:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 746.855507] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 746.857009] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 746.858492] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 746.859998] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 746.861402] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 746.884191] FAULT_INJECTION: forcing a failure. [ 746.884191] name failslab, interval 1, probability 0, space 0, times 0 [ 746.886686] CPU: 1 PID: 6053 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 746.888090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.889817] Call Trace: [ 746.890065] FAULT_INJECTION: forcing a failure. [ 746.890065] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 746.890372] dump_stack+0x107/0x167 [ 746.890391] should_fail.cold+0x5/0xa [ 746.890407] ? create_object.isra.0+0x3a/0xa20 [ 746.890424] should_failslab+0x5/0x20 [ 746.890438] kmem_cache_alloc+0x5b/0x310 [ 746.890462] create_object.isra.0+0x3a/0xa20 [ 746.898337] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 746.899409] kmem_cache_alloc_trace+0x151/0x320 [ 746.900374] io_uring_setup+0x258/0x2980 [ 746.901345] ? __mutex_unlock_slowpath+0xe1/0x600 [ 746.902334] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 746.903394] ? wait_for_completion_io+0x270/0x270 [ 746.904404] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.905483] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.906554] do_syscall_64+0x33/0x40 [ 746.907344] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.908174] RIP: 0033:0x7f6039043b19 [ 746.908765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 746.911990] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 746.913327] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 746.914576] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 746.915883] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 746.917226] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 746.918478] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 746.919828] CPU: 0 PID: 6052 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 746.921643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.923868] Call Trace: [ 746.924578] dump_stack+0x107/0x167 [ 746.925571] should_fail.cold+0x5/0xa [ 746.926608] __alloc_pages_nodemask+0x182/0x600 [ 746.927891] ? lock_release+0x680/0x680 [ 746.928982] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 746.930643] ? lock_downgrade+0x6d0/0x6d0 [ 746.931791] alloc_pages_current+0x187/0x280 [ 746.932983] kmalloc_order+0x35/0x160 [ 746.934028] kmalloc_order_trace+0x14/0xa0 [ 746.935184] io_uring_setup+0x33c/0x2980 [ 746.936296] ? __mutex_unlock_slowpath+0xe1/0x600 [ 746.937604] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 746.938985] ? wait_for_completion_io+0x270/0x270 [ 746.940332] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.941750] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.943169] do_syscall_64+0x33/0x40 [ 746.944165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.945529] RIP: 0033:0x7fa304026b19 [ 746.946502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 746.951335] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 746.953396] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 746.955310] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 746.957237] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 746.959175] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 746.961106] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 746.979722] FAULT_INJECTION: forcing a failure. [ 746.979722] name failslab, interval 1, probability 0, space 0, times 0 [ 746.982875] CPU: 0 PID: 6056 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 746.984721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.986965] Call Trace: [ 746.987690] dump_stack+0x107/0x167 [ 746.988687] should_fail.cold+0x5/0xa [ 746.989729] ? io_uring_setup+0x258/0x2980 [ 746.990902] should_failslab+0x5/0x20 [ 746.991941] kmem_cache_alloc_trace+0x55/0x320 [ 746.993191] io_uring_setup+0x258/0x2980 [ 746.994305] ? __mutex_unlock_slowpath+0xe1/0x600 [ 746.995635] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 746.997008] ? wait_for_completion_io+0x270/0x270 [ 746.998335] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.999743] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.001171] do_syscall_64+0x33/0x40 [ 747.002192] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.003598] RIP: 0033:0x7fe43d50db19 [ 747.004607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.009474] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 747.011391] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 747.013163] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 747.014970] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 747.016783] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 747.018909] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:29:46 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 5) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 747.136558] FAULT_INJECTION: forcing a failure. [ 747.136558] name failslab, interval 1, probability 0, space 0, times 0 [ 747.139954] CPU: 0 PID: 6058 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 747.141818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.144068] Call Trace: [ 747.144794] dump_stack+0x107/0x167 [ 747.145792] should_fail.cold+0x5/0xa [ 747.146852] ? create_object.isra.0+0x3a/0xa20 [ 747.148096] should_failslab+0x5/0x20 [ 747.149132] kmem_cache_alloc+0x5b/0x310 [ 747.150250] create_object.isra.0+0x3a/0xa20 [ 747.151452] ? kasan_unpoison_shadow+0x33/0x50 [ 747.152702] kmalloc_order+0xfe/0x160 [ 747.153861] kmalloc_order_trace+0x14/0xa0 [ 747.155042] io_uring_setup+0x33c/0x2980 [ 747.156170] ? __mutex_unlock_slowpath+0xe1/0x600 [ 747.157482] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 747.158868] ? wait_for_completion_io+0x270/0x270 [ 747.160212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.161637] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.163061] do_syscall_64+0x33/0x40 [ 747.164077] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.165476] RIP: 0033:0x7fa2b71a6b19 [ 747.166486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.171471] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 747.173537] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 747.175472] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 747.177381] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 747.179309] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 747.181226] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:05 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 6) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:05 executing program 0: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:30:05 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 766.170160] FAULT_INJECTION: forcing a failure. [ 766.170160] name failslab, interval 1, probability 0, space 0, times 0 [ 766.172747] CPU: 0 PID: 6068 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 766.174291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.176180] Call Trace: [ 766.176779] dump_stack+0x107/0x167 [ 766.177609] should_fail.cold+0x5/0xa [ 766.178472] ? io_uring_setup+0x40b/0x2980 [ 766.179441] should_failslab+0x5/0x20 [ 766.180266] kmem_cache_alloc_trace+0x55/0x320 [ 766.181296] io_uring_setup+0x40b/0x2980 [ 766.182226] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.183338] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.184492] ? wait_for_completion_io+0x270/0x270 [ 766.185612] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.186805] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.187989] do_syscall_64+0x33/0x40 [ 766.188837] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.190004] RIP: 0033:0x7fa2b71a6b19 [ 766.190850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.195018] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.196777] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 766.198417] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.200067] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.201696] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.203338] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 766.232623] FAULT_INJECTION: forcing a failure. [ 766.232623] name failslab, interval 1, probability 0, space 0, times 0 [ 766.234417] CPU: 1 PID: 6072 Comm: syz-executor.7 Not tainted 5.10.233 #1 21:30:05 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:05 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 5) 21:30:05 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:05 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 3) 21:30:05 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 4) [ 766.235749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.237144] Call Trace: [ 766.237548] dump_stack+0x107/0x167 [ 766.238109] should_fail.cold+0x5/0xa [ 766.238690] ? create_object.isra.0+0x3a/0xa20 [ 766.239396] should_failslab+0x5/0x20 [ 766.239983] kmem_cache_alloc+0x5b/0x310 [ 766.240615] create_object.isra.0+0x3a/0xa20 [ 766.241283] ? kasan_unpoison_shadow+0x33/0x50 [ 766.241978] kmalloc_order+0xfe/0x160 [ 766.242560] kmalloc_order_trace+0x14/0xa0 [ 766.243206] io_uring_setup+0x33c/0x2980 [ 766.243847] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.244583] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.245353] ? wait_for_completion_io+0x270/0x270 [ 766.245450] FAULT_INJECTION: forcing a failure. [ 766.245450] name failslab, interval 1, probability 0, space 0, times 0 [ 766.246099] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.249407] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.250193] do_syscall_64+0x33/0x40 [ 766.250760] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.251546] RIP: 0033:0x7fa304026b19 [ 766.252108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.254904] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.256056] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 766.257128] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.258205] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.259278] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.260365] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 766.261462] CPU: 0 PID: 6078 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 766.263017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.264913] Call Trace: [ 766.265506] dump_stack+0x107/0x167 [ 766.266331] should_fail.cold+0x5/0xa [ 766.267248] ? create_object.isra.0+0x3a/0xa20 [ 766.268462] should_failslab+0x5/0x20 [ 766.269325] kmem_cache_alloc+0x5b/0x310 [ 766.270250] create_object.isra.0+0x3a/0xa20 [ 766.271236] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 766.271261] kmem_cache_alloc_trace+0x151/0x320 [ 766.271285] io_uring_setup+0x258/0x2980 [ 766.273986] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.275258] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.276692] ? wait_for_completion_io+0x270/0x270 [ 766.278080] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.279498] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.280688] do_syscall_64+0x33/0x40 [ 766.281542] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.282715] RIP: 0033:0x7fe43d50db19 [ 766.283699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.287848] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.289553] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 766.291139] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.292700] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.294270] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.295851] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 766.298437] FAULT_INJECTION: forcing a failure. [ 766.298437] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 766.300204] CPU: 1 PID: 6076 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 766.301211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.302437] Call Trace: [ 766.302823] dump_stack+0x107/0x167 [ 766.303368] should_fail.cold+0x5/0xa [ 766.303932] __alloc_pages_nodemask+0x182/0x600 [ 766.304618] ? lock_release+0x680/0x680 [ 766.305203] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 766.306094] ? lock_downgrade+0x6d0/0x6d0 [ 766.306713] alloc_pages_current+0x187/0x280 [ 766.307371] kmalloc_order+0x35/0x160 [ 766.307933] kmalloc_order_trace+0x14/0xa0 [ 766.308555] io_uring_setup+0x33c/0x2980 [ 766.309153] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.309861] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.310606] ? wait_for_completion_io+0x270/0x270 [ 766.311333] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.312103] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.312862] do_syscall_64+0x33/0x40 [ 766.313408] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.314161] RIP: 0033:0x7f6039043b19 [ 766.314705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.317416] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.318531] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 766.319576] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.320600] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.321626] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.322645] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:05 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 6) [ 766.395794] FAULT_INJECTION: forcing a failure. [ 766.395794] name failslab, interval 1, probability 0, space 0, times 0 [ 766.397362] CPU: 1 PID: 6085 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 766.398268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.399498] Call Trace: [ 766.399937] dump_stack+0x107/0x167 [ 766.400516] should_fail.cold+0x5/0xa [ 766.401144] ? io_uring_setup+0x40b/0x2980 [ 766.401824] should_failslab+0x5/0x20 [ 766.402430] kmem_cache_alloc_trace+0x55/0x320 [ 766.403176] io_uring_setup+0x40b/0x2980 [ 766.403846] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.404608] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.405392] ? wait_for_completion_io+0x270/0x270 [ 766.406144] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.406958] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.407771] do_syscall_64+0x33/0x40 [ 766.408344] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.409130] RIP: 0033:0x7fa304026b19 [ 766.409700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.412525] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.413701] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 766.414804] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.415921] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.416879] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.417834] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:05 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:05 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 7) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:05 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 4) [ 766.499154] FAULT_INJECTION: forcing a failure. [ 766.499154] name failslab, interval 1, probability 0, space 0, times 0 [ 766.501793] CPU: 0 PID: 6091 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 766.503291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.505116] Call Trace: [ 766.505699] dump_stack+0x107/0x167 [ 766.506499] should_fail.cold+0x5/0xa [ 766.507357] ? create_object.isra.0+0x3a/0xa20 [ 766.508385] should_failslab+0x5/0x20 [ 766.509236] kmem_cache_alloc+0x5b/0x310 [ 766.510150] create_object.isra.0+0x3a/0xa20 [ 766.510253] FAULT_INJECTION: forcing a failure. [ 766.510253] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 766.511108] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 766.511138] kmem_cache_alloc_trace+0x151/0x320 [ 766.514788] io_uring_setup+0x40b/0x2980 [ 766.515704] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.516804] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.517928] ? wait_for_completion_io+0x270/0x270 [ 766.519057] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.520264] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.521413] do_syscall_64+0x33/0x40 [ 766.522262] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.523407] RIP: 0033:0x7fa2b71a6b19 [ 766.524246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.528407] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.530083] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 766.531671] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.533239] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.534808] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.536414] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 766.538007] CPU: 1 PID: 6093 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 766.538882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 766.539928] Call Trace: [ 766.540257] dump_stack+0x107/0x167 [ 766.540713] should_fail.cold+0x5/0xa [ 766.541219] __alloc_pages_nodemask+0x182/0x600 [ 766.541794] ? lock_release+0x680/0x680 [ 766.542305] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 766.543052] ? lock_downgrade+0x6d0/0x6d0 [ 766.543613] alloc_pages_current+0x187/0x280 [ 766.544165] kmalloc_order+0x35/0x160 [ 766.544655] kmalloc_order_trace+0x14/0xa0 [ 766.545193] io_uring_setup+0x33c/0x2980 [ 766.545710] ? __mutex_unlock_slowpath+0xe1/0x600 [ 766.546323] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 766.546966] ? wait_for_completion_io+0x270/0x270 [ 766.547611] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 766.548279] ? syscall_enter_from_user_mode+0x1d/0x50 [ 766.548940] do_syscall_64+0x33/0x40 [ 766.549418] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 766.550084] RIP: 0033:0x7fe43d50db19 [ 766.550554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 766.552931] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 766.553894] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 766.554803] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 766.555719] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 766.556601] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 766.557485] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:21 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 5) 21:30:21 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:21 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:21 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:30:21 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 7) 21:30:21 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 5) 21:30:21 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:21 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 8) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 782.718325] FAULT_INJECTION: forcing a failure. [ 782.718325] name failslab, interval 1, probability 0, space 0, times 0 [ 782.720730] CPU: 1 PID: 6116 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 782.722132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 782.723827] Call Trace: [ 782.724389] dump_stack+0x107/0x167 [ 782.725138] should_fail.cold+0x5/0xa [ 782.725916] ? io_uring_setup+0x40b/0x2980 [ 782.726789] should_failslab+0x5/0x20 [ 782.727574] kmem_cache_alloc_trace+0x55/0x320 [ 782.728522] io_uring_setup+0x40b/0x2980 [ 782.729354] ? __mutex_unlock_slowpath+0xe1/0x600 [ 782.730346] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 782.731382] ? wait_for_completion_io+0x270/0x270 [ 782.732398] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 782.733486] ? syscall_enter_from_user_mode+0x1d/0x50 [ 782.734544] do_syscall_64+0x33/0x40 [ 782.735309] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 782.736373] RIP: 0033:0x7fa304026b19 [ 782.737138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.740899] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 782.742459] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 782.743928] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 782.745394] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 782.746873] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 782.748345] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 782.750944] FAULT_INJECTION: forcing a failure. [ 782.750944] name failslab, interval 1, probability 0, space 0, times 0 [ 782.751114] FAULT_INJECTION: forcing a failure. [ 782.751114] name failslab, interval 1, probability 0, space 0, times 0 [ 782.753273] CPU: 1 PID: 6111 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 782.753283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 782.753289] Call Trace: [ 782.753308] dump_stack+0x107/0x167 [ 782.753328] should_fail.cold+0x5/0xa [ 782.753348] ? create_object.isra.0+0x3a/0xa20 [ 782.753373] should_failslab+0x5/0x20 [ 782.762042] kmem_cache_alloc+0x5b/0x310 [ 782.762886] create_object.isra.0+0x3a/0xa20 [ 782.763783] ? kasan_unpoison_shadow+0x33/0x50 [ 782.764721] kmalloc_order+0xfe/0x160 [ 782.765506] kmalloc_order_trace+0x14/0xa0 [ 782.766367] io_uring_setup+0x33c/0x2980 [ 782.767201] ? __mutex_unlock_slowpath+0xe1/0x600 [ 782.768200] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 782.769241] ? wait_for_completion_io+0x270/0x270 [ 782.770244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 782.771322] ? syscall_enter_from_user_mode+0x1d/0x50 [ 782.772385] do_syscall_64+0x33/0x40 [ 782.773159] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 782.774205] RIP: 0033:0x7fe43d50db19 [ 782.774968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.778736] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 782.780284] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 782.781750] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 782.783193] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 782.784663] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 782.786106] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 782.787579] CPU: 0 PID: 6114 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 782.788804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 782.790221] Call Trace: [ 782.790678] dump_stack+0x107/0x167 [ 782.791302] should_fail.cold+0x5/0xa [ 782.791951] ? create_object.isra.0+0x3a/0xa20 [ 782.792735] should_failslab+0x5/0x20 [ 782.793389] kmem_cache_alloc+0x5b/0x310 [ 782.794083] create_object.isra.0+0x3a/0xa20 [ 782.794827] kmemleak_alloc_percpu+0xa0/0x100 [ 782.795591] pcpu_alloc+0x4e2/0x1240 [ 782.796256] ? io_tctx_exit_cb+0xf0/0xf0 [ 782.796941] percpu_ref_init+0x31/0x3d0 [ 782.797663] io_uring_setup+0x47a/0x2980 [ 782.798439] ? __mutex_unlock_slowpath+0xe1/0x600 [ 782.799254] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 782.800136] ? wait_for_completion_io+0x270/0x270 [ 782.800971] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 782.801862] ? syscall_enter_from_user_mode+0x1d/0x50 [ 782.802737] do_syscall_64+0x33/0x40 [ 782.803383] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 782.804266] RIP: 0033:0x7fa2b71a6b19 [ 782.804888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.808032] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 782.809329] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 782.810547] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 782.811771] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 782.813007] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 782.814228] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:21 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 782.880845] FAULT_INJECTION: forcing a failure. [ 782.880845] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 782.882902] CPU: 0 PID: 6124 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 782.884075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 782.885465] Call Trace: [ 782.885906] dump_stack+0x107/0x167 [ 782.886520] should_fail.cold+0x5/0xa [ 782.887182] __alloc_pages_nodemask+0x182/0x600 [ 782.887970] ? lock_release+0x680/0x680 [ 782.888662] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 782.889673] ? lock_downgrade+0x6d0/0x6d0 [ 782.890374] alloc_pages_current+0x187/0x280 [ 782.891114] kmalloc_order+0x35/0x160 [ 782.891752] kmalloc_order_trace+0x14/0xa0 [ 782.892483] io_uring_setup+0x33c/0x2980 [ 782.893169] ? __mutex_unlock_slowpath+0xe1/0x600 [ 782.893963] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 782.894814] ? wait_for_completion_io+0x270/0x270 [ 782.895636] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 782.896520] ? syscall_enter_from_user_mode+0x1d/0x50 [ 782.897393] do_syscall_64+0x33/0x40 [ 782.898019] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 782.898869] RIP: 0033:0x7f6039043b19 [ 782.899498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.902578] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 782.903843] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 782.905054] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 782.906236] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 782.907432] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 782.908630] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:21 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 8) [ 782.944467] FAULT_INJECTION: forcing a failure. [ 782.944467] name failslab, interval 1, probability 0, space 0, times 0 [ 782.946760] CPU: 1 PID: 6127 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 782.948097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 782.949717] Call Trace: [ 782.950234] dump_stack+0x107/0x167 [ 782.950940] should_fail.cold+0x5/0xa [ 782.951689] ? create_object.isra.0+0x3a/0xa20 [ 782.952581] should_failslab+0x5/0x20 [ 782.953320] kmem_cache_alloc+0x5b/0x310 [ 782.954112] create_object.isra.0+0x3a/0xa20 [ 782.954976] kmemleak_alloc_percpu+0xa0/0x100 [ 782.955837] pcpu_alloc+0x4e2/0x1240 [ 782.956568] ? io_tctx_exit_cb+0xf0/0xf0 [ 782.957345] percpu_ref_init+0x31/0x3d0 [ 782.958111] io_uring_setup+0x47a/0x2980 [ 782.958897] ? __mutex_unlock_slowpath+0xe1/0x600 [ 782.959828] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 782.960804] ? wait_for_completion_io+0x270/0x270 [ 782.961754] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 782.962757] ? syscall_enter_from_user_mode+0x1d/0x50 [ 782.963745] do_syscall_64+0x33/0x40 [ 782.964469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 782.965460] RIP: 0033:0x7fa304026b19 [ 782.966178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.969770] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 782.971251] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 782.972647] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 782.974036] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 782.975422] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 782.976811] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:21 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 6) 21:30:21 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 6) [ 783.049063] FAULT_INJECTION: forcing a failure. [ 783.049063] name failslab, interval 1, probability 0, space 0, times 0 21:30:22 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 9) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:22 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 783.051308] CPU: 1 PID: 6129 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 783.052721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 783.054186] Call Trace: [ 783.054658] dump_stack+0x107/0x167 [ 783.055305] should_fail.cold+0x5/0xa [ 783.055998] ? io_uring_setup+0x40b/0x2980 [ 783.056749] should_failslab+0x5/0x20 [ 783.057423] kmem_cache_alloc_trace+0x55/0x320 [ 783.058220] io_uring_setup+0x40b/0x2980 21:30:22 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 783.058931] ? __mutex_unlock_slowpath+0xe1/0x600 [ 783.059983] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 783.060913] ? wait_for_completion_io+0x270/0x270 [ 783.061816] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 783.062781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 783.063729] do_syscall_64+0x33/0x40 [ 783.064417] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 783.065357] RIP: 0033:0x7fe43d50db19 [ 783.066041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 783.069434] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 783.070840] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 783.072169] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 783.073485] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 783.074807] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 783.076128] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 783.078967] FAULT_INJECTION: forcing a failure. [ 783.078967] name failslab, interval 1, probability 0, space 0, times 0 [ 783.081082] CPU: 1 PID: 6131 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 783.082324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 783.083832] Call Trace: [ 783.084318] dump_stack+0x107/0x167 [ 783.084986] should_fail.cold+0x5/0xa [ 783.085681] ? io_uring_setup+0x40b/0x2980 [ 783.086454] should_failslab+0x5/0x20 [ 783.087148] kmem_cache_alloc_trace+0x55/0x320 [ 783.088000] io_uring_setup+0x40b/0x2980 [ 783.088742] ? __mutex_unlock_slowpath+0xe1/0x600 [ 783.089624] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 783.090551] ? wait_for_completion_io+0x270/0x270 [ 783.091445] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 783.092406] ? syscall_enter_from_user_mode+0x1d/0x50 [ 783.093343] do_syscall_64+0x33/0x40 [ 783.094017] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 783.094941] RIP: 0033:0x7f6039043b19 [ 783.095609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 783.098943] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 783.100322] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 783.101614] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 783.101887] FAULT_INJECTION: forcing a failure. [ 783.101887] name failslab, interval 1, probability 0, space 0, times 0 [ 783.102899] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 783.102908] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 783.102917] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 783.107794] CPU: 0 PID: 6137 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 783.108765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 783.109939] Call Trace: [ 783.110328] dump_stack+0x107/0x167 [ 783.110840] should_fail.cold+0x5/0xa [ 783.111390] ? create_object.isra.0+0x3a/0xa20 [ 783.112048] should_failslab+0x5/0x20 [ 783.112589] kmem_cache_alloc+0x5b/0x310 [ 783.113168] create_object.isra.0+0x3a/0xa20 [ 783.113784] kmemleak_alloc_percpu+0xa0/0x100 [ 783.114426] pcpu_alloc+0x4e2/0x1240 [ 783.114955] ? io_tctx_exit_cb+0xf0/0xf0 [ 783.115537] percpu_ref_init+0x31/0x3d0 [ 783.116109] io_uring_setup+0x47a/0x2980 [ 783.116682] ? __mutex_unlock_slowpath+0xe1/0x600 [ 783.117363] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 783.118059] ? wait_for_completion_io+0x270/0x270 [ 783.118751] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 783.119501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 783.120238] do_syscall_64+0x33/0x40 [ 783.120754] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 783.121480] RIP: 0033:0x7fa2b71a6b19 [ 783.122013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 783.124622] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 783.125693] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 783.126695] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 783.127697] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 783.128705] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 783.129698] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:22 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 9) [ 783.184324] FAULT_INJECTION: forcing a failure. [ 783.184324] name failslab, interval 1, probability 0, space 0, times 0 [ 783.186290] CPU: 1 PID: 6139 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 783.187449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 783.188868] Call Trace: [ 783.189300] dump_stack+0x107/0x167 [ 783.189921] should_fail.cold+0x5/0xa [ 783.190571] ? create_object.isra.0+0x3a/0xa20 [ 783.191348] should_failslab+0x5/0x20 [ 783.192005] kmem_cache_alloc+0x5b/0x310 [ 783.192693] create_object.isra.0+0x3a/0xa20 [ 783.193444] kmemleak_alloc_percpu+0xa0/0x100 [ 783.194205] pcpu_alloc+0x4e2/0x1240 [ 783.194839] ? io_tctx_exit_cb+0xf0/0xf0 [ 783.195529] percpu_ref_init+0x31/0x3d0 [ 783.196210] io_uring_setup+0x47a/0x2980 [ 783.196894] ? __mutex_unlock_slowpath+0xe1/0x600 [ 783.197706] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 783.198558] ? wait_for_completion_io+0x270/0x270 [ 783.199391] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 783.200281] ? syscall_enter_from_user_mode+0x1d/0x50 [ 783.201148] do_syscall_64+0x33/0x40 [ 783.201773] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 783.202637] RIP: 0033:0x7fa304026b19 [ 783.203263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 783.206382] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 783.207661] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 783.208861] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 783.210057] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 783.211250] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 783.212450] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:36 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 7) [ 797.933195] FAULT_INJECTION: forcing a failure. [ 797.933195] name failslab, interval 1, probability 0, space 0, times 0 [ 797.936260] CPU: 1 PID: 6152 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 797.937833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 797.939744] Call Trace: [ 797.940351] dump_stack+0x107/0x167 [ 797.941203] should_fail.cold+0x5/0xa [ 797.942086] ? percpu_ref_init+0xd8/0x3d0 [ 797.943043] should_failslab+0x5/0x20 [ 797.943919] kmem_cache_alloc_trace+0x55/0x320 [ 797.944987] ? io_tctx_exit_cb+0xf0/0xf0 [ 797.946208] percpu_ref_init+0xd8/0x3d0 [ 797.947130] io_uring_setup+0x47a/0x2980 [ 797.948068] ? __mutex_unlock_slowpath+0xe1/0x600 [ 797.949184] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 797.950344] ? wait_for_completion_io+0x270/0x270 [ 797.951471] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 797.952680] ? syscall_enter_from_user_mode+0x1d/0x50 [ 797.953860] do_syscall_64+0x33/0x40 21:30:36 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:36 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:36 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 7) 21:30:36 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:30:36 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:36 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:36 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 10) [ 797.954886] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 797.956253] RIP: 0033:0x7fa2b71a6b19 [ 797.957138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 797.961940] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 797.963730] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 797.965387] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 797.967023] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 797.968675] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 797.970345] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 797.993419] FAULT_INJECTION: forcing a failure. [ 797.993419] name failslab, interval 1, probability 0, space 0, times 0 [ 797.996108] CPU: 0 PID: 6163 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 797.997733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 797.999681] Call Trace: [ 798.000323] dump_stack+0x107/0x167 [ 798.001199] should_fail.cold+0x5/0xa [ 798.002100] ? create_object.isra.0+0x3a/0xa20 [ 798.003185] should_failslab+0x5/0x20 [ 798.004073] kmem_cache_alloc+0x5b/0x310 [ 798.005178] create_object.isra.0+0x3a/0xa20 [ 798.006214] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 798.007385] kmem_cache_alloc_trace+0x151/0x320 [ 798.008506] io_uring_setup+0x40b/0x2980 [ 798.009487] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.010621] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.011812] ? wait_for_completion_io+0x270/0x270 [ 798.013062] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.014300] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.015511] do_syscall_64+0x33/0x40 [ 798.016399] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.017609] RIP: 0033:0x7fe43d50db19 [ 798.018553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.023429] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.025285] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 798.026950] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.028661] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.030338] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.032021] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 798.032041] FAULT_INJECTION: forcing a failure. [ 798.032041] name failslab, interval 1, probability 0, space 0, times 0 [ 798.036183] CPU: 1 PID: 6165 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 798.037864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.039821] Call Trace: [ 798.040448] dump_stack+0x107/0x167 [ 798.041291] should_fail.cold+0x5/0xa [ 798.042171] ? percpu_ref_init+0xd8/0x3d0 [ 798.043130] should_failslab+0x5/0x20 [ 798.044008] kmem_cache_alloc_trace+0x55/0x320 [ 798.045075] ? io_tctx_exit_cb+0xf0/0xf0 [ 798.046007] percpu_ref_init+0xd8/0x3d0 [ 798.046931] io_uring_setup+0x47a/0x2980 [ 798.047874] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.048996] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.050162] ? wait_for_completion_io+0x270/0x270 [ 798.051296] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.052512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.053701] do_syscall_64+0x33/0x40 [ 798.053721] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.053734] RIP: 0033:0x7fa304026b19 [ 798.053764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.060896] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.062654] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 798.064296] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.065949] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.067596] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.069245] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 798.072508] FAULT_INJECTION: forcing a failure. [ 798.072508] name failslab, interval 1, probability 0, space 0, times 0 [ 798.075086] CPU: 1 PID: 6159 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 798.076672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.078577] Call Trace: [ 798.079181] dump_stack+0x107/0x167 [ 798.080018] should_fail.cold+0x5/0xa [ 798.080911] ? create_object.isra.0+0x3a/0xa20 [ 798.081969] should_failslab+0x5/0x20 [ 798.082845] kmem_cache_alloc+0x5b/0x310 [ 798.083784] create_object.isra.0+0x3a/0xa20 [ 798.084803] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 798.085979] kmem_cache_alloc_trace+0x151/0x320 [ 798.087056] io_uring_setup+0x40b/0x2980 [ 798.087998] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.089140] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.090540] ? wait_for_completion_io+0x270/0x270 [ 798.091884] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.093320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.094740] do_syscall_64+0x33/0x40 [ 798.095712] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.096907] RIP: 0033:0x7f6039043b19 [ 798.097760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.101999] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.103744] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 798.105397] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.107035] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.108685] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.110327] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:37 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:37 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:30:37 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 11) 21:30:37 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 11) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:37 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 8) [ 798.343540] FAULT_INJECTION: forcing a failure. [ 798.343540] name failslab, interval 1, probability 0, space 0, times 0 [ 798.345919] CPU: 1 PID: 6178 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 798.346401] FAULT_INJECTION: forcing a failure. [ 798.346401] name failslab, interval 1, probability 0, space 0, times 0 [ 798.347313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.347319] Call Trace: [ 798.347343] dump_stack+0x107/0x167 [ 798.347362] should_fail.cold+0x5/0xa [ 798.347393] ? create_object.isra.0+0x3a/0xa20 [ 798.354509] should_failslab+0x5/0x20 [ 798.355284] kmem_cache_alloc+0x5b/0x310 [ 798.356115] create_object.isra.0+0x3a/0xa20 [ 798.357049] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 798.358109] kmem_cache_alloc_trace+0x151/0x320 [ 798.359083] ? io_tctx_exit_cb+0xf0/0xf0 [ 798.359909] percpu_ref_init+0xd8/0x3d0 [ 798.360728] io_uring_setup+0x47a/0x2980 [ 798.361560] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.362542] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.363573] ? wait_for_completion_io+0x270/0x270 [ 798.364578] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.365645] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.366700] do_syscall_64+0x33/0x40 [ 798.367458] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.368510] RIP: 0033:0x7fa304026b19 [ 798.369259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.373024] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.374569] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 798.376024] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.377493] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.378939] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.380395] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 798.381900] CPU: 0 PID: 6179 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 798.383672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.385533] Call Trace: [ 798.386125] dump_stack+0x107/0x167 [ 798.386925] should_fail.cold+0x5/0xa [ 798.387769] ? create_object.isra.0+0x3a/0xa20 [ 798.388804] should_failslab+0x5/0x20 [ 798.389644] kmem_cache_alloc+0x5b/0x310 [ 798.390545] create_object.isra.0+0x3a/0xa20 [ 798.391513] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 798.392659] kmem_cache_alloc_trace+0x151/0x320 [ 798.393691] ? io_tctx_exit_cb+0xf0/0xf0 [ 798.394592] percpu_ref_init+0xd8/0x3d0 [ 798.395477] io_uring_setup+0x47a/0x2980 [ 798.396392] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.397534] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.398809] ? wait_for_completion_io+0x270/0x270 [ 798.399911] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.401114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.402262] do_syscall_64+0x33/0x40 [ 798.403081] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.404211] RIP: 0033:0x7fa2b71a6b19 [ 798.405029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.409113] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.410797] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 798.412366] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.414120] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.415770] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.417449] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:37 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:37 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 8) [ 798.454459] FAULT_INJECTION: forcing a failure. [ 798.454459] name failslab, interval 1, probability 0, space 0, times 0 [ 798.456806] CPU: 1 PID: 6182 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 798.458187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.459877] Call Trace: [ 798.460417] dump_stack+0x107/0x167 [ 798.461170] should_fail.cold+0x5/0xa [ 798.461947] ? create_object.isra.0+0x3a/0xa20 [ 798.462883] should_failslab+0x5/0x20 [ 798.463707] kmem_cache_alloc+0x5b/0x310 [ 798.464561] create_object.isra.0+0x3a/0xa20 [ 798.465486] kmemleak_alloc_percpu+0xa0/0x100 [ 798.466391] pcpu_alloc+0x4e2/0x1240 [ 798.467157] ? io_tctx_exit_cb+0xf0/0xf0 [ 798.467975] percpu_ref_init+0x31/0x3d0 [ 798.468742] io_uring_setup+0x47a/0x2980 [ 798.469569] ? __mutex_unlock_slowpath+0xe1/0x600 [ 798.470551] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.471583] ? wait_for_completion_io+0x270/0x270 [ 798.472587] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.473653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.474703] do_syscall_64+0x33/0x40 [ 798.475457] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.476502] RIP: 0033:0x7f6039043b19 [ 798.477253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.481024] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.482611] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 798.484062] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.485539] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.486985] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.488525] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:37 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 798.542889] FAULT_INJECTION: forcing a failure. [ 798.542889] name failslab, interval 1, probability 0, space 0, times 0 [ 798.545423] CPU: 1 PID: 6185 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 798.546842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 798.548482] Call Trace: [ 798.549015] dump_stack+0x107/0x167 [ 798.549745] should_fail.cold+0x5/0xa [ 798.550438] ? create_object.isra.0+0x3a/0xa20 [ 798.551221] should_failslab+0x5/0x20 [ 798.551886] kmem_cache_alloc+0x5b/0x310 [ 798.552602] create_object.isra.0+0x3a/0xa20 [ 798.553363] kmemleak_alloc_percpu+0xa0/0x100 [ 798.554140] pcpu_alloc+0x4e2/0x1240 [ 798.554797] ? io_tctx_exit_cb+0xf0/0xf0 [ 798.555492] percpu_ref_init+0x31/0x3d0 [ 798.556184] io_uring_setup+0x47a/0x2980 [ 798.556919] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 798.557694] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 798.558570] ? tick_program_event+0xa8/0x140 [ 798.559336] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 798.560241] ? syscall_enter_from_user_mode+0x1d/0x50 [ 798.561135] do_syscall_64+0x33/0x40 [ 798.561771] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 798.562638] RIP: 0033:0x7fe43d50db19 [ 798.563278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 798.566453] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 798.567749] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 798.568973] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 798.570185] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 798.571434] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 798.572646] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.060884] FAULT_INJECTION: forcing a failure. [ 814.060884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.063919] CPU: 0 PID: 6198 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 814.065455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.067297] Call Trace: [ 814.067883] dump_stack+0x107/0x167 [ 814.068694] should_fail.cold+0x5/0xa [ 814.069556] __alloc_pages_nodemask+0x182/0x600 [ 814.070589] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 814.071935] ? cap_capable+0x1cd/0x230 [ 814.072805] alloc_pages_current+0x187/0x280 [ 814.073803] __get_free_pages+0xc/0xa0 [ 814.074670] io_uring_setup+0xe27/0x2980 [ 814.075587] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.076711] ? wait_for_completion_io+0x270/0x270 [ 814.077822] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.078982] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.080129] do_syscall_64+0x33/0x40 [ 814.080955] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.082097] RIP: 0033:0x7fa2b71a6b19 [ 814.082921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.087015] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.088703] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 814.090300] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.091878] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.093470] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.095051] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 9) 21:30:53 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 12) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:53 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:53 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:53 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 9) 21:30:53 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 814.110945] FAULT_INJECTION: forcing a failure. [ 814.110945] name failslab, interval 1, probability 0, space 0, times 0 [ 814.113499] CPU: 0 PID: 6205 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 814.115027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.116898] Call Trace: [ 814.117504] dump_stack+0x107/0x167 [ 814.118323] should_fail.cold+0x5/0xa [ 814.119183] ? create_object.isra.0+0x3a/0xa20 [ 814.120210] should_failslab+0x5/0x20 [ 814.121075] kmem_cache_alloc+0x5b/0x310 [ 814.121998] create_object.isra.0+0x3a/0xa20 [ 814.122992] kmemleak_alloc_percpu+0xa0/0x100 [ 814.124004] pcpu_alloc+0x4e2/0x1240 [ 814.124847] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.125765] percpu_ref_init+0x31/0x3d0 [ 814.126657] io_uring_setup+0x47a/0x2980 [ 814.127564] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.128636] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.129780] ? wait_for_completion_io+0x270/0x270 [ 814.130873] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.132047] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.133214] do_syscall_64+0x33/0x40 [ 814.134042] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.135191] RIP: 0033:0x7f6039043b19 [ 814.136019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.140141] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.141850] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 814.143447] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.145047] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.146636] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.148232] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.153932] FAULT_INJECTION: forcing a failure. [ 814.153932] name failslab, interval 1, probability 0, space 0, times 0 [ 814.156308] CPU: 1 PID: 6207 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 814.157664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.159290] Call Trace: [ 814.159813] dump_stack+0x107/0x167 [ 814.160529] should_fail.cold+0x5/0xa [ 814.161290] ? create_object.isra.0+0x3a/0xa20 [ 814.162187] should_failslab+0x5/0x20 [ 814.162933] kmem_cache_alloc+0x5b/0x310 [ 814.163734] create_object.isra.0+0x3a/0xa20 [ 814.164601] kmemleak_alloc_percpu+0xa0/0x100 [ 814.165499] pcpu_alloc+0x4e2/0x1240 [ 814.166250] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.167045] percpu_ref_init+0x31/0x3d0 [ 814.167831] io_uring_setup+0x47a/0x2980 [ 814.168631] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.169593] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.170592] ? wait_for_completion_io+0x270/0x270 [ 814.171558] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.172587] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.173244] FAULT_INJECTION: forcing a failure. [ 814.173244] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.173612] do_syscall_64+0x33/0x40 [ 814.176946] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.177961] RIP: 0033:0x7fe43d50db19 [ 814.178687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.182300] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.183794] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 814.185201] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.186730] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.188404] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.190116] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.191642] CPU: 0 PID: 6211 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 814.193244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.195130] Call Trace: [ 814.195739] dump_stack+0x107/0x167 [ 814.196568] should_fail.cold+0x5/0xa [ 814.197466] __alloc_pages_nodemask+0x182/0x600 [ 814.198591] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 814.200160] ? cap_capable+0x1cd/0x230 [ 814.201153] alloc_pages_current+0x187/0x280 [ 814.202337] __get_free_pages+0xc/0xa0 [ 814.203404] io_uring_setup+0xe27/0x2980 [ 814.204407] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.205568] ? wait_for_completion_io+0x270/0x270 [ 814.206689] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.208125] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.209323] do_syscall_64+0x33/0x40 [ 814.210145] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.211311] RIP: 0033:0x7fa304026b19 [ 814.212143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.216334] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.218052] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 814.219668] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.221301] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.222930] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.224560] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:53 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:30:53 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 12) 21:30:53 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:30:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 10) 21:30:53 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 13) 21:30:53 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 13) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:30:53 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 10) [ 814.360002] FAULT_INJECTION: forcing a failure. [ 814.360002] name failslab, interval 1, probability 0, space 0, times 0 [ 814.362144] CPU: 1 PID: 6222 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 