147971] __seccomp_filter+0x669/0x1530 [ 1598.147998] ? seccomp_notify_ioctl+0xda0/0xda0 [ 1598.148802] [ 1598.149592] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1598.149621] ? wait_for_completion_io+0x270/0x270 [ 1598.150507] CPU: 0 PID: 9212 Comm: syz-executor.0 Not tainted 5.10.255 #1 [ 1598.151151] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1598.151176] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1598.152056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.152993] ? ksys_write+0x1a9/0x260 [ 1598.153023] __secure_computing+0x191/0x2f0 [ 1598.153372] RIP: 0010:get_pat_info+0x216/0x270 [ 1598.154368] syscall_trace_enter.constprop.0+0x84/0x1e0 [ 1598.154396] do_syscall_64+0xf/0x40 [ 1598.155415] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 51 89 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 3a 89 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 15 ad 5a 00 e9 [ 1598.156804] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.156818] RIP: 0033:0x7f1e91e61a04 [ 1598.156841] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1598.157805] RSP: 0018:ffff888044987890 EFLAGS: 00010216 [ 1598.158894] RSP: 002b:00007f1e8f4240b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1598.158916] RAX: ffffffffffffffda RBX: 00007f1e91fc1f60 RCX: 00007f1e91e61a04 [ 1598.158935] RDX: 0000000000000000 RSI: 00007f1e91f07f82 RDI: 00000000ffffff9c [ 1598.168401] [ 1598.168529] RBP: 00007f1e91f07f82 R08: 0000000000000000 R09: 0000000000000000 [ 1598.168548] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1598.169682] RAX: 000000000001b467 RBX: ffff88800eebea00 RCX: ffffc9000aa54000 [ 1598.170609] R13: 00007ffecf7a831f R14: 00007f1e8f424300 R15: 0000000000022000 [ 1598.193234] RDX: 0000000000040000 RSI: ffffffff81125456 RDI: 0000000000000007 [ 1598.194787] RBP: ffff888044987948 R08: 0000000000000000 R09: ffff888044987818 [ 1598.196320] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028 [ 1598.197862] R13: 1ffff11008930f12 R14: 0000000000000000 R15: ffff88800eebea50 [ 1598.199418] FS: 00007f2d30670700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1598.201153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1598.202434] CR2: 00007fc6ee05a004 CR3: 0000000045bb6000 CR4: 0000000000350ef0 [ 1598.203794] FAULT_INJECTION: forcing a failure. [ 1598.203794] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.203974] Call Trace: [ 1598.206340] CPU: 1 PID: 9219 Comm: syz-executor.1 Not tainted 5.10.255 #1 [ 1598.206904] ? pgprot_writethrough+0xc0/0xc0 [ 1598.208302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.208309] Call Trace: [ 1598.208343] dump_stack+0x107/0x167 [ 1598.209278] ? finish_task_switch+0x126/0x5d0 [ 1598.211002] should_fail.cold+0x5/0xa [ 1598.211030] ? xas_alloc+0x336/0x440 [ 1598.211573] ? finish_task_switch+0xef/0x5d0 [ 1598.212312] should_failslab+0x5/0x20 [ 1598.212333] kmem_cache_alloc+0x5b/0x310 [ 1598.212361] xas_alloc+0x336/0x440 [ 1598.213332] untrack_pfn+0xdc/0x240 [ 1598.214094] xas_create+0x34a/0x10d0 [ 1598.214132] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.214900] ? track_pfn_insert+0x150/0x150 [ 1598.215798] xas_store+0x8c/0x1c40 [ 1598.216614] ? lock_downgrade+0x6d0/0x6d0 [ 1598.217434] __xa_store+0x164/0x2d0 [ 1598.217460] ? xa_delete_node+0x280/0x280 [ 1598.218232] ? uprobe_munmap+0x1c/0x560 [ 1598.218964] ? trace_hardirqs_on+0x5b/0x180 [ 1598.218995] xa_store+0x31/0x50 [ 1598.219756] unmap_single_vma+0x1bc/0x300 [ 1598.220831] __io_uring_add_tctx_node+0x1cf/0x520 [ 1598.220860] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1598.221806] zap_page_range_single+0x2ce/0x450 [ 1598.222494] ? alloc_fd+0x2e7/0x670 [ 1598.222531] io_uring_setup+0x1fbb/0x2980 [ 1598.223418] ? unmap_single_vma+0x300/0x300 [ 1598.224149] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1598.224173] ? wait_for_completion_io+0x270/0x270 [ 1598.225053] ? remap_pfn_range_internal+0xc56/0xf60 [ 1598.225879] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.226791] ? lookup_memtype+0x5b/0x200 [ 1598.227424] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.227451] do_syscall_64+0x33/0x40 [ 1598.228352] ? apply_to_existing_page_range+0x40/0x40 [ 1598.229301] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.229315] RIP: 0033:0x7ff29b41cb19 [ 1598.229338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1598.230477] remap_pfn_range+0x139/0x160 [ 1598.231359] RSP: 002b:00007ff298971108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1598.231381] RAX: ffffffffffffffda RBX: 00007ff29b530020 RCX: 00007ff29b41cb19 [ 1598.231398] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1598.232187] ? remap_pfn_range_notrack+0x70/0x70 [ 