814.363308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.364731] Call Trace: [ 814.365192] dump_stack+0x107/0x167 [ 814.365818] should_fail.cold+0x5/0xa [ 814.366474] ? percpu_ref_init+0xd8/0x3d0 [ 814.367188] should_failslab+0x5/0x20 [ 814.367855] kmem_cache_alloc_trace+0x55/0x320 [ 814.368641] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.369356] percpu_ref_init+0xd8/0x3d0 [ 814.370055] io_uring_setup+0x47a/0x2980 [ 814.370756] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.371600] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.372485] ? wait_for_completion_io+0x270/0x270 [ 814.373349] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.374261] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.375170] do_syscall_64+0x33/0x40 [ 814.375822] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.376716] RIP: 0033:0x7f6039043b19 [ 814.377374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.380605] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.381945] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 814.383191] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.384428] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.385664] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.386900] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.390046] FAULT_INJECTION: forcing a failure. [ 814.390046] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.392121] CPU: 1 PID: 6223 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 814.392129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.392133] Call Trace: [ 814.392147] dump_stack+0x107/0x167 [ 814.392162] should_fail.cold+0x5/0xa [ 814.392185] __alloc_pages_nodemask+0x182/0x600 [ 814.392202] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 814.392223] ? cap_capable+0x1cd/0x230 [ 814.392247] alloc_pages_current+0x187/0x280 [ 814.400132] __get_free_pages+0xc/0xa0 [ 814.400810] io_uring_setup+0xf9a/0x2980 [ 814.401522] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.402405] ? wait_for_completion_io+0x270/0x270 [ 814.403248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.404151] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.405049] do_syscall_64+0x33/0x40 [ 814.405700] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.406587] RIP: 0033:0x7fa304026b19 [ 814.407226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.410417] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.411738] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 814.412980] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.414228] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.415474] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.416709] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.445020] FAULT_INJECTION: forcing a failure. [ 814.445020] name failslab, interval 1, probability 0, space 0, times 0 [ 814.447022] CPU: 1 PID: 6227 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 814.448206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.449654] Call Trace: [ 814.450111] dump_stack+0x107/0x167 [ 814.450747] should_fail.cold+0x5/0xa [ 814.451405] ? percpu_ref_init+0xd8/0x3d0 [ 814.452133] should_failslab+0x5/0x20 [ 814.452804] kmem_cache_alloc_trace+0x55/0x320 [ 814.453612] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.454318] percpu_ref_init+0xd8/0x3d0 [ 814.455008] io_uring_setup+0x47a/0x2980 [ 814.455718] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.456556] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.457443] ? wait_for_completion_io+0x270/0x270 [ 814.458297] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.459203] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.460097] do_syscall_64+0x33/0x40 [ 814.460743] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.461642] RIP: 0033:0x7fe43d50db19 [ 814.462280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.465520] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.466842] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 814.468084] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.469329] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.470567] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.471806] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:53 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 814.481924] FAULT_INJECTION: forcing a failure. [ 814.481924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.484058] CPU: 1 PID: 6226 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 814.485236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.486676] Call Trace: [ 814.487131] dump_stack+0x107/0x167 [ 814.487764] should_fail.cold+0x5/0xa [ 814.488427] __alloc_pages_nodemask+0x182/0x600 [ 814.489245] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 814.490293] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 814.491235] ? cap_capable+0x1cd/0x230 [ 814.491917] alloc_pages_current+0x187/0x280 [ 814.492684] __get_free_pages+0xc/0xa0 [ 814.493366] io_uring_setup+0xf9a/0x2980 [ 814.494079] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.494962] ? wait_for_completion_io+0x270/0x270 [ 814.495819] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.496736] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.497638] do_syscall_64+0x33/0x40 [ 814.498285] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.499179] RIP: 0033:0x7fa2b71a6b19 [ 814.499830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.503035] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.504363] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 814.505618] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.506868] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.508105] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.509374] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:30:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 11) 21:30:53 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 11) [ 814.621892] FAULT_INJECTION: forcing a failure. [ 814.621892] name failslab, interval 1, probability 0, space 0, times 0 [ 814.624888] CPU: 0 PID: 6234 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 814.626523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.628496] Call Trace: [ 814.629243] dump_stack+0x107/0x167 [ 814.630246] should_fail.cold+0x5/0xa [ 814.631302] ? create_object.isra.0+0x3a/0xa20 [ 814.632561] should_failslab+0x5/0x20 [ 814.633620] kmem_cache_alloc+0x5b/0x310 [ 814.634743] create_object.isra.0+0x3a/0xa20 [ 814.635952] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 814.637361] kmem_cache_alloc_trace+0x151/0x320 [ 814.638645] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.639762] percpu_ref_init+0xd8/0x3d0 [ 814.640868] io_uring_setup+0x47a/0x2980 [ 814.642007] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.643336] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.644727] ? wait_for_completion_io+0x270/0x270 [ 814.646096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.647533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.648953] do_syscall_64+0x33/0x40 [ 814.649990] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.651401] RIP: 0033:0x7f6039043b19 [ 814.652422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.652984] FAULT_INJECTION: forcing a failure. [ 814.652984] name failslab, interval 1, probability 0, space 0, times 0 [ 814.657953] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.657981] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 814.657994] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.658007] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.658019] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.658031] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 814.671659] CPU: 1 PID: 6236 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 814.673219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 814.675088] Call Trace: [ 814.675723] dump_stack+0x107/0x167 [ 814.676626] should_fail.cold+0x5/0xa [ 814.677592] ? create_object.isra.0+0x3a/0xa20 [ 814.678772] should_failslab+0x5/0x20 [ 814.679763] kmem_cache_alloc+0x5b/0x310 [ 814.680828] create_object.isra.0+0x3a/0xa20 [ 814.681983] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 814.683306] kmem_cache_alloc_trace+0x151/0x320 [ 814.684532] ? io_tctx_exit_cb+0xf0/0xf0 [ 814.685606] percpu_ref_init+0xd8/0x3d0 [ 814.686653] io_uring_setup+0x47a/0x2980 [ 814.687729] ? __mutex_unlock_slowpath+0xe1/0x600 [ 814.689033] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 814.690376] ? wait_for_completion_io+0x270/0x270 [ 814.691695] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 814.693087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 814.694449] do_syscall_64+0x33/0x40 [ 814.695423] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 814.696730] RIP: 0033:0x7fe43d50db19 [ 814.697753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 814.708338] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 814.710115] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 814.711853] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 814.713621] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 814.715344] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 814.716897] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 828.724491] FAULT_INJECTION: forcing a failure. [ 828.724491] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 828.727202] CPU: 0 PID: 6255 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 828.728720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 828.730567] Call Trace: [ 828.731154] dump_stack+0x107/0x167 [ 828.731966] should_fail.cold+0x5/0xa [ 828.732819] __alloc_pages_nodemask+0x182/0x600 [ 828.733888] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 828.735233] ? cap_capable+0x1cd/0x230 [ 828.736110] alloc_pages_current+0x187/0x280 [ 828.737100] __get_free_pages+0xc/0xa0 [ 828.737975] io_uring_setup+0xe27/0x2980 [ 828.738889] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 828.738911] FAULT_INJECTION: forcing a failure. [ 828.738911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 828.740015] ? wait_for_completion_io+0x270/0x270 [ 828.740061] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 828.743916] ? syscall_enter_from_user_mode+0x1d/0x50 [ 828.745062] do_syscall_64+0x33/0x40 [ 828.745897] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 828.747032] RIP: 0033:0x7fe43d50db19 [ 828.747855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 828.751941] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 828.753647] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 828.755232] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 828.756812] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 828.758398] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 828.759987] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 828.761603] CPU: 1 PID: 6261 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 828.762589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 828.763741] Call Trace: [ 828.764114] dump_stack+0x107/0x167 [ 828.764618] should_fail.cold+0x5/0xa [ 828.765149] __alloc_pages_nodemask+0x182/0x600 [ 828.766014] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 828.767068] ? cap_capable+0x1cd/0x230 [ 828.767690] alloc_pages_current+0x187/0x280 [ 828.768332] __get_free_pages+0xc/0xa0 [ 828.768625] FAULT_INJECTION: forcing a failure. [ 828.768625] name failslab, interval 1, probability 0, space 0, times 0 [ 828.768903] io_uring_setup+0xe27/0x2980 [ 828.772010] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 828.772743] ? wait_for_completion_io+0x270/0x270 [ 828.773460] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 828.774220] ? syscall_enter_from_user_mode+0x1d/0x50 [ 828.774964] do_syscall_64+0x33/0x40 [ 828.775503] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 828.776240] RIP: 0033:0x7f6039043b19 [ 828.776776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 828.779444] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 828.780549] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 828.781587] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 828.782568] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 828.783599] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 828.784657] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 828.785670] CPU: 0 PID: 6251 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 828.787233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 828.789089] Call Trace: [ 828.789689] dump_stack+0x107/0x167 [ 828.790503] should_fail.cold+0x5/0xa [ 828.791358] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 828.792610] should_failslab+0x5/0x20 [ 828.793468] kmem_cache_alloc_trace+0x55/0x320 [ 828.794508] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 828.795720] io_uring_setup+0x14f6/0x2980 [ 828.796655] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 828.797799] ? wait_for_completion_io+0x270/0x270 [ 828.798898] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 828.800069] ? syscall_enter_from_user_mode+0x1d/0x50 [ 828.801223] do_syscall_64+0x33/0x40 [ 828.802087] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 828.803271] RIP: 0033:0x7fa2b71a6b19 [ 828.804131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 828.808397] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 828.810162] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 828.811818] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 828.813468] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 828.815148] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 828.816799] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:07 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 14) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:07 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:07 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:07 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:07 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 12) 21:31:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 12) 21:31:07 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:07 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 14) [ 828.837588] FAULT_INJECTION: forcing a failure. [ 828.837588] name failslab, interval 1, probability 0, space 0, times 0 [ 828.839289] CPU: 1 PID: 6267 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 828.840278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 828.841482] Call Trace: [ 828.841881] dump_stack+0x107/0x167 [ 828.842414] should_fail.cold+0x5/0xa [ 828.842971] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 828.843785] should_failslab+0x5/0x20 [ 828.844337] kmem_cache_alloc_trace+0x55/0x320 [ 828.845003] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 828.845796] io_uring_setup+0x14f6/0x2980 [ 828.846405] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 828.847143] ? wait_for_completion_io+0x270/0x270 [ 828.847857] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 828.848615] ? syscall_enter_from_user_mode+0x1d/0x50 [ 828.849361] do_syscall_64+0x33/0x40 [ 828.849909] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 828.850653] RIP: 0033:0x7fa304026b19 [ 828.851189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 828.853864] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 828.854969] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 828.856001] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 828.857038] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 828.858075] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 828.859111] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:07 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:07 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:07 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:07 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 15) [ 829.034636] FAULT_INJECTION: forcing a failure. [ 829.034636] name failslab, interval 1, probability 0, space 0, times 0 [ 829.036051] CPU: 1 PID: 6278 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 829.036851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 829.037842] Call Trace: [ 829.038157] dump_stack+0x107/0x167 [ 829.038589] should_fail.cold+0x5/0xa [ 829.039035] ? create_object.isra.0+0x3a/0xa20 [ 829.039572] should_failslab+0x5/0x20 [ 829.040010] kmem_cache_alloc+0x5b/0x310 [ 829.040487] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 829.041187] create_object.isra.0+0x3a/0xa20 [ 829.041703] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 829.042281] kmem_cache_alloc_trace+0x151/0x320 [ 829.042832] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 829.043467] io_uring_setup+0x14f6/0x2980 [ 829.043960] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 829.044556] ? wait_for_completion_io+0x270/0x270 [ 829.045134] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 829.045761] ? syscall_enter_from_user_mode+0x1d/0x50 [ 829.046353] do_syscall_64+0x33/0x40 [ 829.046790] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 829.047398] RIP: 0033:0x7fa304026b19 [ 829.047834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 829.049946] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 829.050845] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 829.051657] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 829.052487] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 829.053304] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 829.054151] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:08 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 15) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:08 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 13) 21:31:08 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 13) [ 829.074054] FAULT_INJECTION: forcing a failure. [ 829.074054] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 829.076891] CPU: 0 PID: 6281 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 829.078461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 829.080370] Call Trace: [ 829.080971] dump_stack+0x107/0x167 [ 829.081812] should_fail.cold+0x5/0xa [ 829.082687] __alloc_pages_nodemask+0x182/0x600 [ 829.083751] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 829.085130] ? cap_capable+0x1cd/0x230 [ 829.086034] alloc_pages_current+0x187/0x280 [ 829.087042] __get_free_pages+0xc/0xa0 [ 829.087930] io_uring_setup+0xf9a/0x2980 [ 829.088865] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 829.090029] ? wait_for_completion_io+0x270/0x270 [ 829.091151] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 829.092344] ? syscall_enter_from_user_mode+0x1d/0x50 [ 829.093528] do_syscall_64+0x33/0x40 [ 829.094379] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 829.095546] RIP: 0033:0x7f6039043b19 [ 829.096393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 829.100598] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 829.102337] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 829.103966] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 829.105607] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 829.107239] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 829.108868] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 829.137506] FAULT_INJECTION: forcing a failure. [ 829.137506] name failslab, interval 1, probability 0, space 0, times 0 [ 829.138148] FAULT_INJECTION: forcing a failure. [ 829.138148] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 829.140153] CPU: 0 PID: 6284 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 829.143103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 829.145001] Call Trace: [ 829.145619] dump_stack+0x107/0x167 [ 829.146453] should_fail.cold+0x5/0xa [ 829.147328] ? create_object.isra.0+0x3a/0xa20 [ 829.148377] should_failslab+0x5/0x20 [ 829.149250] kmem_cache_alloc+0x5b/0x310 [ 829.150204] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 829.151575] create_object.isra.0+0x3a/0xa20 [ 829.152576] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 829.153748] kmem_cache_alloc_trace+0x151/0x320 [ 829.154817] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 829.156055] io_uring_setup+0x14f6/0x2980 [ 829.157012] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 829.158219] ? wait_for_completion_io+0x270/0x270 [ 829.159344] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 829.160539] ? syscall_enter_from_user_mode+0x1d/0x50 [ 829.161723] do_syscall_64+0x33/0x40 [ 829.162574] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 829.163740] RIP: 0033:0x7fa2b71a6b19 [ 829.164589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 829.168813] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 829.170564] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 829.172200] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 829.173840] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 829.175465] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 829.177096] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 829.178762] CPU: 1 PID: 6285 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 829.179613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 829.180578] Call Trace: [ 829.180893] dump_stack+0x107/0x167 [ 829.181320] should_fail.cold+0x5/0xa [ 829.181785] __alloc_pages_nodemask+0x182/0x600 [ 829.182337] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 829.183036] ? cap_capable+0x1cd/0x230 [ 829.183494] alloc_pages_current+0x187/0x280 [ 829.184001] __get_free_pages+0xc/0xa0 [ 829.184454] io_uring_setup+0xf9a/0x2980 [ 829.184933] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 829.185539] ? wait_for_completion_io+0x270/0x270 [ 829.186112] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 829.186718] ? syscall_enter_from_user_mode+0x1d/0x50 [ 829.187300] do_syscall_64+0x33/0x40 [ 829.187729] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 829.188313] RIP: 0033:0x7fe43d50db19 [ 829.188743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 829.190890] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 829.191773] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 829.192600] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 829.193434] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 829.194270] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 829.195095] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:23 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 16) 21:31:23 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:23 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:23 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 14) 21:31:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 14) 21:31:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:23 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 16) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 844.598441] FAULT_INJECTION: forcing a failure. [ 844.598441] name failslab, interval 1, probability 0, space 0, times 0 [ 844.601638] CPU: 0 PID: 6295 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 844.603251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.605513] Call Trace: [ 844.606169] dump_stack+0x107/0x167 [ 844.607000] should_fail.cold+0x5/0xa [ 844.608032] ? create_object.isra.0+0x3a/0xa20 [ 844.609213] should_failslab+0x5/0x20 [ 844.610218] kmem_cache_alloc+0x5b/0x310 [ 844.611240] create_object.isra.0+0x3a/0xa20 [ 844.612394] kmemleak_alloc_percpu+0xa0/0x100 [ 844.613410] pcpu_alloc+0x4e2/0x1240 [ 844.614305] ? io_async_queue_proc+0x80/0x80 [ 844.615286] percpu_ref_init+0x31/0x3d0 [ 844.616172] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 844.617375] io_uring_setup+0x14f6/0x2980 [ 844.618321] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 844.619447] ? wait_for_completion_io+0x270/0x270 [ 844.620544] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.621702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.622859] do_syscall_64+0x33/0x40 [ 844.623687] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.624867] RIP: 0033:0x7fa2b71a6b19 [ 844.625740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.629910] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.631991] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 844.633957] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.635925] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.637880] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.639860] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 844.687462] FAULT_INJECTION: forcing a failure. [ 844.687462] name failslab, interval 1, probability 0, space 0, times 0 [ 844.689625] FAULT_INJECTION: forcing a failure. [ 844.689625] name failslab, interval 1, probability 0, space 0, times 0 [ 844.690181] CPU: 0 PID: 6310 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 844.694206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.696168] Call Trace: [ 844.696805] dump_stack+0x107/0x167 [ 844.697671] should_fail.cold+0x5/0xa [ 844.698590] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.699908] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.701235] should_failslab+0x5/0x20 [ 844.702152] kmem_cache_alloc_trace+0x55/0x320 [ 844.703246] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.704529] io_uring_setup+0x14f6/0x2980 [ 844.705520] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 844.706737] ? wait_for_completion_io+0x270/0x270 [ 844.707903] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.709125] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.710366] do_syscall_64+0x33/0x40 [ 844.711254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.712469] RIP: 0033:0x7fe43d50db19 [ 844.713352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.717720] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.719534] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 844.721221] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.722920] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.724606] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.726300] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 844.728013] CPU: 1 PID: 6311 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 844.729562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.731420] Call Trace: [ 844.732010] dump_stack+0x107/0x167 [ 844.732804] should_fail.cold+0x5/0xa [ 844.733643] ? create_object.isra.0+0x3a/0xa20 [ 844.734652] should_failslab+0x5/0x20 [ 844.735470] kmem_cache_alloc+0x5b/0x310 [ 844.736338] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 844.737624] create_object.isra.0+0x3a/0xa20 [ 844.738580] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 844.739699] kmem_cache_alloc_trace+0x151/0x320 [ 844.740728] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.740749] io_uring_setup+0x14f6/0x2980 [ 844.740775] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 844.740795] ? wait_for_completion_io+0x270/0x270 [ 844.740837] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.746239] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.747349] do_syscall_64+0x33/0x40 [ 844.748201] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.749459] RIP: 0033:0x7fa304026b19 [ 844.750276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.754350] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.756011] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 844.757555] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.759114] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.760673] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.762231] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 844.824934] FAULT_INJECTION: forcing a failure. [ 844.824934] name failslab, interval 1, probability 0, space 0, times 0 [ 844.827928] CPU: 1 PID: 6315 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 844.829611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.831664] Call Trace: [ 844.832318] dump_stack+0x107/0x167 [ 844.833215] should_fail.cold+0x5/0xa [ 844.834164] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.835539] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.836913] should_failslab+0x5/0x20 [ 844.837854] kmem_cache_alloc_trace+0x55/0x320 [ 844.838999] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.840321] io_uring_setup+0x14f6/0x2980 [ 844.841338] ? __do_sys_io_uring_enter+0x1890/0x1890 21:31:23 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 17) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 844.842592] ? wait_for_completion_io+0x270/0x270 [ 844.844013] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.845299] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.846564] do_syscall_64+0x33/0x40 [ 844.847470] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.848721] RIP: 0033:0x7f6039043b19 [ 844.849615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.854109] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.855947] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 844.857664] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.859400] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.861117] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.862851] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 15) [ 844.917030] FAULT_INJECTION: forcing a failure. [ 844.917030] name failslab, interval 1, probability 0, space 0, times 0 [ 844.920104] CPU: 0 PID: 6319 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 844.921730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.921790] FAULT_INJECTION: forcing a failure. [ 844.921790] name failslab, interval 1, probability 0, space 0, times 0 [ 844.923692] Call Trace: [ 844.923722] dump_stack+0x107/0x167 [ 844.923744] should_fail.cold+0x5/0xa [ 844.923773] ? create_object.isra.0+0x3a/0xa20 [ 844.923803] should_failslab+0x5/0x20 [ 844.930622] kmem_cache_alloc+0x5b/0x310 [ 844.931587] create_object.isra.0+0x3a/0xa20 [ 844.932637] kmemleak_alloc_percpu+0xa0/0x100 [ 844.933699] pcpu_alloc+0x4e2/0x1240 [ 844.934612] ? io_async_queue_proc+0x80/0x80 [ 844.935657] percpu_ref_init+0x31/0x3d0 [ 844.936602] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 844.937879] io_uring_setup+0x14f6/0x2980 [ 844.938886] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 844.940086] ? wait_for_completion_io+0x270/0x270 [ 844.941254] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.942502] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.943720] do_syscall_64+0x33/0x40 [ 844.944602] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.945810] RIP: 0033:0x7fa2b71a6b19 [ 844.946702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.951054] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.952855] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 844.954547] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.956231] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.957914] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.959611] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 844.961326] CPU: 1 PID: 6321 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 844.962891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 844.964740] Call Trace: [ 844.965335] dump_stack+0x107/0x167 [ 844.966161] should_fail.cold+0x5/0xa [ 844.967014] ? create_object.isra.0+0x3a/0xa20 [ 844.968045] should_failslab+0x5/0x20 [ 844.968894] kmem_cache_alloc+0x5b/0x310 [ 844.969801] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 844.971148] create_object.isra.0+0x3a/0xa20 [ 844.972125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 844.973257] kmem_cache_alloc_trace+0x151/0x320 [ 844.974322] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 844.975532] io_uring_setup+0x14f6/0x2980 [ 844.976447] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 844.977575] ? wait_for_completion_io+0x270/0x270 [ 844.978676] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 844.979833] ? syscall_enter_from_user_mode+0x1d/0x50 [ 844.980975] do_syscall_64+0x33/0x40 [ 844.981802] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 844.982941] RIP: 0033:0x7fe43d50db19 [ 844.983764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.987855] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 844.989529] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 844.991098] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 844.992667] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 844.994242] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 844.995798] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:24 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 18) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 15) [ 845.125787] FAULT_INJECTION: forcing a failure. [ 845.125787] name failslab, interval 1, probability 0, space 0, times 0 [ 845.128738] CPU: 1 PID: 6326 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 845.130334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.132223] Call Trace: [ 845.132836] dump_stack+0x107/0x167 [ 845.133674] should_fail.cold+0x5/0xa [ 845.134559] ? percpu_ref_init+0xd8/0x3d0 [ 845.135513] should_failslab+0x5/0x20 [ 845.136387] kmem_cache_alloc_trace+0x55/0x320 [ 845.137433] ? io_async_queue_proc+0x80/0x80 [ 845.138457] percpu_ref_init+0xd8/0x3d0 [ 845.139377] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 845.140615] io_uring_setup+0x14f6/0x2980 [ 845.141564] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 845.142732] ? wait_for_completion_io+0x270/0x270 [ 845.143853] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.145045] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.146234] do_syscall_64+0x33/0x40 [ 845.147082] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 845.148248] RIP: 0033:0x7fa2b71a6b19 [ 845.149094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.153287] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 845.155017] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 845.156611] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 845.158223] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 845.159818] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 845.161419] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:24 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 17) 21:31:24 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 16) [ 845.179995] FAULT_INJECTION: forcing a failure. [ 845.179995] name failslab, interval 1, probability 0, space 0, times 0 [ 845.182575] CPU: 0 PID: 6328 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 845.184080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.185906] Call Trace: [ 845.186525] dump_stack+0x107/0x167 [ 845.187394] should_fail.cold+0x5/0xa [ 845.188298] ? create_object.isra.0+0x3a/0xa20 [ 845.189389] should_failslab+0x5/0x20 [ 845.190316] kmem_cache_alloc+0x5b/0x310 [ 845.191279] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 845.192699] create_object.isra.0+0x3a/0xa20 [ 845.193738] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 845.194953] kmem_cache_alloc_trace+0x151/0x320 [ 845.196065] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 845.197349] io_uring_setup+0x14f6/0x2980 [ 845.198352] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 845.199555] ? wait_for_completion_io+0x270/0x270 [ 845.200724] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.201965] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.203201] do_syscall_64+0x33/0x40 [ 845.204084] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 845.205293] RIP: 0033:0x7f6039043b19 [ 845.206190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.210537] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 845.212345] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 845.214031] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 845.215731] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 845.217419] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 845.219111] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:24 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 845.278988] FAULT_INJECTION: forcing a failure. [ 845.278988] name failslab, interval 1, probability 0, space 0, times 0 [ 845.281361] CPU: 1 PID: 6333 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 845.282778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.284486] Call Trace: [ 845.284754] FAULT_INJECTION: forcing a failure. [ 845.284754] name failslab, interval 1, probability 0, space 0, times 0 [ 845.285037] dump_stack+0x107/0x167 [ 845.288401] should_fail.cold+0x5/0xa [ 845.289188] ? create_object.isra.0+0x3a/0xa20 [ 845.290134] should_failslab+0x5/0x20 [ 845.290920] kmem_cache_alloc+0x5b/0x310 [ 845.291761] create_object.isra.0+0x3a/0xa20 [ 845.292661] kmemleak_alloc_percpu+0xa0/0x100 [ 845.293578] pcpu_alloc+0x4e2/0x1240 [ 845.294356] ? io_async_queue_proc+0x80/0x80 [ 845.295254] percpu_ref_init+0x31/0x3d0 [ 845.296066] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 845.297170] io_uring_setup+0x14f6/0x2980 [ 845.298022] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 845.299071] ? wait_for_completion_io+0x270/0x270 [ 845.300077] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.301144] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.302211] do_syscall_64+0x33/0x40 [ 845.302969] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 845.304017] RIP: 0033:0x7fe43d50db19 [ 845.304774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.308558] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 845.310126] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 845.311584] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 845.313046] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 845.314514] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 845.315968] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 845.317461] CPU: 0 PID: 6334 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 845.319140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.321114] Call Trace: [ 845.321749] dump_stack+0x107/0x167 [ 845.322629] should_fail.cold+0x5/0xa [ 845.323539] ? create_object.isra.0+0x3a/0xa20 [ 845.324627] should_failslab+0x5/0x20 [ 845.325540] kmem_cache_alloc+0x5b/0x310 [ 845.326514] create_object.isra.0+0x3a/0xa20 [ 845.327570] kmemleak_alloc_percpu+0xa0/0x100 [ 845.328646] pcpu_alloc+0x4e2/0x1240 [ 845.329541] ? io_async_queue_proc+0x80/0x80 [ 845.330604] percpu_ref_init+0x31/0x3d0 [ 845.331541] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 845.332825] io_uring_setup+0x14f6/0x2980 [ 845.333753] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 845.334906] ? wait_for_completion_io+0x270/0x270 [ 845.336011] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.337181] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.338350] do_syscall_64+0x33/0x40 [ 845.339194] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 845.340342] RIP: 0033:0x7fa304026b19 [ 845.341176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.345269] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 845.346978] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 845.348566] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 845.350178] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 845.351758] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 845.353355] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:24 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 17) [ 845.486831] FAULT_INJECTION: forcing a failure. [ 845.486831] name failslab, interval 1, probability 0, space 0, times 0 [ 845.488780] CPU: 1 PID: 6339 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 845.489953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 845.491392] Call Trace: [ 845.491853] dump_stack+0x107/0x167 [ 845.492487] should_fail.cold+0x5/0xa [ 845.493148] ? create_object.isra.0+0x3a/0xa20 [ 845.493942] should_failslab+0x5/0x20 [ 845.494612] kmem_cache_alloc+0x5b/0x310 [ 845.495320] create_object.isra.0+0x3a/0xa20 [ 845.496086] kmemleak_alloc_percpu+0xa0/0x100 [ 845.496865] pcpu_alloc+0x4e2/0x1240 [ 845.497511] ? io_async_queue_proc+0x80/0x80 [ 845.498278] percpu_ref_init+0x31/0x3d0 [ 845.498970] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 845.499912] io_uring_setup+0x14f6/0x2980 [ 845.500644] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 845.501523] ? wait_for_completion_io+0x270/0x270 [ 845.502384] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 845.503291] ? syscall_enter_from_user_mode+0x1d/0x50 [ 845.504187] do_syscall_64+0x33/0x40 [ 845.504829] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 845.505714] RIP: 0033:0x7fe43d50db19 [ 845.506367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.509542] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 845.510863] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 845.512045] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 845.513277] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 845.514526] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 845.515762] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:38 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 16) 21:31:38 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:38 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 19) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:38 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:38 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 18) 21:31:38 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:38 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 859.597696] FAULT_INJECTION: forcing a failure. [ 859.597696] name failslab, interval 1, probability 0, space 0, times 0 [ 859.599429] CPU: 0 PID: 6356 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 859.600407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.601601] Call Trace: [ 859.601984] dump_stack+0x107/0x167 [ 859.602510] should_fail.cold+0x5/0xa [ 859.603071] ? create_object.isra.0+0x3a/0xa20 [ 859.603716] should_failslab+0x5/0x20 [ 859.604263] kmem_cache_alloc+0x5b/0x310 [ 859.604848] create_object.isra.0+0x3a/0xa20 21:31:38 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 18) [ 859.605485] kmemleak_alloc_percpu+0xa0/0x100 [ 859.606256] pcpu_alloc+0x4e2/0x1240 [ 859.606814] ? io_async_queue_proc+0x80/0x80 [ 859.607449] percpu_ref_init+0x31/0x3d0 [ 859.608023] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.608817] io_uring_setup+0x14f6/0x2980 [ 859.609422] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.610160] ? wait_for_completion_io+0x270/0x270 [ 859.610889] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.611642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.611717] FAULT_INJECTION: forcing a failure. [ 859.611717] name failslab, interval 1, probability 0, space 0, times 0 [ 859.612382] do_syscall_64+0x33/0x40 [ 859.612397] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.612406] RIP: 0033:0x7f6039043b19 [ 859.612418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.612437] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.620506] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 859.621529] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.622555] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.623586] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.624611] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 859.625662] CPU: 1 PID: 6360 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 859.627288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.629249] Call Trace: [ 859.629864] dump_stack+0x107/0x167 [ 859.630883] should_fail.cold+0x5/0xa [ 859.631763] ? percpu_ref_init+0xd8/0x3d0 [ 859.632331] FAULT_INJECTION: forcing a failure. [ 859.632331] name failslab, interval 1, probability 0, space 0, times 0 [ 859.632719] should_failslab+0x5/0x20 [ 859.632744] kmem_cache_alloc_trace+0x55/0x320 [ 859.636261] ? io_async_queue_proc+0x80/0x80 [ 859.637272] percpu_ref_init+0xd8/0x3d0 [ 859.638188] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.639447] io_uring_setup+0x14f6/0x2980 [ 859.640408] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.641599] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.642816] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.644002] do_syscall_64+0x33/0x40 [ 859.644853] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.646023] RIP: 0033:0x7fa304026b19 [ 859.646929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.651170] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.652918] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 859.654556] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.656205] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.657842] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.659503] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 859.661193] CPU: 0 PID: 6363 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 859.662183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.663383] Call Trace: [ 859.663772] dump_stack+0x107/0x167 [ 859.664304] should_fail.cold+0x5/0xa [ 859.664853] ? percpu_ref_init+0xd8/0x3d0 [ 859.665449] should_failslab+0x5/0x20 [ 859.665998] kmem_cache_alloc_trace+0x55/0x320 [ 859.666663] ? io_async_queue_proc+0x80/0x80 [ 859.667297] percpu_ref_init+0xd8/0x3d0 [ 859.667868] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.668644] io_uring_setup+0x14f6/0x2980 [ 859.668908] FAULT_INJECTION: forcing a failure. [ 859.668908] name failslab, interval 1, probability 0, space 0, times 0 [ 859.669242] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.669256] ? wait_for_completion_io+0x270/0x270 [ 859.669289] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.673926] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.674673] do_syscall_64+0x33/0x40 [ 859.675205] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.675936] RIP: 0033:0x7fe43d50db19 [ 859.676468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.679106] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.680193] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 859.681215] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.682236] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.683263] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.684279] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 859.685351] CPU: 1 PID: 6359 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 859.686942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.688840] Call Trace: [ 859.689443] dump_stack+0x107/0x167 [ 859.690280] should_fail.cold+0x5/0xa [ 859.691161] ? create_object.isra.0+0x3a/0xa20 [ 859.692210] should_failslab+0x5/0x20 [ 859.693082] kmem_cache_alloc+0x5b/0x310 [ 859.694027] create_object.isra.0+0x3a/0xa20 [ 859.695053] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 859.696218] kmem_cache_alloc_trace+0x151/0x320 [ 859.697292] ? io_async_queue_proc+0x80/0x80 [ 859.698312] percpu_ref_init+0xd8/0x3d0 [ 859.699238] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.700476] io_uring_setup+0x14f6/0x2980 [ 859.701431] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.702602] ? wait_for_completion_io+0x270/0x270 [ 859.703729] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.704930] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.706115] do_syscall_64+0x33/0x40 [ 859.706975] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.708160] RIP: 0033:0x7fa2b71a6b19 [ 859.709009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.713256] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.715033] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 859.716665] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.718315] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.718337] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.721041] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:38 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 17) 21:31:38 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 19) 21:31:38 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 19) [ 859.765120] FAULT_INJECTION: forcing a failure. [ 859.765120] name failslab, interval 1, probability 0, space 0, times 0 [ 859.767748] CPU: 1 PID: 6367 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 859.769316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.771223] Call Trace: [ 859.771826] dump_stack+0x107/0x167 [ 859.772660] should_fail.cold+0x5/0xa [ 859.773534] ? create_object.isra.0+0x3a/0xa20 [ 859.774581] should_failslab+0x5/0x20 [ 859.775466] kmem_cache_alloc+0x5b/0x310 [ 859.776400] create_object.isra.0+0x3a/0xa20 [ 859.777413] kmemleak_alloc_percpu+0xa0/0x100 [ 859.778444] pcpu_alloc+0x4e2/0x1240 [ 859.778530] FAULT_INJECTION: forcing a failure. [ 859.778530] name failslab, interval 1, probability 0, space 0, times 0 [ 859.779315] ? io_async_queue_proc+0x80/0x80 [ 859.779340] percpu_ref_init+0x31/0x3d0 [ 859.782836] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.784076] io_uring_setup+0x14f6/0x2980 [ 859.785034] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.786194] ? wait_for_completion_io+0x270/0x270 [ 859.787333] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.788530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.789708] do_syscall_64+0x33/0x40 [ 859.790561] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.791739] RIP: 0033:0x7f6039043b19 [ 859.792588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.796982] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.798728] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 859.800362] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.801991] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.803628] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.805256] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 859.807247] CPU: 0 PID: 6370 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 859.808245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.809436] Call Trace: [ 859.809818] dump_stack+0x107/0x167 [ 859.810338] should_fail.cold+0x5/0xa [ 859.810898] ? create_object.isra.0+0x3a/0xa20 [ 859.811560] should_failslab+0x5/0x20 [ 859.812101] kmem_cache_alloc+0x5b/0x310 [ 859.812685] create_object.isra.0+0x3a/0xa20 [ 859.813319] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 859.814049] kmem_cache_alloc_trace+0x151/0x320 [ 859.814734] ? io_async_queue_proc+0x80/0x80 [ 859.815369] percpu_ref_init+0xd8/0x3d0 [ 859.815945] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.816723] io_uring_setup+0x14f6/0x2980 [ 859.817320] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.818047] ? wait_for_completion_io+0x270/0x270 [ 859.818765] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.819519] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.820265] do_syscall_64+0x33/0x40 [ 859.820794] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.821532] RIP: 0033:0x7fe43d50db19 [ 859.822062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.824783] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.825910] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 859.826983] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.828047] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.829104] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.830167] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 859.846576] FAULT_INJECTION: forcing a failure. [ 859.846576] name failslab, interval 1, probability 0, space 0, times 0 [ 859.848286] CPU: 0 PID: 6374 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 859.849308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.850546] Call Trace: [ 859.850951] dump_stack+0x107/0x167 [ 859.851494] should_fail.cold+0x5/0xa [ 859.852063] ? create_object.isra.0+0x3a/0xa20 [ 859.852749] should_failslab+0x5/0x20 [ 859.853315] kmem_cache_alloc+0x5b/0x310 [ 859.853920] create_object.isra.0+0x3a/0xa20 [ 859.854579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 859.855343] kmem_cache_alloc_trace+0x151/0x320 [ 859.856034] ? io_async_queue_proc+0x80/0x80 [ 859.856691] percpu_ref_init+0xd8/0x3d0 [ 859.857284] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 859.858090] io_uring_setup+0x14f6/0x2980 [ 859.858727] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.859481] ? wait_for_completion_io+0x270/0x270 [ 859.860215] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.860993] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.861759] do_syscall_64+0x33/0x40 [ 859.862313] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.863082] RIP: 0033:0x7fa304026b19 [ 859.863636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.866380] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.867519] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 859.868584] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.869646] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.870717] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.871777] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:38 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:38 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 20) [ 859.951994] FAULT_INJECTION: forcing a failure. [ 859.951994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 859.953439] CPU: 0 PID: 6379 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 859.954242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.955226] Call Trace: [ 859.955547] dump_stack+0x107/0x167 [ 859.955972] should_fail.cold+0x5/0xa [ 859.956429] _copy_to_user+0x2e/0x180 [ 859.956872] io_uring_setup+0x11b5/0x2980 [ 859.957358] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.957953] ? wait_for_completion_io+0x270/0x270 [ 859.958529] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.959155] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.959761] do_syscall_64+0x33/0x40 [ 859.960197] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.960794] RIP: 0033:0x7fa304026b19 [ 859.961225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.963391] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.964273] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 859.965101] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 859.965937] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.966782] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 859.967620] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:38 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 18) 21:31:38 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:38 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 21) 21:31:38 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 860.028587] FAULT_INJECTION: forcing a failure. [ 860.028587] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 860.030144] CPU: 0 PID: 6383 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 860.030929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.031866] Call Trace: [ 860.032170] dump_stack+0x107/0x167 [ 860.032588] should_fail.cold+0x5/0xa [ 860.033026] _copy_to_user+0x2e/0x180 [ 860.033464] io_uring_setup+0x11b5/0x2980 21:31:39 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 20) [ 860.034015] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.034615] ? wait_for_completion_io+0x270/0x270 [ 860.035200] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.035821] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.036428] do_syscall_64+0x33/0x40 [ 860.036866] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.037464] RIP: 0033:0x7fa2b71a6b19 [ 860.037899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.040078] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.040969] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 860.041800] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.042644] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.043479] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.044318] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 860.057960] FAULT_INJECTION: forcing a failure. [ 860.057960] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 860.060774] CPU: 1 PID: 6387 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 860.062338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.064250] Call Trace: [ 860.064859] dump_stack+0x107/0x167 [ 860.065696] should_fail.cold+0x5/0xa [ 860.066578] _copy_to_user+0x2e/0x180 [ 860.067465] io_uring_setup+0x11b5/0x2980 [ 860.068422] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.069589] ? wait_for_completion_io+0x270/0x270 [ 860.070727] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.071934] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.073118] do_syscall_64+0x33/0x40 [ 860.073971] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.075165] RIP: 0033:0x7fe43d50db19 [ 860.076016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.080254] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.081996] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 860.083639] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.085271] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.086906] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.088540] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:39 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 21) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:39 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 860.115341] FAULT_INJECTION: forcing a failure. [ 860.115341] name failslab, interval 1, probability 0, space 0, times 0 [ 860.116670] CPU: 0 PID: 6388 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 860.117477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.118457] Call Trace: [ 860.118787] dump_stack+0x107/0x167 [ 860.119218] should_fail.cold+0x5/0xa [ 860.119654] ? percpu_ref_init+0xd8/0x3d0 [ 860.120141] should_failslab+0x5/0x20 [ 860.120596] kmem_cache_alloc_trace+0x55/0x320 [ 860.121130] ? io_async_queue_proc+0x80/0x80 [ 860.121637] percpu_ref_init+0xd8/0x3d0 [ 860.122101] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 860.122746] io_uring_setup+0x14f6/0x2980 [ 860.123235] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.123817] ? wait_for_completion_io+0x270/0x270 [ 860.124397] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.125011] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.125604] do_syscall_64+0x33/0x40 [ 860.126037] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.126655] RIP: 0033:0x7f6039043b19 [ 860.127090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.129251] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.130150] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 860.131001] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.131842] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.132681] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.133526] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 860.140942] FAULT_INJECTION: forcing a failure. [ 860.140942] name failslab, interval 1, probability 0, space 0, times 0 [ 860.142309] CPU: 0 PID: 6393 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 860.143129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.144110] Call Trace: [ 860.144427] dump_stack+0x107/0x167 [ 860.144854] should_fail.cold+0x5/0xa [ 860.145302] ? __d_alloc+0x2a/0x990 [ 860.145731] should_failslab+0x5/0x20 [ 860.146179] kmem_cache_alloc+0x5b/0x310 [ 860.146667] __d_alloc+0x2a/0x990 [ 860.147074] ? find_held_lock+0x2c/0x110 [ 860.147556] d_alloc_pseudo+0x19/0x70 [ 860.147999] alloc_file_pseudo+0xce/0x250 [ 860.148484] ? trace_hardirqs_on+0x5b/0x180 [ 860.148984] ? alloc_file+0x5a0/0x5a0 [ 860.149440] anon_inode_getfile+0xc8/0x1f0 [ 860.149931] io_uring_setup+0x138b/0x2980 [ 860.150421] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.151028] ? wait_for_completion_io+0x270/0x270 [ 860.151601] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.152214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.152824] do_syscall_64+0x33/0x40 [ 860.153257] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.153859] RIP: 0033:0x7fa2b71a6b19 [ 860.154299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.156466] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.157356] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 860.158198] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.159040] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.159875] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.160713] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 860.163581] FAULT_INJECTION: forcing a failure. [ 860.163581] name failslab, interval 1, probability 0, space 0, times 0 [ 860.164983] CPU: 0 PID: 6394 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 860.165789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.166774] Call Trace: [ 860.167078] dump_stack+0x107/0x167 [ 860.167505] should_fail.cold+0x5/0xa [ 860.167962] ? __d_alloc+0x2a/0x990 [ 860.168389] should_failslab+0x5/0x20 [ 860.168840] kmem_cache_alloc+0x5b/0x310 [ 860.169318] __d_alloc+0x2a/0x990 [ 860.169723] ? find_held_lock+0x2c/0x110 [ 860.170201] d_alloc_pseudo+0x19/0x70 [ 860.170654] alloc_file_pseudo+0xce/0x250 [ 860.171133] ? trace_hardirqs_on+0x5b/0x180 [ 860.171642] ? alloc_file+0x5a0/0x5a0 [ 860.172102] anon_inode_getfile+0xc8/0x1f0 [ 860.172603] io_uring_setup+0x138b/0x2980 [ 860.173091] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.173684] ? wait_for_completion_io+0x270/0x270 [ 860.174261] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.174891] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.175497] do_syscall_64+0x33/0x40 [ 860.175933] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.176534] RIP: 0033:0x7fa304026b19 [ 860.176981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.179158] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.180050] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 860.180882] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.181726] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.182564] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.183410] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:39 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 22) 21:31:39 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 21) [ 860.241883] FAULT_INJECTION: forcing a failure. [ 860.241883] name failslab, interval 1, probability 0, space 0, times 0 [ 860.243364] CPU: 0 PID: 6398 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 860.244161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.245136] Call Trace: [ 860.245448] dump_stack+0x107/0x167 [ 860.245879] should_fail.cold+0x5/0xa [ 860.246339] ? __d_alloc+0x2a/0x990 [ 860.246770] should_failslab+0x5/0x20 [ 860.247224] kmem_cache_alloc+0x5b/0x310 [ 860.247705] __d_alloc+0x2a/0x990 [ 860.248112] ? find_held_lock+0x2c/0x110 [ 860.248591] d_alloc_pseudo+0x19/0x70 [ 860.249032] alloc_file_pseudo+0xce/0x250 [ 860.249516] ? trace_hardirqs_on+0x5b/0x180 [ 860.250005] ? alloc_file+0x5a0/0x5a0 [ 860.250466] anon_inode_getfile+0xc8/0x1f0 [ 860.250979] io_uring_setup+0x138b/0x2980 [ 860.251457] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.252050] ? wait_for_completion_io+0x270/0x270 [ 860.252631] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.253240] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.253825] do_syscall_64+0x33/0x40 [ 860.254257] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.254843] RIP: 0033:0x7fe43d50db19 [ 860.255275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.257437] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.258322] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 860.259166] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.259997] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.260836] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.261672] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 860.278020] FAULT_INJECTION: forcing a failure. [ 860.278020] name failslab, interval 1, probability 0, space 0, times 0 [ 860.281277] CPU: 1 PID: 6400 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 860.283184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.285110] Call Trace: [ 860.285721] dump_stack+0x107/0x167 [ 860.286576] should_fail.cold+0x5/0xa [ 860.287492] ? create_object.isra.0+0x3a/0xa20 [ 860.288554] should_failslab+0x5/0x20 [ 860.289439] kmem_cache_alloc+0x5b/0x310 [ 860.290385] create_object.isra.0+0x3a/0xa20 [ 860.291429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 860.292605] kmem_cache_alloc+0x159/0x310 [ 860.293575] __d_alloc+0x2a/0x990 [ 860.294381] ? find_held_lock+0x2c/0x110 [ 860.295351] d_alloc_pseudo+0x19/0x70 [ 860.296236] alloc_file_pseudo+0xce/0x250 [ 860.297194] ? trace_hardirqs_on+0x5b/0x180 [ 860.298191] ? alloc_file+0x5a0/0x5a0 [ 860.299117] anon_inode_getfile+0xc8/0x1f0 [ 860.300126] io_uring_setup+0x138b/0x2980 [ 860.301128] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 860.302345] ? wait_for_completion_io+0x270/0x270 [ 860.303632] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 860.304910] ? syscall_enter_from_user_mode+0x1d/0x50 [ 860.306128] do_syscall_64+0x33/0x40 [ 860.307009] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 860.308201] RIP: 0033:0x7fa304026b19 [ 860.309064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.313333] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 860.315121] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 860.316760] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 860.318421] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 860.320085] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 860.321722] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:31:54 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:31:54 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:54 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 22) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:31:54 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 19) 21:31:54 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 22) 21:31:54 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:31:54 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 23) 21:31:54 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 875.931303] FAULT_INJECTION: forcing a failure. [ 875.931303] name failslab, interval 1, probability 0, space 0, times 0 [ 875.933091] FAULT_INJECTION: forcing a failure. [ 875.933091] name failslab, interval 1, probability 0, space 0, times 0 [ 875.934450] CPU: 0 PID: 6425 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 875.938727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 875.941009] Call Trace: [ 875.941746] dump_stack+0x107/0x167 [ 875.942752] should_fail.cold+0x5/0xa [ 875.943707] ? create_object.isra.0+0x3a/0xa20 [ 875.944738] should_failslab+0x5/0x20 [ 875.945597] kmem_cache_alloc+0x5b/0x310 [ 875.946515] create_object.isra.0+0x3a/0xa20 [ 875.947502] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 875.948793] kmem_cache_alloc+0x159/0x310 [ 875.949734] __d_alloc+0x2a/0x990 [ 875.950535] ? find_held_lock+0x2c/0x110 [ 875.951478] d_alloc_pseudo+0x19/0x70 [ 875.952357] alloc_file_pseudo+0xce/0x250 [ 875.953289] ? trace_hardirqs_on+0x5b/0x180 [ 875.954273] ? alloc_file+0x5a0/0x5a0 [ 875.955138] anon_inode_getfile+0xc8/0x1f0 [ 875.956130] io_uring_setup+0x138b/0x2980 [ 875.957090] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 875.958257] ? wait_for_completion_io+0x270/0x270 [ 875.959400] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 875.960603] ? syscall_enter_from_user_mode+0x1d/0x50 [ 875.961787] do_syscall_64+0x33/0x40 [ 875.962639] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 875.963822] RIP: 0033:0x7fe43d50db19 [ 875.964676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 875.968923] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 875.970675] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 875.972330] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 875.973965] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 875.975613] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 875.977253] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 875.978928] CPU: 1 PID: 6423 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 875.980512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 875.982341] Call Trace: [ 875.982935] dump_stack+0x107/0x167 [ 875.983766] should_fail.cold+0x5/0xa [ 875.984609] ? create_object.isra.0+0x3a/0xa20 [ 875.985618] should_failslab+0x5/0x20 [ 875.986459] kmem_cache_alloc+0x5b/0x310 [ 875.987387] create_object.isra.0+0x3a/0xa20 [ 875.988354] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 875.989476] kmem_cache_alloc+0x159/0x310 [ 875.990400] __d_alloc+0x2a/0x990 [ 875.991185] ? find_held_lock+0x2c/0x110 [ 875.992138] d_alloc_pseudo+0x19/0x70 [ 875.992980] alloc_file_pseudo+0xce/0x250 [ 875.993922] ? trace_hardirqs_on+0x5b/0x180 [ 875.994872] ? alloc_file+0x5a0/0x5a0 [ 875.995787] anon_inode_getfile+0xc8/0x1f0 [ 875.996729] io_uring_setup+0x138b/0x2980 [ 875.997683] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 875.998808] ? wait_for_completion_io+0x270/0x270 [ 875.999940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.001096] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.002288] do_syscall_64+0x33/0x40 [ 876.003113] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.004295] RIP: 0033:0x7fa2b71a6b19 [ 876.005119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.009331] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 876.011015] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 876.012648] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 876.014280] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 876.015912] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 876.017535] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 876.053962] FAULT_INJECTION: forcing a failure. [ 876.053962] name failslab, interval 1, probability 0, space 0, times 0 [ 876.056550] CPU: 0 PID: 6430 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 876.058122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 876.059966] Call Trace: [ 876.060580] dump_stack+0x107/0x167 [ 876.061419] should_fail.cold+0x5/0xa [ 876.062300] ? __alloc_file+0x21/0x320 [ 876.063211] should_failslab+0x5/0x20 [ 876.064088] kmem_cache_alloc+0x5b/0x310 [ 876.065025] __alloc_file+0x21/0x320 [ 876.065881] alloc_empty_file+0x6d/0x170 [ 876.066816] alloc_file+0x5e/0x5a0 [ 876.067644] alloc_file_pseudo+0x16a/0x250 [ 876.068613] ? alloc_file+0x5a0/0x5a0 [ 876.069088] FAULT_INJECTION: forcing a failure. [ 876.069088] name failslab, interval 1, probability 0, space 0, times 0 [ 876.069501] anon_inode_getfile+0xc8/0x1f0 [ 876.069530] io_uring_setup+0x138b/0x2980 [ 876.073908] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 876.075074] ? wait_for_completion_io+0x270/0x270 [ 876.076214] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.077416] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.078602] do_syscall_64+0x33/0x40 [ 876.079465] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.080644] RIP: 0033:0x7fa304026b19 [ 876.081498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.085734] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 876.087498] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 876.089138] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 876.090783] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 876.092408] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 876.093979] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 876.095442] CPU: 1 PID: 6427 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 876.097005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 876.098877] Call Trace: [ 876.099492] dump_stack+0x107/0x167 [ 876.100331] should_fail.cold+0x5/0xa [ 876.101202] ? create_object.isra.0+0x3a/0xa20 [ 876.102231] should_failslab+0x5/0x20 [ 876.103110] kmem_cache_alloc+0x5b/0x310 [ 876.104036] create_object.isra.0+0x3a/0xa20 [ 876.105026] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 876.106157] kmem_cache_alloc_trace+0x151/0x320 [ 876.107205] ? io_async_queue_proc+0x80/0x80 [ 876.108182] percpu_ref_init+0xd8/0x3d0 [ 876.109078] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 876.110270] io_uring_setup+0x14f6/0x2980 [ 876.111240] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 876.112405] ? wait_for_completion_io+0x270/0x270 [ 876.113498] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.114671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.115819] do_syscall_64+0x33/0x40 [ 876.116678] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.117802] RIP: 0033:0x7f6039043b19 [ 876.118643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.122781] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 876.124468] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 876.126093] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 876.127717] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 876.129331] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 876.130945] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:09 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 23) 21:32:09 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:09 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:09 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:09 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 20) 21:32:09 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 23) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:09 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 890.138079] FAULT_INJECTION: forcing a failure. [ 890.138079] name failslab, interval 1, probability 0, space 0, times 0 [ 890.141041] CPU: 0 PID: 6442 Comm: syz-executor.6 Not tainted 5.10.233 #1 21:32:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 24) [ 890.142786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.145088] Call Trace: [ 890.145767] dump_stack+0x107/0x167 [ 890.146681] should_fail.cold+0x5/0xa [ 890.147646] ? __alloc_file+0x21/0x320 [ 890.148672] should_failslab+0x5/0x20 [ 890.149655] kmem_cache_alloc+0x5b/0x310 [ 890.150685] __alloc_file+0x21/0x320 [ 890.151626] alloc_empty_file+0x6d/0x170 [ 890.152666] alloc_file+0x5e/0x5a0 [ 890.153570] alloc_file_pseudo+0x16a/0x250 [ 890.154641] ? alloc_file+0x5a0/0x5a0 [ 890.155633] anon_inode_getfile+0xc8/0x1f0 [ 890.156713] io_uring_setup+0x138b/0x2980 [ 890.157770] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.159052] ? wait_for_completion_io+0x270/0x270 [ 890.160326] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.161661] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.163063] do_syscall_64+0x33/0x40 [ 890.164011] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.165414] RIP: 0033:0x7fa2b71a6b19 [ 890.166574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.168460] FAULT_INJECTION: forcing a failure. [ 890.168460] name failslab, interval 1, probability 0, space 0, times 0 [ 890.171843] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.171869] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 890.171881] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.171903] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.180956] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.182743] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.184598] CPU: 1 PID: 6453 Comm: syz-executor.1 Not tainted 5.10.233 #1 21:32:09 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 890.185831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.187526] Call Trace: [ 890.188007] dump_stack+0x107/0x167 [ 890.188644] should_fail.cold+0x5/0xa [ 890.189315] ? create_object.isra.0+0x3a/0xa20 [ 890.190112] should_failslab+0x5/0x20 [ 890.190782] kmem_cache_alloc+0x5b/0x310 [ 890.191467] create_object.isra.0+0x3a/0xa20 [ 890.192114] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 890.192849] kmem_cache_alloc_trace+0x151/0x320 [ 890.193522] ? io_async_queue_proc+0x80/0x80 [ 890.194157] percpu_ref_init+0xd8/0x3d0 [ 890.194738] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 890.195524] io_uring_setup+0x14f6/0x2980 [ 890.196137] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.196872] ? wait_for_completion_io+0x270/0x270 [ 890.197583] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.198340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.199083] do_syscall_64+0x33/0x40 [ 890.199617] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.200369] RIP: 0033:0x7f6039043b19 [ 890.200916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.203569] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.204683] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 890.205712] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.206732] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.207766] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.208059] FAULT_INJECTION: forcing a failure. [ 890.208059] name failslab, interval 1, probability 0, space 0, times 0 [ 890.208786] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.213214] CPU: 0 PID: 6455 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 890.214297] FAULT_INJECTION: forcing a failure. [ 890.214297] name failslab, interval 1, probability 0, space 0, times 0 [ 890.214777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.218227] Call Trace: [ 890.218833] dump_stack+0x107/0x167 [ 890.219680] should_fail.cold+0x5/0xa [ 890.220554] ? __alloc_file+0x21/0x320 [ 890.221447] should_failslab+0x5/0x20 [ 890.222319] kmem_cache_alloc+0x5b/0x310 [ 890.223252] __alloc_file+0x21/0x320 [ 890.224111] alloc_empty_file+0x6d/0x170 [ 890.225036] alloc_file+0x5e/0x5a0 [ 890.225850] alloc_file_pseudo+0x16a/0x250 [ 890.226813] ? alloc_file+0x5a0/0x5a0 [ 890.227707] anon_inode_getfile+0xc8/0x1f0 [ 890.228657] io_uring_setup+0x138b/0x2980 [ 890.229612] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.230785] ? wait_for_completion_io+0x270/0x270 [ 890.232154] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.233343] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.234511] do_syscall_64+0x33/0x40 [ 890.235352] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.236526] RIP: 0033:0x7fe43d50db19 [ 890.237374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.241566] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.243308] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 890.244933] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.246557] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.248186] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.249807] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.251456] CPU: 1 PID: 6452 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 890.252473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.253669] Call Trace: [ 890.254055] dump_stack+0x107/0x167 [ 890.254570] should_fail.cold+0x5/0xa [ 890.255128] ? create_object.isra.0+0x3a/0xa20 [ 890.255804] should_failslab+0x5/0x20 [ 890.256363] kmem_cache_alloc+0x5b/0x310 [ 890.256950] create_object.isra.0+0x3a/0xa20 [ 890.257591] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 890.258322] kmem_cache_alloc+0x159/0x310 [ 890.258932] __alloc_file+0x21/0x320 [ 890.259469] alloc_empty_file+0x6d/0x170 [ 890.260074] alloc_file+0x5e/0x5a0 [ 890.260594] alloc_file_pseudo+0x16a/0x250 [ 890.261215] ? alloc_file+0x5a0/0x5a0 [ 890.261781] anon_inode_getfile+0xc8/0x1f0 [ 890.262395] io_uring_setup+0x138b/0x2980 [ 890.263004] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.263753] ? wait_for_completion_io+0x270/0x270 [ 890.264477] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.265245] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.265987] do_syscall_64+0x33/0x40 [ 890.266528] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.267275] RIP: 0033:0x7fa304026b19 [ 890.267813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.270497] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.271605] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 890.272656] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.273687] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.273694] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.273702] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 25) [ 890.378245] FAULT_INJECTION: forcing a failure. 