1598.232998] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1598.233011] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1598.233022] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1598.258941] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1598.260087] io_uring_mmap+0x398/0x530 [ 1598.260948] mmap_file+0x5e/0xe0 [ 1598.261673] mmap_region+0xc4d/0x1500 [ 1598.262562] do_mmap+0x868/0x1370 [ 1598.263345] vm_mmap_pgoff+0x198/0x1f0 [ 1598.264216] ? randomize_page+0xb0/0xb0 [ 1598.265109] ksys_mmap_pgoff+0x41c/0x560 [ 1598.266023] ? find_mergeable_anon_vma+0x250/0x250 [ 1598.267103] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.268250] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.269381] do_syscall_64+0x33/0x40 [ 1598.270228] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.271341] RIP: 0033:0x7f2d330fab62 [ 1598.272160] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1598.276096] RSP: 002b:00007f2d306700f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1598.277753] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2d330fab62 [ 1598.279316] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1598.280864] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1598.282432] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1598.283977] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1598.285545] irq event stamp: 1727 [ 1598.286337] hardirqs last enabled at (1737): [] console_unlock+0x92d/0xb40 [ 1598.288189] hardirqs last disabled at (1746): [] console_unlock+0x839/0xb40 [ 1598.290014] softirqs last enabled at (1110): [] asm_call_irq_on_stack+0x12/0x20 [ 1598.291948] softirqs last disabled at (1009): [] asm_call_irq_on_stack+0x12/0x20 [ 1598.293861] ---[ end trace 48d76eca98e6e5c0 ]--- 21:30:30 executing program 6: r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x4, 0x5, 0x40, 0x0, 0x40, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00', 0x40, 0x20, 0x10001, 0xffffffff}}) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0xa8, r0, 0x0, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x58, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}]}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @broadcast}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20000011}, 0x4804) r2 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) 21:30:30 executing program 5: syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 63) [ 1598.385755] FAULT_INJECTION: forcing a failure. [ 1598.385755] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.388309] CPU: 0 PID: 9230 Comm: syz-executor.5 Tainted: G W 5.10.255 #1 [ 1598.390055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.391804] Call Trace: [ 1598.392368] dump_stack+0x107/0x167 [ 1598.393142] should_fail.cold+0x5/0xa [ 1598.393958] ? anon_vma_clone+0xdc/0x590 [ 1598.394824] should_failslab+0x5/0x20 [ 1598.395629] kmem_cache_alloc+0x5b/0x310 [ 1598.396497] anon_vma_clone+0xdc/0x590 [ 1598.397334] __split_vma+0x17c/0x4e0 [ 1598.398132] __do_munmap+0x365/0x1260 [ 1598.398947] ? arch_get_unmapped_area+0x450/0x450 [ 1598.399977] ? lock_release+0x680/0x680 [ 1598.400828] mmap_region+0x7cc/0x1500 [ 1598.401662] do_mmap+0x868/0x1370 [ 1598.402427] vm_mmap_pgoff+0x198/0x1f0 [ 1598.403256] ? randomize_page+0xb0/0xb0 [ 1598.404125] ksys_mmap_pgoff+0x41c/0x560 [ 1598.404991] ? find_mergeable_anon_vma+0x250/0x250 [ 1598.406039] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.407149] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.408242] do_syscall_64+0x33/0x40 [ 1598.409029] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.410117] RIP: 0033:0x7f606cee6b62 [ 1598.410904] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1598.414787] RSP: 002b:00007f606a45c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1598.416388] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f606cee6b62 [ 1598.417954] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000 [ 1598.419448] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1598.420949] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1598.422461] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:30 executing program 1: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) [ 1598.453639] FAULT_INJECTION: forcing a failure. [ 1598.453639] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.456100] CPU: 0 PID: 9234 Comm: syz-executor.1 Tainted: G W 5.10.255 #1 [ 1598.457844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.459597] Call Trace: [ 1598.460156] dump_stack+0x107/0x167 [ 1598.460932] should_fail.cold+0x5/0xa [ 1598.461728] ? create_object.isra.0+0x3a/0xa30 [ 1598.462702] should_failslab+0x5/0x20 [ 1598.463507] kmem_cache_alloc+0x5b/0x310 [ 1598.464349] ? mark_held_locks+0x9e/0xe0 [ 1598.465200] create_object.isra.0+0x3a/0xa30 [ 1598.466123] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1598.467175] kmem_cache_alloc+0x159/0x310 [ 1598.468046] xas_alloc+0x336/0x440 [ 1598.468793] xas_create+0x34a/0x10d0 [ 1598.469585] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.470679] xas_store+0x8c/0x1c40 [ 1598.471441] __xa_store+0x164/0x2d0 [ 1598.472209] ? xa_delete_node+0x280/0x280 [ 1598.473089] ? trace_hardirqs_on+0x5b/0x180 [ 1598.474011] xa_store+0x31/0x50 [ 1598.474701] __io_uring_add_tctx_node+0x1cf/0x520 [ 1598.475715] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1598.476808] ? alloc_fd+0x2e7/0x670 [ 1598.477582] io_uring_setup+0x1fbb/0x2980 [ 1598.478456] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1598.479523] ? wait_for_completion_io+0x270/0x270 [ 1598.480559] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.481654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.482738] do_syscall_64+0x33/0x40 [ 1598.483509] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.484576] RIP: 0033:0x7ff29b41cb19 [ 1598.485353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1598.489174] RSP: 002b:00007ff298992108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1598.490745] RAX: ffffffffffffffda RBX: 00007ff29b52ff60 RCX: 00007ff29b41cb19 [ 1598.492224] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1598.493713] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1598.495210] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1598.496697] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 21:30:30 executing program 3: perf_event_open$cgroup(&(0x7f0000000440)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) [ 1598.589208] FAULT_INJECTION: forcing a failure. [ 1598.589208] name failslab, interval 1, probability 0, space 0, times 0 [ 1598.591827] CPU: 1 PID: 9238 Comm: syz-executor.3 Tainted: G W 5.10.255 #1 [ 1598.593561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1598.595306] Call Trace: [ 1598.595867] dump_stack+0x107/0x167 [ 1598.596649] should_fail.cold+0x5/0xa [ 1598.597456] ? create_object.isra.0+0x3a/0xa30 [ 1598.598418] should_failslab+0x5/0x20 [ 1598.599222] kmem_cache_alloc+0x5b/0x310 [ 1598.600082] ? mark_held_locks+0x9e/0xe0 [ 1598.600957] create_object.isra.0+0x3a/0xa30 [ 1598.601882] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1598.602962] kmem_cache_alloc+0x159/0x310 [ 1598.603849] xas_alloc+0x336/0x440 [ 1598.604600] xas_create+0x34a/0x10d0 [ 1598.605402] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1598.606509] xas_store+0x8c/0x1c40 [ 1598.607282] __xa_store+0x164/0x2d0 [ 1598.608057] ? xa_delete_node+0x280/0x280 [ 1598.608940] ? trace_hardirqs_on+0x5b/0x180 [ 1598.609868] xa_store+0x31/0x50 [ 1598.610568] __io_uring_add_tctx_node+0x1cf/0x520 [ 1598.611593] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1598.612690] ? alloc_fd+0x2e7/0x670 [ 1598.613480] io_uring_setup+0x1fbb/0x2980 [ 1598.614381] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1598.615453] ? wait_for_completion_io+0x270/0x270 [ 1598.616496] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1598.617598] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1598.618686] do_syscall_64+0x33/0x40 [ 1598.619462] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1598.620524] RIP: 0033:0x7f38f4330b19 [ 1598.621288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1598.625085] RSP: 002b:00007f38f18a6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1598.626657] RAX: ffffffffffffffda RBX: 00007f38f4443f60 RCX: 00007f38f4330b19 [ 1598.628123] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d04 [ 1598.629605] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 1598.631090] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1598.632563] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 VM DIAGNOSIS: 21:30:30 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822e8d2c RDI=ffffffff879fa240 RBP=ffffffff879fa200 RSP=ffff888044987250 R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000001 R12=0000000000000020 R13=fffffbfff0f3f495 R14=fffffbfff0f3f44a R15=dffffc0000000000 RIP=ffffffff822e8d80 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f2d30670700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc6ee05a004 CR3=0000000045bb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f2d331e17c000007f2d331e17c8 XMM02=00007f2d331e17e000007f2d331e17c0 XMM03=00007f2d331e17c800007f2d331e17c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000040000 RBX=0000000000000001 RCX=ffffc90000c05000 RDX=0000000000040000 RSI=ffffffff8129e1f1 RDI=0000000000000001 RBP=0000000000000000 RSP=ffff888045327810 R8 =0000000000000000 R9 =ffffffff868736a7 R10=0000000000000000 R11=0000000000000001 R12=0000000000000041 R13=0000000000000046 R14=ffff8880451c1a40 R15=0000000000000000 RIP=ffffffff8140dde5 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1e8f424700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2e422000 CR3=0000000046caa000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000