21:32:09 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 24) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 890.378245] name failslab, interval 1, probability 0, space 0, times 0 [ 890.381138] CPU: 0 PID: 6462 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 890.382698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.384618] Call Trace: [ 890.385217] dump_stack+0x107/0x167 [ 890.386037] should_fail.cold+0x5/0xa [ 890.386895] ? security_file_alloc+0x34/0x170 [ 890.387926] should_failslab+0x5/0x20 [ 890.388797] kmem_cache_alloc+0x5b/0x310 [ 890.389720] security_file_alloc+0x34/0x170 [ 890.390680] __alloc_file+0xb7/0x320 [ 890.391513] alloc_empty_file+0x6d/0x170 [ 890.392428] alloc_file+0x5e/0x5a0 [ 890.393229] alloc_file_pseudo+0x16a/0x250 [ 890.394181] ? alloc_file+0x5a0/0x5a0 [ 890.395047] anon_inode_getfile+0xc8/0x1f0 [ 890.396000] io_uring_setup+0x138b/0x2980 [ 890.396938] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.398072] ? wait_for_completion_io+0x270/0x270 [ 890.399171] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.400345] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.401496] do_syscall_64+0x33/0x40 [ 890.402322] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.403460] RIP: 0033:0x7fa304026b19 [ 890.404296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.408460] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.410194] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 890.410731] FAULT_INJECTION: forcing a failure. [ 890.410731] name failslab, interval 1, probability 0, space 0, times 0 21:32:09 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 21) [ 890.411808] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.411820] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.411831] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.411842] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.417762] CPU: 1 PID: 6466 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 890.418701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.419848] Call Trace: [ 890.420220] dump_stack+0x107/0x167 [ 890.420729] should_fail.cold+0x5/0xa [ 890.421268] ? __d_alloc+0x2a/0x990 [ 890.421774] should_failslab+0x5/0x20 [ 890.422298] kmem_cache_alloc+0x5b/0x310 [ 890.422862] __d_alloc+0x2a/0x990 [ 890.423346] ? find_held_lock+0x2c/0x110 [ 890.423919] d_alloc_pseudo+0x19/0x70 [ 890.424445] alloc_file_pseudo+0xce/0x250 [ 890.425030] ? trace_hardirqs_on+0x5b/0x180 [ 890.425628] ? alloc_file+0x5a0/0x5a0 [ 890.426168] anon_inode_getfile+0xc8/0x1f0 [ 890.426757] io_uring_setup+0x138b/0x2980 [ 890.427334] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.428056] ? wait_for_completion_io+0x270/0x270 [ 890.428742] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.429476] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.430199] do_syscall_64+0x33/0x40 [ 890.430716] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.431436] RIP: 0033:0x7f6039043b19 [ 890.431956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.434523] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.435582] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 890.436575] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.437560] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.438548] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.439536] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.442859] FAULT_INJECTION: forcing a failure. [ 890.442859] name failslab, interval 1, probability 0, space 0, times 0 [ 890.444506] CPU: 1 PID: 6465 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 890.445446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.446584] Call Trace: [ 890.446945] dump_stack+0x107/0x167 [ 890.447449] should_fail.cold+0x5/0xa [ 890.447985] ? create_object.isra.0+0x3a/0xa20 [ 890.448629] should_failslab+0x5/0x20 [ 890.449158] kmem_cache_alloc+0x5b/0x310 [ 890.449725] create_object.isra.0+0x3a/0xa20 [ 890.450340] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 890.451054] kmem_cache_alloc+0x159/0x310 [ 890.451635] __alloc_file+0x21/0x320 [ 890.452156] alloc_empty_file+0x6d/0x170 [ 890.452712] alloc_file+0x5e/0x5a0 [ 890.453212] alloc_file_pseudo+0x16a/0x250 [ 890.453798] ? alloc_file+0x5a0/0x5a0 [ 890.454336] anon_inode_getfile+0xc8/0x1f0 [ 890.454926] io_uring_setup+0x138b/0x2980 [ 890.455516] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.456224] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.456966] do_syscall_64+0x33/0x40 [ 890.457490] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.458195] RIP: 0033:0x7fa2b71a6b19 [ 890.458720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.461282] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.462343] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 890.463350] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.464352] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.465336] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.466323] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:09 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 24) [ 890.498488] FAULT_INJECTION: forcing a failure. [ 890.498488] name failslab, interval 1, probability 0, space 0, times 0 [ 890.501076] CPU: 0 PID: 6469 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 890.502595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.504445] Call Trace: [ 890.505041] dump_stack+0x107/0x167 [ 890.505856] should_fail.cold+0x5/0xa [ 890.506717] ? create_object.isra.0+0x3a/0xa20 [ 890.507743] should_failslab+0x5/0x20 [ 890.508600] kmem_cache_alloc+0x5b/0x310 [ 890.509510] create_object.isra.0+0x3a/0xa20 [ 890.510484] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 890.511614] kmem_cache_alloc+0x159/0x310 [ 890.512545] __alloc_file+0x21/0x320 [ 890.513375] alloc_empty_file+0x6d/0x170 [ 890.514285] alloc_file+0x5e/0x5a0 [ 890.515074] alloc_file_pseudo+0x16a/0x250 [ 890.516017] ? alloc_file+0x5a0/0x5a0 [ 890.516876] anon_inode_getfile+0xc8/0x1f0 [ 890.517817] io_uring_setup+0x138b/0x2980 [ 890.518746] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.519879] ? wait_for_completion_io+0x270/0x270 [ 890.520995] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.522170] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.523320] do_syscall_64+0x33/0x40 [ 890.524157] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.525302] RIP: 0033:0x7fe43d50db19 [ 890.526124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.530224] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.532014] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 890.534025] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.536002] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.537634] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.539325] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:09 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 25) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 26) [ 890.642922] FAULT_INJECTION: forcing a failure. [ 890.642922] name failslab, interval 1, probability 0, space 0, times 0 [ 890.644664] CPU: 1 PID: 6473 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 890.645752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.647167] Call Trace: [ 890.647650] dump_stack+0x107/0x167 [ 890.648325] should_fail.cold+0x5/0xa [ 890.649015] ? security_file_alloc+0x34/0x170 [ 890.649826] should_failslab+0x5/0x20 [ 890.650475] kmem_cache_alloc+0x5b/0x310 [ 890.651156] security_file_alloc+0x34/0x170 [ 890.651912] __alloc_file+0xb7/0x320 [ 890.652579] alloc_empty_file+0x6d/0x170 [ 890.653311] alloc_file+0x5e/0x5a0 [ 890.654004] alloc_file_pseudo+0x16a/0x250 [ 890.654768] ? alloc_file+0x5a0/0x5a0 [ 890.655469] anon_inode_getfile+0xc8/0x1f0 [ 890.656247] io_uring_setup+0x138b/0x2980 [ 890.657004] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.657925] ? wait_for_completion_io+0x270/0x270 [ 890.658813] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.659775] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.660710] do_syscall_64+0x33/0x40 [ 890.661391] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.662326] RIP: 0033:0x7fa304026b19 [ 890.662999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.666324] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.667718] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 890.669015] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.670302] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.671594] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.672903] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:09 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 22) [ 890.678432] FAULT_INJECTION: forcing a failure. [ 890.678432] name failslab, interval 1, probability 0, space 0, times 0 [ 890.680464] CPU: 1 PID: 6474 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 890.681610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.682937] Call Trace: [ 890.683332] dump_stack+0x107/0x167 [ 890.683867] should_fail.cold+0x5/0xa [ 890.684419] ? security_file_alloc+0x34/0x170 [ 890.685069] should_failslab+0x5/0x20 [ 890.685619] kmem_cache_alloc+0x5b/0x310 [ 890.686209] security_file_alloc+0x34/0x170 [ 890.686834] __alloc_file+0xb7/0x320 [ 890.687386] alloc_empty_file+0x6d/0x170 [ 890.687987] alloc_file+0x5e/0x5a0 [ 890.688507] alloc_file_pseudo+0x16a/0x250 [ 890.689119] ? alloc_file+0x5a0/0x5a0 [ 890.689674] ? anon_inode_getfile+0x1a/0x1f0 [ 890.690313] anon_inode_getfile+0xc8/0x1f0 [ 890.690928] io_uring_setup+0x138b/0x2980 [ 890.691533] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.692280] ? wait_for_completion_io+0x270/0x270 [ 890.692992] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.693772] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.694528] do_syscall_64+0x33/0x40 [ 890.695065] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.695816] RIP: 0033:0x7fa2b71a6b19 [ 890.696355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.699036] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.700155] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 890.701201] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.701456] FAULT_INJECTION: forcing a failure. [ 890.701456] name failslab, interval 1, probability 0, space 0, times 0 [ 890.702240] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.702248] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.702256] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 890.711583] CPU: 0 PID: 6476 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 890.713480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 890.715774] Call Trace: [ 890.716526] dump_stack+0x107/0x167 [ 890.717543] should_fail.cold+0x5/0xa [ 890.718614] ? create_object.isra.0+0x3a/0xa20 [ 890.719890] should_failslab+0x5/0x20 [ 890.720946] kmem_cache_alloc+0x5b/0x310 [ 890.722062] create_object.isra.0+0x3a/0xa20 [ 890.723259] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 890.724657] kmem_cache_alloc+0x159/0x310 [ 890.725785] __d_alloc+0x2a/0x990 [ 890.726803] ? find_held_lock+0x2c/0x110 [ 890.727954] d_alloc_pseudo+0x19/0x70 [ 890.729007] alloc_file_pseudo+0xce/0x250 [ 890.730142] ? trace_hardirqs_on+0x5b/0x180 [ 890.731321] ? alloc_file+0x5a0/0x5a0 [ 890.732392] anon_inode_getfile+0xc8/0x1f0 [ 890.733564] io_uring_setup+0x138b/0x2980 [ 890.734717] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 890.736099] ? wait_for_completion_io+0x270/0x270 [ 890.737378] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 890.738720] ? syscall_enter_from_user_mode+0x1d/0x50 [ 890.739912] do_syscall_64+0x33/0x40 [ 890.740758] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 890.741935] RIP: 0033:0x7f6039043b19 [ 890.742906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 890.747974] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 890.750062] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 890.752035] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 890.753980] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 890.755933] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 890.757881] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:26 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 26) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 23) 21:32:26 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 27) 21:32:26 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:26 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:26 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:26 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:26 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 25) [ 907.292949] FAULT_INJECTION: forcing a failure. [ 907.292949] name failslab, interval 1, probability 0, space 0, times 0 [ 907.295503] CPU: 0 PID: 6491 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 907.297023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.298852] Call Trace: [ 907.298934] FAULT_INJECTION: forcing a failure. [ 907.298934] name failslab, interval 1, probability 0, space 0, times 0 [ 907.299437] dump_stack+0x107/0x167 [ 907.299460] should_fail.cold+0x5/0xa [ 907.299491] ? create_object.isra.0+0x3a/0xa20 [ 907.304800] should_failslab+0x5/0x20 [ 907.305641] kmem_cache_alloc+0x5b/0x310 [ 907.306537] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 907.307753] create_object.isra.0+0x3a/0xa20 [ 907.308729] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.309854] kmem_cache_alloc+0x159/0x310 [ 907.310775] security_file_alloc+0x34/0x170 [ 907.311725] __alloc_file+0xb7/0x320 [ 907.312557] alloc_empty_file+0x6d/0x170 [ 907.313452] alloc_file+0x5e/0x5a0 [ 907.314238] alloc_file_pseudo+0x16a/0x250 [ 907.315168] ? alloc_file+0x5a0/0x5a0 [ 907.316024] anon_inode_getfile+0xc8/0x1f0 [ 907.316972] io_uring_setup+0x138b/0x2980 [ 907.317891] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.319007] ? wait_for_completion_io+0x270/0x270 [ 907.320096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.321261] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.322400] do_syscall_64+0x33/0x40 [ 907.323220] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.324358] RIP: 0033:0x7fa304026b19 [ 907.325177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.329239] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.330915] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 907.332501] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.334073] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.335647] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.337228] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.338835] CPU: 1 PID: 6498 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 907.340521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.342465] Call Trace: [ 907.343111] dump_stack+0x107/0x167 [ 907.343965] should_fail.cold+0x5/0xa [ 907.344873] ? create_object.isra.0+0x3a/0xa20 [ 907.345953] should_failslab+0x5/0x20 [ 907.346846] kmem_cache_alloc+0x5b/0x310 [ 907.347815] create_object.isra.0+0x3a/0xa20 [ 907.348858] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.350061] kmem_cache_alloc+0x159/0x310 [ 907.351055] __d_alloc+0x2a/0x990 [ 907.351866] ? find_held_lock+0x2c/0x110 [ 907.352832] d_alloc_pseudo+0x19/0x70 [ 907.353729] alloc_file_pseudo+0xce/0x250 [ 907.354698] ? trace_hardirqs_on+0x5b/0x180 [ 907.355720] ? alloc_file+0x5a0/0x5a0 [ 907.356646] anon_inode_getfile+0xc8/0x1f0 [ 907.357645] io_uring_setup+0x138b/0x2980 [ 907.358627] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.359832] ? wait_for_completion_io+0x270/0x270 [ 907.361018] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.362251] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.363470] do_syscall_64+0x33/0x40 [ 907.364361] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.365560] RIP: 0033:0x7f6039043b19 [ 907.365581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.365592] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.367894] FAULT_INJECTION: forcing a failure. [ 907.367894] name failslab, interval 1, probability 0, space 0, times 0 [ 907.370742] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 907.370755] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.370766] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.370777] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.370788] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.383636] CPU: 0 PID: 6502 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 907.385157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.386994] Call Trace: [ 907.387594] dump_stack+0x107/0x167 [ 907.388421] should_fail.cold+0x5/0xa [ 907.389271] ? create_object.isra.0+0x3a/0xa20 [ 907.390286] ? create_object.isra.0+0x3a/0xa20 [ 907.391306] should_failslab+0x5/0x20 [ 907.392154] kmem_cache_alloc+0x5b/0x310 [ 907.393069] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 907.394291] create_object.isra.0+0x3a/0xa20 [ 907.395266] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.396413] kmem_cache_alloc+0x159/0x310 [ 907.397343] security_file_alloc+0x34/0x170 [ 907.398303] __alloc_file+0xb7/0x320 [ 907.399132] alloc_empty_file+0x6d/0x170 [ 907.400036] alloc_file+0x5e/0x5a0 [ 907.400847] alloc_file_pseudo+0x16a/0x250 [ 907.401787] ? alloc_file+0x5a0/0x5a0 [ 907.402654] anon_inode_getfile+0xc8/0x1f0 [ 907.403601] io_uring_setup+0x138b/0x2980 [ 907.404551] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.405680] ? wait_for_completion_io+0x270/0x270 [ 907.406777] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.407939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.409098] do_syscall_64+0x33/0x40 [ 907.410041] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.411336] RIP: 0033:0x7fa2b71a6b19 [ 907.412322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.416697] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.418382] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 907.419962] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.421657] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.423236] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.424830] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.469161] FAULT_INJECTION: forcing a failure. [ 907.469161] name failslab, interval 1, probability 0, space 0, times 0 [ 907.471933] CPU: 1 PID: 6489 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 907.473641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.475642] Call Trace: [ 907.476259] dump_stack+0x107/0x167 [ 907.477121] should_fail.cold+0x5/0xa [ 907.478005] ? security_file_alloc+0x34/0x170 [ 907.479039] should_failslab+0x5/0x20 [ 907.479917] kmem_cache_alloc+0x5b/0x310 [ 907.480886] security_file_alloc+0x34/0x170 [ 907.481889] __alloc_file+0xb7/0x320 [ 907.482752] alloc_empty_file+0x6d/0x170 [ 907.483693] alloc_file+0x5e/0x5a0 [ 907.484571] alloc_file_pseudo+0x16a/0x250 [ 907.485561] ? alloc_file+0x5a0/0x5a0 [ 907.486472] anon_inode_getfile+0xc8/0x1f0 [ 907.487463] io_uring_setup+0x138b/0x2980 [ 907.488599] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.489966] ? wait_for_completion_io+0x270/0x270 [ 907.491333] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.492801] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.494228] do_syscall_64+0x33/0x40 [ 907.495259] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.496613] RIP: 0033:0x7fe43d50db19 [ 907.497518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.501803] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.503544] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 907.505194] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.506842] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.508486] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.510123] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:26 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:26 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 28) 21:32:26 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 26) 21:32:26 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 27) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 24) [ 907.759969] FAULT_INJECTION: forcing a failure. [ 907.759969] name failslab, interval 1, probability 0, space 0, times 0 [ 907.763017] CPU: 0 PID: 6513 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 907.764869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.767117] Call Trace: [ 907.767868] dump_stack+0x107/0x167 [ 907.768859] should_fail.cold+0x5/0xa [ 907.769845] ? io_uring_alloc_task_context+0x99/0x6a0 [ 907.771201] should_failslab+0x5/0x20 [ 907.772202] kmem_cache_alloc_trace+0x55/0x320 [ 907.773421] io_uring_alloc_task_context+0x99/0x6a0 [ 907.774719] ? io_import_iovec+0x1120/0x1120 [ 907.775048] FAULT_INJECTION: forcing a failure. [ 907.775048] name failslab, interval 1, probability 0, space 0, times 0 [ 907.775872] ? lock_downgrade+0x6d0/0x6d0 [ 907.775894] ? do_raw_spin_lock+0x121/0x260 [ 907.775916] ? rwlock_bug.part.0+0x90/0x90 [ 907.775950] __io_uring_add_tctx_node+0x2c6/0x520 [ 907.783321] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 907.784677] ? alloc_fd+0x2e7/0x670 [ 907.785617] io_uring_setup+0x1fbb/0x2980 [ 907.786674] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.787984] ? wait_for_completion_io+0x270/0x270 [ 907.789261] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.790509] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.791878] do_syscall_64+0x33/0x40 [ 907.792825] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.794107] RIP: 0033:0x7fa304026b19 [ 907.795054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.799434] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.801398] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 907.803245] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.805082] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.806947] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.808825] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.810730] CPU: 1 PID: 6514 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 907.812391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.814278] Call Trace: [ 907.814889] dump_stack+0x107/0x167 [ 907.815717] should_fail.cold+0x5/0xa [ 907.816659] ? create_object.isra.0+0x3a/0xa20 [ 907.817712] should_failslab+0x5/0x20 [ 907.818588] kmem_cache_alloc+0x5b/0x310 [ 907.819522] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 907.820801] create_object.isra.0+0x3a/0xa20 [ 907.821809] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.822974] kmem_cache_alloc+0x159/0x310 [ 907.823929] security_file_alloc+0x34/0x170 [ 907.824928] __alloc_file+0xb7/0x320 [ 907.825779] alloc_empty_file+0x6d/0x170 [ 907.826706] alloc_file+0x5e/0x5a0 [ 907.827523] alloc_file_pseudo+0x16a/0x250 [ 907.828494] ? alloc_file+0x5a0/0x5a0 [ 907.829379] anon_inode_getfile+0xc8/0x1f0 [ 907.830364] io_uring_setup+0x138b/0x2980 [ 907.831328] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.832506] ? wait_for_completion_io+0x270/0x270 [ 907.833632] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.834826] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.836007] do_syscall_64+0x33/0x40 [ 907.836868] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.838046] RIP: 0033:0x7fe43d50db19 [ 907.838903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.843013] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.844785] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 907.846432] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.848075] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.849731] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.851364] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.864389] FAULT_INJECTION: forcing a failure. [ 907.864389] name failslab, interval 1, probability 0, space 0, times 0 [ 907.866978] CPU: 1 PID: 6518 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 907.868460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.870229] Call Trace: [ 907.870795] dump_stack+0x107/0x167 [ 907.871585] should_fail.cold+0x5/0xa [ 907.872414] ? create_object.isra.0+0x3a/0xa20 [ 907.873393] should_failslab+0x5/0x20 [ 907.874206] kmem_cache_alloc+0x5b/0x310 [ 907.875076] create_object.isra.0+0x3a/0xa20 [ 907.876010] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.877187] kmem_cache_alloc+0x159/0x310 [ 907.878083] __alloc_file+0x21/0x320 [ 907.878876] alloc_empty_file+0x6d/0x170 [ 907.879745] alloc_file+0x5e/0x5a0 [ 907.880518] alloc_file_pseudo+0x16a/0x250 [ 907.880638] FAULT_INJECTION: forcing a failure. [ 907.880638] name failslab, interval 1, probability 0, space 0, times 0 [ 907.881409] ? alloc_file+0x5a0/0x5a0 [ 907.881443] anon_inode_getfile+0xc8/0x1f0 [ 907.881467] io_uring_setup+0x138b/0x2980 [ 907.881498] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.888236] ? wait_for_completion_io+0x270/0x270 [ 907.889316] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.890460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.891613] do_syscall_64+0x33/0x40 [ 907.892441] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.893561] RIP: 0033:0x7f6039043b19 [ 907.894378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.898446] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.900065] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 907.901785] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.903572] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.905425] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.907472] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 907.909539] CPU: 0 PID: 6517 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 907.911118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.912986] Call Trace: [ 907.913583] dump_stack+0x107/0x167 [ 907.914401] should_fail.cold+0x5/0xa [ 907.915256] ? io_uring_alloc_task_context+0x99/0x6a0 [ 907.916425] should_failslab+0x5/0x20 [ 907.917279] kmem_cache_alloc_trace+0x55/0x320 [ 907.918309] io_uring_alloc_task_context+0x99/0x6a0 [ 907.919421] ? io_import_iovec+0x1120/0x1120 [ 907.920440] ? lock_downgrade+0x6d0/0x6d0 [ 907.921369] ? do_raw_spin_lock+0x121/0x260 [ 907.922324] ? rwlock_bug.part.0+0x90/0x90 [ 907.923276] __io_uring_add_tctx_node+0x2c6/0x520 [ 907.924368] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 907.925541] ? alloc_fd+0x2e7/0x670 [ 907.926362] io_uring_setup+0x1fbb/0x2980 [ 907.927300] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 907.928453] ? wait_for_completion_io+0x270/0x270 [ 907.929565] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.930758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.931916] do_syscall_64+0x33/0x40 [ 907.932762] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 907.933913] RIP: 0033:0x7fa2b71a6b19 [ 907.934748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.938889] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.940608] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 907.942209] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 907.943812] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 907.945429] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 907.947028] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:26 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 25) 21:32:26 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 29) 21:32:26 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 27) [ 908.040927] FAULT_INJECTION: forcing a failure. [ 908.040927] name failslab, interval 1, probability 0, space 0, times 0 [ 908.042353] CPU: 1 PID: 6523 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 908.043155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.044133] Call Trace: [ 908.044453] dump_stack+0x107/0x167 [ 908.044882] should_fail.cold+0x5/0xa [ 908.045326] ? security_file_alloc+0x34/0x170 [ 908.045851] should_failslab+0x5/0x20 [ 908.046300] kmem_cache_alloc+0x5b/0x310 [ 908.046772] security_file_alloc+0x34/0x170 [ 908.047276] __alloc_file+0xb7/0x320 [ 908.047708] alloc_empty_file+0x6d/0x170 [ 908.048186] alloc_file+0x5e/0x5a0 [ 908.048611] alloc_file_pseudo+0x16a/0x250 [ 908.049101] ? alloc_file+0x5a0/0x5a0 [ 908.049553] anon_inode_getfile+0xc8/0x1f0 [ 908.050048] io_uring_setup+0x138b/0x2980 [ 908.050536] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.051133] ? wait_for_completion_io+0x270/0x270 [ 908.051717] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.052337] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.052940] do_syscall_64+0x33/0x40 [ 908.053375] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.053975] RIP: 0033:0x7f6039043b19 [ 908.054409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.056585] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.057479] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 908.058317] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.059154] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.059986] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.060830] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.066342] FAULT_INJECTION: forcing a failure. [ 908.066342] name failslab, interval 1, probability 0, space 0, times 0 [ 908.067648] CPU: 1 PID: 6525 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 908.068454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.069428] Call Trace: [ 908.069739] dump_stack+0x107/0x167 [ 908.070161] should_fail.cold+0x5/0xa [ 908.070609] ? create_object.isra.0+0x3a/0xa20 [ 908.071144] should_failslab+0x5/0x20 [ 908.071591] kmem_cache_alloc+0x5b/0x310 [ 908.072065] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 908.072718] create_object.isra.0+0x3a/0xa20 [ 908.073243] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 908.073838] kmem_cache_alloc+0x159/0x310 [ 908.074319] security_file_alloc+0x34/0x170 [ 908.074822] __alloc_file+0xb7/0x320 [ 908.075259] alloc_empty_file+0x6d/0x170 [ 908.075733] alloc_file+0x5e/0x5a0 [ 908.076146] alloc_file_pseudo+0x16a/0x250 [ 908.076645] ? alloc_file+0x5a0/0x5a0 [ 908.077098] anon_inode_getfile+0xc8/0x1f0 [ 908.077597] io_uring_setup+0x138b/0x2980 [ 908.078085] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.078684] ? wait_for_completion_io+0x270/0x270 [ 908.079256] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.079868] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.080484] do_syscall_64+0x33/0x40 [ 908.080917] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.081510] RIP: 0033:0x7fe43d50db19 [ 908.081953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.084102] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.084996] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 908.085824] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.086672] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.087509] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.088349] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:27 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 26) [ 908.116787] FAULT_INJECTION: forcing a failure. [ 908.116787] name failslab, interval 1, probability 0, space 0, times 0 [ 908.118120] CPU: 1 PID: 6529 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 908.118901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.119843] Call Trace: [ 908.120148] dump_stack+0x107/0x167 [ 908.120569] should_fail.cold+0x5/0xa [ 908.121001] ? create_object.isra.0+0x3a/0xa20 [ 908.121517] should_failslab+0x5/0x20 [ 908.121947] kmem_cache_alloc+0x5b/0x310 [ 908.122409] create_object.isra.0+0x3a/0xa20 [ 908.122903] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 908.123476] kmem_cache_alloc_trace+0x151/0x320 [ 908.124005] io_uring_alloc_task_context+0x99/0x6a0 [ 908.124573] ? io_import_iovec+0x1120/0x1120 [ 908.125071] ? lock_downgrade+0x6d0/0x6d0 [ 908.125537] ? do_raw_spin_lock+0x121/0x260 [ 908.126020] ? rwlock_bug.part.0+0x90/0x90 [ 908.126503] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.127045] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.127633] ? alloc_fd+0x2e7/0x670 [ 908.128060] io_uring_setup+0x1fbb/0x2980 [ 908.128562] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.129135] ? wait_for_completion_io+0x270/0x270 [ 908.129706] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.130297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.130878] do_syscall_64+0x33/0x40 [ 908.131298] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.131877] RIP: 0033:0x7fa304026b19 [ 908.132305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.134377] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.135235] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 908.136042] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.136851] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.137661] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.138469] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:27 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 28) [ 908.172521] FAULT_INJECTION: forcing a failure. [ 908.172521] name failslab, interval 1, probability 0, space 0, times 0 [ 908.173836] CPU: 1 PID: 6532 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 908.174612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.175553] Call Trace: [ 908.175857] dump_stack+0x107/0x167 [ 908.176270] should_fail.cold+0x5/0xa [ 908.176720] ? security_file_alloc+0x34/0x170 [ 908.177231] should_failslab+0x5/0x20 [ 908.177671] kmem_cache_alloc+0x5b/0x310 [ 908.178133] security_file_alloc+0x34/0x170 [ 908.178627] __alloc_file+0xb7/0x320 [ 908.179047] alloc_empty_file+0x6d/0x170 [ 908.179508] alloc_file+0x5e/0x5a0 [ 908.179906] alloc_file_pseudo+0x16a/0x250 [ 908.180393] ? alloc_file+0x5a0/0x5a0 [ 908.180833] anon_inode_getfile+0xc8/0x1f0 [ 908.181318] io_uring_setup+0x138b/0x2980 [ 908.181788] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.182365] ? wait_for_completion_io+0x270/0x270 [ 908.182925] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.183518] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.184095] do_syscall_64+0x33/0x40 [ 908.184526] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.185106] RIP: 0033:0x7f6039043b19 [ 908.185532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.187616] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.188485] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 908.189297] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.190104] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.190919] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.191730] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.195954] FAULT_INJECTION: forcing a failure. [ 908.195954] name failslab, interval 1, probability 0, space 0, times 0 [ 908.197248] CPU: 1 PID: 6534 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 908.198014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.198963] Call Trace: [ 908.199263] dump_stack+0x107/0x167 [ 908.199678] should_fail.cold+0x5/0xa [ 908.200109] ? io_uring_alloc_task_context+0x99/0x6a0 [ 908.200701] should_failslab+0x5/0x20 [ 908.201130] kmem_cache_alloc_trace+0x55/0x320 [ 908.201650] io_uring_alloc_task_context+0x99/0x6a0 [ 908.202212] ? io_import_iovec+0x1120/0x1120 [ 908.202707] ? lock_downgrade+0x6d0/0x6d0 [ 908.203174] ? do_raw_spin_lock+0x121/0x260 [ 908.203660] ? rwlock_bug.part.0+0x90/0x90 [ 908.204141] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.204689] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.205281] ? alloc_fd+0x2e7/0x670 [ 908.205700] io_uring_setup+0x1fbb/0x2980 [ 908.206172] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.206741] ? wait_for_completion_io+0x270/0x270 [ 908.207294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.207883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.208469] do_syscall_64+0x33/0x40 [ 908.208889] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.209463] RIP: 0033:0x7fe43d50db19 [ 908.209883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.211958] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.212841] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 908.213648] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.214451] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.215255] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.216057] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:27 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:27 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 27) 21:32:27 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 30) 21:32:27 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 28) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:27 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 29) [ 908.288889] FAULT_INJECTION: forcing a failure. [ 908.288889] name failslab, interval 1, probability 0, space 0, times 0 [ 908.290233] CPU: 1 PID: 6542 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 908.291002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.292025] Call Trace: [ 908.292430] dump_stack+0x107/0x167 [ 908.292882] should_fail.cold+0x5/0xa [ 908.293392] ? io_uring_alloc_task_context+0x99/0x6a0 [ 908.294003] should_failslab+0x5/0x20 [ 908.294443] kmem_cache_alloc_trace+0x55/0x320 [ 908.294966] io_uring_alloc_task_context+0x99/0x6a0 [ 908.295533] ? io_import_iovec+0x1120/0x1120 [ 908.296051] ? lock_downgrade+0x6d0/0x6d0 [ 908.296554] ? do_raw_spin_lock+0x121/0x260 [ 908.297048] ? rwlock_bug.part.0+0x90/0x90 [ 908.297551] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.298125] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.298720] ? alloc_fd+0x2e7/0x670 [ 908.299152] io_uring_setup+0x1fbb/0x2980 [ 908.299624] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.300243] ? wait_for_completion_io+0x270/0x270 [ 908.300887] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.301565] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.302229] do_syscall_64+0x33/0x40 [ 908.302651] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.303234] RIP: 0033:0x7f6039043b19 [ 908.303656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.305542] FAULT_INJECTION: forcing a failure. [ 908.305542] name failslab, interval 1, probability 0, space 0, times 0 [ 908.305771] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.305785] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 908.305791] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.305798] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.305814] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.312535] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.313410] CPU: 0 PID: 6545 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 908.315003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.316941] Call Trace: [ 908.317548] dump_stack+0x107/0x167 [ 908.318072] FAULT_INJECTION: forcing a failure. [ 908.318072] name failslab, interval 1, probability 0, space 0, times 0 [ 908.318382] should_fail.cold+0x5/0xa [ 908.318406] ? io_uring_alloc_task_context+0x99/0x6a0 [ 908.318432] should_failslab+0x5/0x20 [ 908.322618] kmem_cache_alloc_trace+0x55/0x320 [ 908.323678] io_uring_alloc_task_context+0x99/0x6a0 [ 908.324831] ? io_import_iovec+0x1120/0x1120 [ 908.325859] ? lock_downgrade+0x6d0/0x6d0 [ 908.326816] ? do_raw_spin_lock+0x121/0x260 [ 908.327817] ? rwlock_bug.part.0+0x90/0x90 [ 908.328811] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.329912] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.331126] ? alloc_fd+0x2e7/0x670 [ 908.331984] io_uring_setup+0x1fbb/0x2980 [ 908.332975] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.334136] ? wait_for_completion_io+0x270/0x270 [ 908.335190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.336263] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.337328] do_syscall_64+0x33/0x40 [ 908.338100] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.339135] RIP: 0033:0x7fa2b71a6b19 [ 908.339884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.343737] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.345299] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 908.346749] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.348204] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.349673] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.351122] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.352601] CPU: 1 PID: 6547 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 908.353393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.354362] Call Trace: [ 908.354667] dump_stack+0x107/0x167 [ 908.355079] should_fail.cold+0x5/0xa [ 908.355519] ? create_object.isra.0+0x3a/0xa20 [ 908.356035] should_failslab+0x5/0x20 [ 908.356483] kmem_cache_alloc+0x5b/0x310 [ 908.356946] create_object.isra.0+0x3a/0xa20 [ 908.357448] kmemleak_alloc_percpu+0xa0/0x100 [ 908.357957] pcpu_alloc+0x4e2/0x1240 [ 908.358395] __percpu_counter_init+0x10d/0x2d0 [ 908.358928] io_uring_alloc_task_context+0xcc/0x6a0 [ 908.359499] ? io_import_iovec+0x1120/0x1120 [ 908.359999] ? lock_downgrade+0x6d0/0x6d0 [ 908.360475] ? do_raw_spin_lock+0x121/0x260 [ 908.360969] ? rwlock_bug.part.0+0x90/0x90 [ 908.361456] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.362004] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.362600] ? alloc_fd+0x2e7/0x670 [ 908.363032] io_uring_setup+0x1fbb/0x2980 [ 908.363503] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.364074] ? wait_for_completion_io+0x270/0x270 [ 908.364640] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.365240] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.365830] do_syscall_64+0x33/0x40 [ 908.366248] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.366834] RIP: 0033:0x7fa304026b19 [ 908.367266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.369378] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.370247] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 908.371058] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.371867] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.372683] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.373495] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.377627] FAULT_INJECTION: forcing a failure. [ 908.377627] name failslab, interval 1, probability 0, space 0, times 0 [ 908.378999] CPU: 1 PID: 6548 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 908.379786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.380764] Call Trace: [ 908.381066] dump_stack+0x107/0x167 [ 908.381489] should_fail.cold+0x5/0xa [ 908.381927] ? create_object.isra.0+0x3a/0xa20 [ 908.382456] should_failslab+0x5/0x20 [ 908.382889] kmem_cache_alloc+0x5b/0x310 [ 908.383359] create_object.isra.0+0x3a/0xa20 [ 908.383870] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 908.384459] kmem_cache_alloc_trace+0x151/0x320 [ 908.385003] io_uring_alloc_task_context+0x99/0x6a0 [ 908.385574] ? io_import_iovec+0x1120/0x1120 [ 908.386076] ? lock_downgrade+0x6d0/0x6d0 [ 908.386551] ? do_raw_spin_lock+0x121/0x260 [ 908.387049] ? rwlock_bug.part.0+0x90/0x90 [ 908.387544] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.388105] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.388710] ? alloc_fd+0x2e7/0x670 [ 908.389135] io_uring_setup+0x1fbb/0x2980 [ 908.389613] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.390201] ? wait_for_completion_io+0x270/0x270 [ 908.390765] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.391373] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.391959] do_syscall_64+0x33/0x40 [ 908.392403] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.392984] RIP: 0033:0x7fe43d50db19 [ 908.393419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.395550] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.396426] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 908.397241] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.398058] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.398887] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.399700] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:27 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 30) 21:32:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 28) 21:32:27 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 31) [ 908.469143] FAULT_INJECTION: forcing a failure. [ 908.469143] name failslab, interval 1, probability 0, space 0, times 0 [ 908.470577] CPU: 1 PID: 6551 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 908.471355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.472307] Call Trace: [ 908.472618] dump_stack+0x107/0x167 [ 908.473036] should_fail.cold+0x5/0xa [ 908.473479] ? create_object.isra.0+0x3a/0xa20 [ 908.474006] should_failslab+0x5/0x20 [ 908.474445] kmem_cache_alloc+0x5b/0x310 [ 908.474912] create_object.isra.0+0x3a/0xa20 [ 908.475417] kmemleak_alloc_percpu+0xa0/0x100 [ 908.475927] pcpu_alloc+0x4e2/0x1240 [ 908.476366] __percpu_counter_init+0x10d/0x2d0 [ 908.476889] io_uring_alloc_task_context+0xcc/0x6a0 [ 908.477456] ? io_import_iovec+0x1120/0x1120 [ 908.477973] ? lock_downgrade+0x6d0/0x6d0 [ 908.478443] ? do_raw_spin_lock+0x121/0x260 [ 908.478932] ? rwlock_bug.part.0+0x90/0x90 [ 908.479414] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.479966] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.480570] ? alloc_fd+0x2e7/0x670 [ 908.480993] io_uring_setup+0x1fbb/0x2980 [ 908.481470] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.482052] ? wait_for_completion_io+0x270/0x270 [ 908.482611] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.483207] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.483797] do_syscall_64+0x33/0x40 [ 908.484236] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.484829] RIP: 0033:0x7fe43d50db19 [ 908.485259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.487355] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.488223] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 908.489044] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.489858] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.490670] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.491481] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.513288] FAULT_INJECTION: forcing a failure. [ 908.513288] name failslab, interval 1, probability 0, space 0, times 0 [ 908.515664] CPU: 0 PID: 6554 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 908.517009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.518634] Call Trace: [ 908.519149] dump_stack+0x107/0x167 [ 908.519857] should_fail.cold+0x5/0xa [ 908.520608] ? io_uring_alloc_task_context+0x99/0x6a0 [ 908.521621] should_failslab+0x5/0x20 [ 908.522366] kmem_cache_alloc_trace+0x55/0x320 [ 908.523260] io_uring_alloc_task_context+0x99/0x6a0 [ 908.524236] ? io_import_iovec+0x1120/0x1120 [ 908.525105] ? lock_downgrade+0x6d0/0x6d0 [ 908.525910] ? do_raw_spin_lock+0x121/0x260 [ 908.526759] ? rwlock_bug.part.0+0x90/0x90 [ 908.527590] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.528542] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.529571] ? alloc_fd+0x2e7/0x670 [ 908.530297] io_uring_setup+0x1fbb/0x2980 [ 908.531107] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.532100] ? wait_for_completion_io+0x270/0x270 [ 908.533065] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.534091] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.535101] do_syscall_64+0x33/0x40 [ 908.535835] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.536843] RIP: 0033:0x7f6039043b19 [ 908.537572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.541148] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.542634] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 908.544023] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.545431] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.546811] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.548201] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 908.567875] FAULT_INJECTION: forcing a failure. [ 908.567875] name failslab, interval 1, probability 0, space 0, times 0 [ 908.570194] CPU: 0 PID: 6556 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 908.571543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 908.573180] Call Trace: [ 908.573714] dump_stack+0x107/0x167 [ 908.574433] should_fail.cold+0x5/0xa [ 908.575185] ? create_object.isra.0+0x3a/0xa20 [ 908.576090] should_failslab+0x5/0x20 [ 908.576847] kmem_cache_alloc+0x5b/0x310 [ 908.577652] create_object.isra.0+0x3a/0xa20 [ 908.578527] kmemleak_alloc_percpu+0xa0/0x100 [ 908.579425] pcpu_alloc+0x4e2/0x1240 [ 908.580174] __percpu_counter_init+0x10d/0x2d0 [ 908.581093] io_uring_alloc_task_context+0xcc/0x6a0 [ 908.582070] ? io_import_iovec+0x1120/0x1120 [ 908.582940] ? lock_downgrade+0x6d0/0x6d0 [ 908.583750] ? do_raw_spin_lock+0x121/0x260 [ 908.584603] ? rwlock_bug.part.0+0x90/0x90 [ 908.585437] __io_uring_add_tctx_node+0x2c6/0x520 [ 908.586382] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 908.587419] ? alloc_fd+0x2e7/0x670 [ 908.588139] io_uring_setup+0x1fbb/0x2980 [ 908.588976] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 908.589982] ? wait_for_completion_io+0x270/0x270 [ 908.590948] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 908.591969] ? syscall_enter_from_user_mode+0x1d/0x50 [ 908.592995] do_syscall_64+0x33/0x40 [ 908.593727] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 908.594742] RIP: 0033:0x7fa304026b19 [ 908.595486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.599120] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 908.600627] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 908.602026] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 908.603270] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 908.604500] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 908.605710] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:40 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 32) 21:32:40 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:40 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 29) 21:32:40 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 31) 21:32:40 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:40 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 29) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:40 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:40 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 922.073784] FAULT_INJECTION: forcing a failure. [ 922.073784] name failslab, interval 1, probability 0, space 0, times 0 [ 922.076225] CPU: 1 PID: 6579 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 922.077670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.079392] Call Trace: [ 922.079943] dump_stack+0x107/0x167 [ 922.080704] should_fail.cold+0x5/0xa [ 922.081508] ? create_object.isra.0+0x3a/0xa20 [ 922.082464] should_failslab+0x5/0x20 [ 922.083263] kmem_cache_alloc+0x5b/0x310 [ 922.084135] create_object.isra.0+0x3a/0xa20 [ 922.085067] kmemleak_alloc_percpu+0xa0/0x100 [ 922.086014] pcpu_alloc+0x4e2/0x1240 [ 922.086812] __percpu_counter_init+0x10d/0x2d0 [ 922.087765] io_uring_alloc_task_context+0xcc/0x6a0 [ 922.088816] ? io_import_iovec+0x1120/0x1120 [ 922.089744] ? lock_downgrade+0x6d0/0x6d0 [ 922.090611] ? do_raw_spin_lock+0x121/0x260 [ 922.091512] ? rwlock_bug.part.0+0x90/0x90 [ 922.092404] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.093428] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.094526] ? alloc_fd+0x2e7/0x670 [ 922.095294] io_uring_setup+0x1fbb/0x2980 [ 922.096172] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.097233] ? wait_for_completion_io+0x270/0x270 [ 922.098255] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.099354] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.100434] do_syscall_64+0x33/0x40 [ 922.101213] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.102281] RIP: 0033:0x7f6039043b19 [ 922.103061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.106951] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.108541] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 922.110042] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.111529] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.113027] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.114593] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 922.127446] FAULT_INJECTION: forcing a failure. [ 922.127446] name failslab, interval 1, probability 0, space 0, times 0 [ 922.130088] CPU: 1 PID: 6578 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 922.131529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.133368] Call Trace: [ 922.133921] dump_stack+0x107/0x167 [ 922.134698] should_fail.cold+0x5/0xa [ 922.135520] ? create_object.isra.0+0x3a/0xa20 [ 922.136645] should_failslab+0x5/0x20 [ 922.137467] kmem_cache_alloc+0x5b/0x310 [ 922.138415] create_object.isra.0+0x3a/0xa20 [ 922.139356] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 922.140572] kmem_cache_alloc_trace+0x151/0x320 [ 922.141614] io_uring_alloc_task_context+0x4a3/0x6a0 [ 922.142690] ? io_import_iovec+0x1120/0x1120 [ 922.143685] ? lock_downgrade+0x6d0/0x6d0 [ 922.144555] ? do_raw_spin_lock+0x121/0x260 [ 922.145470] ? rwlock_bug.part.0+0x90/0x90 [ 922.146472] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.147562] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.148657] ? alloc_fd+0x2e7/0x670 [ 922.149436] io_uring_setup+0x1fbb/0x2980 [ 922.150317] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.151462] ? wait_for_completion_io+0x270/0x270 [ 922.152484] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.153568] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.154626] do_syscall_64+0x33/0x40 [ 922.155394] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.156451] RIP: 0033:0x7fa304026b19 [ 922.157232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.161154] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.162751] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 922.164253] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.165757] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.167239] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.168714] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 922.179795] FAULT_INJECTION: forcing a failure. [ 922.179795] name failslab, interval 1, probability 0, space 0, times 0 [ 922.182587] CPU: 1 PID: 6582 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 922.184016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.185759] Call Trace: [ 922.186311] dump_stack+0x107/0x167 [ 922.187071] should_fail.cold+0x5/0xa [ 922.187870] ? create_object.isra.0+0x3a/0xa20 [ 922.188836] should_failslab+0x5/0x20 [ 922.189639] kmem_cache_alloc+0x5b/0x310 [ 922.190494] create_object.isra.0+0x3a/0xa20 [ 922.191421] kmemleak_alloc_percpu+0xa0/0x100 [ 922.192360] pcpu_alloc+0x4e2/0x1240 [ 922.193159] __percpu_counter_init+0x10d/0x2d0 [ 922.194110] io_uring_alloc_task_context+0xcc/0x6a0 [ 922.195149] ? io_import_iovec+0x1120/0x1120 [ 922.196066] ? lock_downgrade+0x6d0/0x6d0 [ 922.196939] ? do_raw_spin_lock+0x121/0x260 [ 922.197843] ? rwlock_bug.part.0+0x90/0x90 [ 922.198730] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.199734] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.200837] ? alloc_fd+0x2e7/0x670 [ 922.201604] io_uring_setup+0x1fbb/0x2980 [ 922.202476] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.203526] ? wait_for_completion_io+0x270/0x270 [ 922.204551] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.205660] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.206736] do_syscall_64+0x33/0x40 [ 922.207511] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.208578] RIP: 0033:0x7fa2b71a6b19 [ 922.209373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.213220] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.214802] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 922.216297] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.217801] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.219296] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.220794] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 922.233902] FAULT_INJECTION: forcing a failure. [ 922.233902] name failslab, interval 1, probability 0, space 0, times 0 [ 922.236361] CPU: 0 PID: 6586 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 922.237796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.239536] Call Trace: [ 922.240095] dump_stack+0x107/0x167 [ 922.240866] should_fail.cold+0x5/0xa [ 922.241668] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 922.242772] should_failslab+0x5/0x20 [ 922.243582] kmem_cache_alloc_trace+0x55/0x320 [ 922.244538] io_uring_alloc_task_context+0x4a3/0x6a0 [ 922.245603] ? io_import_iovec+0x1120/0x1120 [ 922.246527] ? lock_downgrade+0x6d0/0x6d0 [ 922.247389] ? do_raw_spin_lock+0x121/0x260 [ 922.248285] ? rwlock_bug.part.0+0x90/0x90 [ 922.249185] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.250192] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.251286] ? alloc_fd+0x2e7/0x670 [ 922.252054] io_uring_setup+0x1fbb/0x2980 [ 922.252932] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.253992] ? wait_for_completion_io+0x270/0x270 [ 922.255017] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.256116] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.257209] do_syscall_64+0x33/0x40 [ 922.257994] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.259064] RIP: 0033:0x7fe43d50db19 [ 922.259843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.263678] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.265274] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 922.266759] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.268249] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.269742] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.271229] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:41 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 30) 21:32:41 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:41 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 30) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 922.407812] FAULT_INJECTION: forcing a failure. [ 922.407812] name failslab, interval 1, probability 0, space 0, times 0 [ 922.410222] CPU: 0 PID: 6590 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 922.411655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.413397] Call Trace: [ 922.413951] dump_stack+0x107/0x167 [ 922.414710] should_fail.cold+0x5/0xa [ 922.415508] ? create_object.isra.0+0x3a/0xa20 [ 922.416463] should_failslab+0x5/0x20 [ 922.417269] kmem_cache_alloc+0x5b/0x310 [ 922.418121] create_object.isra.0+0x3a/0xa20 [ 922.419046] kmemleak_alloc_percpu+0xa0/0x100 [ 922.419982] pcpu_alloc+0x4e2/0x1240 [ 922.420778] __percpu_counter_init+0x10d/0x2d0 [ 922.421746] io_uring_alloc_task_context+0xcc/0x6a0 [ 922.422790] ? io_import_iovec+0x1120/0x1120 [ 922.423707] ? lock_downgrade+0x6d0/0x6d0 [ 922.424568] ? do_raw_spin_lock+0x121/0x260 [ 922.425473] ? rwlock_bug.part.0+0x90/0x90 [ 922.426366] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.427370] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.428465] ? alloc_fd+0x2e7/0x670 [ 922.429252] io_uring_setup+0x1fbb/0x2980 [ 922.430123] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.431185] ? wait_for_completion_io+0x270/0x270 [ 922.432211] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.433314] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.434392] do_syscall_64+0x33/0x40 [ 922.435165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.436232] RIP: 0033:0x7f6039043b19 [ 922.437016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.440870] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.442453] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 922.443946] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.445439] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.446932] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.448423] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 922.467875] FAULT_INJECTION: forcing a failure. [ 922.467875] name failslab, interval 1, probability 0, space 0, times 0 [ 922.470538] CPU: 1 PID: 6593 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 922.471947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 922.473663] Call Trace: [ 922.474221] dump_stack+0x107/0x167 [ 922.474972] should_fail.cold+0x5/0xa [ 922.475767] ? create_object.isra.0+0x3a/0xa20 [ 922.476709] should_failslab+0x5/0x20 [ 922.477523] kmem_cache_alloc+0x5b/0x310 [ 922.478367] create_object.isra.0+0x3a/0xa20 [ 922.479286] kmemleak_alloc_percpu+0xa0/0x100 [ 922.480210] pcpu_alloc+0x4e2/0x1240 [ 922.481010] __percpu_counter_init+0x10d/0x2d0 [ 922.481966] io_uring_alloc_task_context+0xcc/0x6a0 [ 922.482998] ? io_import_iovec+0x1120/0x1120 [ 922.483911] ? lock_downgrade+0x6d0/0x6d0 [ 922.484767] ? do_raw_spin_lock+0x121/0x260 [ 922.485665] ? rwlock_bug.part.0+0x90/0x90 [ 922.486546] __io_uring_add_tctx_node+0x2c6/0x520 [ 922.487544] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 922.488621] ? alloc_fd+0x2e7/0x670 [ 922.489402] io_uring_setup+0x1fbb/0x2980 [ 922.490263] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 922.491307] ? wait_for_completion_io+0x270/0x270 [ 922.492326] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 922.493414] ? syscall_enter_from_user_mode+0x1d/0x50 [ 922.494488] do_syscall_64+0x33/0x40 [ 922.495255] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 922.496310] RIP: 0033:0x7fa2b71a6b19 [ 922.497085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 922.500885] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 922.502462] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 922.503961] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 922.505447] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 922.506913] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 922.508383] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:32:58 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 33) 21:32:58 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 32) 21:32:58 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x8, 0x1, 0x81, 0x9}, {0xbce3, 0x84, 0x9, 0x400}, {0x4, 0x81, 0x1, 0x3dd9}]}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:32:58 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 31) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:32:58 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 31) 21:32:58 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:32:58 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 939.973484] FAULT_INJECTION: forcing a failure. [ 939.973484] name failslab, interval 1, probability 0, space 0, times 0 [ 939.976151] CPU: 0 PID: 6621 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 939.977760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.978942] FAULT_INJECTION: forcing a failure. [ 939.978942] name failslab, interval 1, probability 0, space 0, times 0 [ 939.979653] Call Trace: [ 939.979680] dump_stack+0x107/0x167 [ 939.979705] should_fail.cold+0x5/0xa [ 939.983893] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 939.985046] should_failslab+0x5/0x20 [ 939.985922] kmem_cache_alloc_trace+0x55/0x320 [ 939.986952] io_uring_alloc_task_context+0x4a3/0x6a0 [ 939.988107] ? io_import_iovec+0x1120/0x1120 [ 939.989107] ? lock_downgrade+0x6d0/0x6d0 [ 939.990068] ? do_raw_spin_lock+0x121/0x260 [ 939.991046] ? rwlock_bug.part.0+0x90/0x90 [ 939.992009] __io_uring_add_tctx_node+0x2c6/0x520 [ 939.993103] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 939.994302] ? alloc_fd+0x2e7/0x670 [ 939.995133] io_uring_setup+0x1fbb/0x2980 [ 939.996085] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 939.997240] ? wait_for_completion_io+0x270/0x270 [ 939.998373] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 939.999563] ? syscall_enter_from_user_mode+0x1d/0x50 [ 940.000728] do_syscall_64+0x33/0x40 [ 940.001595] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 940.002758] RIP: 0033:0x7f6039043b19 [ 940.003603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 940.007805] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 940.009558] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 940.011166] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 940.012780] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 940.014435] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 940.016061] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 940.017726] CPU: 1 PID: 6610 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 940.018779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 940.020022] Call Trace: [ 940.020442] dump_stack+0x107/0x167 [ 940.020983] should_fail.cold+0x5/0xa [ 940.021610] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 940.022397] should_failslab+0x5/0x20 [ 940.022955] kmem_cache_alloc_trace+0x55/0x320 [ 940.023754] io_uring_alloc_task_context+0x4a3/0x6a0 [ 940.024560] ? io_import_iovec+0x1120/0x1120 [ 940.025216] ? lock_downgrade+0x6d0/0x6d0 [ 940.025839] ? do_raw_spin_lock+0x121/0x260 [ 940.026468] ? rwlock_bug.part.0+0x90/0x90 [ 940.027106] __io_uring_add_tctx_node+0x2c6/0x520 [ 940.027807] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 940.028583] ? alloc_fd+0x2e7/0x670 [ 940.029124] io_uring_setup+0x1fbb/0x2980 [ 940.029765] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 940.030508] ? wait_for_completion_io+0x270/0x270 [ 940.031230] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 940.031985] ? syscall_enter_from_user_mode+0x1d/0x50 [ 940.032755] do_syscall_64+0x33/0x40 [ 940.033304] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 940.034067] RIP: 0033:0x7fa2b71a6b19 [ 940.034602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 940.037330] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 940.038470] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 940.039519] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 940.040562] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 940.041623] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 940.042677] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 940.045154] FAULT_INJECTION: forcing a failure. [ 940.045154] name failslab, interval 1, probability 0, space 0, times 0 [ 940.047960] CPU: 0 PID: 6623 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 940.049538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 940.051413] Call Trace: [ 940.052010] dump_stack+0x107/0x167 [ 940.052840] should_fail.cold+0x5/0xa [ 940.053820] ? io_wq_create+0xeb/0xc00 [ 940.054717] should_failslab+0x5/0x20 [ 940.054741] __kmalloc+0x72/0x390 [ 940.056101] io_wq_create+0xeb/0xc00 [ 940.056962] io_uring_alloc_task_context+0x1f1/0x6a0 [ 940.058158] ? io_import_iovec+0x1120/0x1120 [ 940.059145] ? io_apoll_task_func+0x2d0/0x2d0 [ 940.060157] ? __io_req_find_next+0x300/0x300 [ 940.061171] ? do_raw_spin_lock+0x121/0x260 [ 940.062185] ? rwlock_bug.part.0+0x90/0x90 [ 940.063129] __io_uring_add_tctx_node+0x2c6/0x520 [ 940.064203] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 940.065380] ? alloc_fd+0x2e7/0x670 [ 940.066233] io_uring_setup+0x1fbb/0x2980 [ 940.067172] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 940.068310] ? wait_for_completion_io+0x270/0x270 [ 940.069420] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 940.070630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 940.071787] do_syscall_64+0x33/0x40 [ 940.072621] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 940.073808] RIP: 0033:0x7fa304026b19 [ 940.074642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 940.078740] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 940.080230] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 940.081654] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 940.083041] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 940.084432] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 940.085851] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 940.166842] FAULT_INJECTION: forcing a failure. [ 940.166842] name failslab, interval 1, probability 0, space 0, times 0 [ 940.169567] CPU: 1 PID: 6624 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 940.171176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 940.173127] Call Trace: [ 940.173767] dump_stack+0x107/0x167 [ 940.174632] should_fail.cold+0x5/0xa [ 940.175540] ? create_object.isra.0+0x3a/0xa20 [ 940.176629] should_failslab+0x5/0x20 [ 940.177548] kmem_cache_alloc+0x5b/0x310 [ 940.178519] create_object.isra.0+0x3a/0xa20 [ 940.179565] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 940.180782] kmem_cache_alloc_trace+0x151/0x320 [ 940.181915] io_uring_alloc_task_context+0x4a3/0x6a0 [ 940.183132] ? io_import_iovec+0x1120/0x1120 [ 940.184183] ? lock_downgrade+0x6d0/0x6d0 [ 940.185175] ? do_raw_spin_lock+0x121/0x260 [ 940.186215] ? rwlock_bug.part.0+0x90/0x90 [ 940.187235] __io_uring_add_tctx_node+0x2c6/0x520 [ 940.188404] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 940.189675] ? alloc_fd+0x2e7/0x670 [ 940.190568] io_uring_setup+0x1fbb/0x2980 [ 940.191577] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 940.192803] ? wait_for_completion_io+0x270/0x270 [ 940.194001] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 940.195277] ? syscall_enter_from_user_mode+0x1d/0x50 [ 940.196538] do_syscall_64+0x33/0x40 [ 940.197452] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 940.198704] RIP: 0033:0x7fe43d50db19 [ 940.199613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 940.204155] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 940.206036] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 940.207764] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 940.209303] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 940.210849] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 940.212388] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.391011] FAULT_INJECTION: forcing a failure. [ 956.391011] name failslab, interval 1, probability 0, space 0, times 0 [ 956.393774] CPU: 0 PID: 6641 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 956.395406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.397322] Call Trace: [ 956.397533] FAULT_INJECTION: forcing a failure. [ 956.397533] name failslab, interval 1, probability 0, space 0, times 0 [ 956.397930] dump_stack+0x107/0x167 [ 956.397956] should_fail.cold+0x5/0xa [ 956.402065] ? create_object.isra.0+0x3a/0xa20 [ 956.403119] should_failslab+0x5/0x20 [ 956.403995] kmem_cache_alloc+0x5b/0x310 [ 956.404933] create_object.isra.0+0x3a/0xa20 [ 956.405941] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.407116] kmem_cache_alloc_trace+0x151/0x320 [ 956.408187] io_uring_alloc_task_context+0x4a3/0x6a0 [ 956.409348] ? io_import_iovec+0x1120/0x1120 [ 956.410368] ? lock_downgrade+0x6d0/0x6d0 [ 956.411315] ? do_raw_spin_lock+0x121/0x260 [ 956.412300] ? rwlock_bug.part.0+0x90/0x90 [ 956.413277] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.414391] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.415589] ? alloc_fd+0x2e7/0x670 [ 956.416436] io_uring_setup+0x1fbb/0x2980 [ 956.417397] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.418570] ? wait_for_completion_io+0x270/0x270 [ 956.419700] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.420898] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.422088] do_syscall_64+0x33/0x40 [ 956.422940] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.424110] RIP: 0033:0x7fa2b71a6b19 [ 956.424960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.429182] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.430931] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 956.432564] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.434204] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.435837] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.437469] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.439151] CPU: 1 PID: 6644 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 956.439879] FAULT_INJECTION: forcing a failure. [ 956.439879] name failslab, interval 1, probability 0, space 0, times 0 [ 956.440622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.440630] Call Trace: [ 956.440655] dump_stack+0x107/0x167 [ 956.440676] should_fail.cold+0x5/0xa [ 956.440699] ? io_wq_create+0xeb/0xc00 [ 956.440730] should_failslab+0x5/0x20 [ 956.448591] __kmalloc+0x72/0x390 [ 956.449342] io_wq_create+0xeb/0xc00 [ 956.450160] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.451248] ? io_import_iovec+0x1120/0x1120 [ 956.452195] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.453158] ? __io_req_find_next+0x300/0x300 [ 956.454127] ? do_raw_spin_lock+0x121/0x260 [ 956.455053] ? rwlock_bug.part.0+0x90/0x90 [ 956.455967] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.457008] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.458151] ? alloc_fd+0x2e7/0x670 [ 956.458943] io_uring_setup+0x1fbb/0x2980 [ 956.459846] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.460939] ? wait_for_completion_io+0x270/0x270 [ 956.462010] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.463139] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.464256] do_syscall_64+0x33/0x40 [ 956.465054] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.466161] RIP: 0033:0x7fe43d50db19 [ 956.466960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.470941] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.472587] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 956.474134] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.475674] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.477207] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.478752] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.480316] CPU: 0 PID: 6643 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 956.481904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.483826] Call Trace: [ 956.484434] dump_stack+0x107/0x167 [ 956.485275] should_fail.cold+0x5/0xa [ 956.486167] ? create_object.isra.0+0x3a/0xa20 [ 956.487226] should_failslab+0x5/0x20 [ 956.487247] kmem_cache_alloc+0x5b/0x310 [ 956.487274] create_object.isra.0+0x3a/0xa20 [ 956.490022] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.491203] kmem_cache_alloc_trace+0x151/0x320 [ 956.491501] FAULT_INJECTION: forcing a failure. [ 956.491501] name failslab, interval 1, probability 0, space 0, times 0 [ 956.492279] io_uring_alloc_task_context+0x4a3/0x6a0 [ 956.492301] ? io_import_iovec+0x1120/0x1120 [ 956.492328] ? lock_downgrade+0x6d0/0x6d0 [ 956.497760] ? do_raw_spin_lock+0x121/0x260 [ 956.498759] ? rwlock_bug.part.0+0x90/0x90 [ 956.499736] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.500843] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.502058] ? alloc_fd+0x2e7/0x670 [ 956.502910] io_uring_setup+0x1fbb/0x2980 [ 956.503873] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.505043] ? wait_for_completion_io+0x270/0x270 [ 956.506193] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.507395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.508582] do_syscall_64+0x33/0x40 [ 956.509438] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.510617] RIP: 0033:0x7f6039043b19 [ 956.511471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.515699] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.517444] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 956.519086] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.520717] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.522359] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.523997] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.525666] CPU: 1 PID: 6646 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 956.527163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.528946] Call Trace: [ 956.529516] dump_stack+0x107/0x167 [ 956.530317] should_fail.cold+0x5/0xa [ 956.531145] ? create_object.isra.0+0x3a/0xa20 [ 956.532137] should_failslab+0x5/0x20 [ 956.532960] kmem_cache_alloc+0x5b/0x310 [ 956.533840] create_object.isra.0+0x3a/0xa20 [ 956.534790] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.535887] __kmalloc+0x16e/0x390 [ 956.536657] io_wq_create+0xeb/0xc00 [ 956.537465] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.538562] ? io_import_iovec+0x1120/0x1120 [ 956.539507] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.540488] ? __io_req_find_next+0x300/0x300 [ 956.541445] ? do_raw_spin_lock+0x121/0x260 [ 956.542373] ? rwlock_bug.part.0+0x90/0x90 [ 956.543291] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.544326] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.545449] ? alloc_fd+0x2e7/0x670 [ 956.546254] io_uring_setup+0x1fbb/0x2980 [ 956.547153] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.548247] ? wait_for_completion_io+0x270/0x270 [ 956.549306] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.550446] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.551560] do_syscall_64+0x33/0x40 [ 956.552363] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.553462] RIP: 0033:0x7fa304026b19 [ 956.554269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.558221] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.559867] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 956.561411] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.562958] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.564492] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.566037] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:15 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 32) 21:33:15 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 33) 21:33:15 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:15 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:33:15 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 32) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:33:15 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:15 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:15 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 34) 21:33:15 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 33) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:33:15 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 33) [ 956.650516] FAULT_INJECTION: forcing a failure. [ 956.650516] name failslab, interval 1, probability 0, space 0, times 0 [ 956.653003] CPU: 0 PID: 6650 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 956.654402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.656083] Call Trace: [ 956.656628] dump_stack+0x107/0x167 [ 956.657374] should_fail.cold+0x5/0xa [ 956.658162] ? io_wq_create+0xeb/0xc00 [ 956.658955] should_failslab+0x5/0x20 [ 956.659733] __kmalloc+0x72/0x390 [ 956.660441] io_wq_create+0xeb/0xc00 [ 956.661202] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.662242] ? io_import_iovec+0x1120/0x1120 [ 956.663136] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.664045] ? __io_req_find_next+0x300/0x300 [ 956.664955] ? do_raw_spin_lock+0x121/0x260 [ 956.664979] ? rwlock_bug.part.0+0x90/0x90 [ 956.666771] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.667753] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.668821] ? alloc_fd+0x2e7/0x670 [ 956.669567] io_uring_setup+0x1fbb/0x2980 [ 956.670419] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.671450] ? wait_for_completion_io+0x270/0x270 [ 956.672449] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.673514] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.674572] do_syscall_64+0x33/0x40 [ 956.675326] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.676366] RIP: 0033:0x7fa2b71a6b19 [ 956.677117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.680873] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.682429] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 956.683875] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.685323] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.686777] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.688232] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.706526] FAULT_INJECTION: forcing a failure. [ 956.706526] name failslab, interval 1, probability 0, space 0, times 0 [ 956.708806] CPU: 0 PID: 6652 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 956.710190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.711863] Call Trace: 21:33:15 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 34) [ 956.712397] dump_stack+0x107/0x167 [ 956.713252] should_fail.cold+0x5/0xa [ 956.714026] ? io_wq_create+0xeb/0xc00 [ 956.714785] should_failslab+0x5/0x20 [ 956.715523] __kmalloc+0x72/0x390 [ 956.716200] io_wq_create+0xeb/0xc00 [ 956.716927] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.717912] ? io_import_iovec+0x1120/0x1120 [ 956.718770] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.719633] ? __io_req_find_next+0x300/0x300 [ 956.720497] ? do_raw_spin_lock+0x121/0x260 [ 956.721328] ? rwlock_bug.part.0+0x90/0x90 [ 956.722155] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.723083] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.724091] ? alloc_fd+0x2e7/0x670 [ 956.724801] io_uring_setup+0x1fbb/0x2980 [ 956.725607] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.726601] ? wait_for_completion_io+0x270/0x270 [ 956.727550] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.728560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.729554] do_syscall_64+0x33/0x40 [ 956.730282] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.731269] RIP: 0033:0x7f6039043b19 [ 956.731987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.735539] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.737006] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 956.738388] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.739759] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.741132] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.742517] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:15 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 35) [ 956.770948] FAULT_INJECTION: forcing a failure. [ 956.770948] name failslab, interval 1, probability 0, space 0, times 0 [ 956.773511] CPU: 1 PID: 6656 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 956.774972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.776732] Call Trace: [ 956.777297] dump_stack+0x107/0x167 [ 956.778080] should_fail.cold+0x5/0xa [ 956.778139] FAULT_INJECTION: forcing a failure. [ 956.778139] name failslab, interval 1, probability 0, space 0, times 0 [ 956.778898] ? io_wq_create+0x6ef/0xc00 [ 956.781860] should_failslab+0x5/0x20 [ 956.782678] kmem_cache_alloc_node_trace+0x59/0x340 [ 956.783745] io_wq_create+0x6ef/0xc00 [ 956.784558] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.785636] ? io_import_iovec+0x1120/0x1120 [ 956.786576] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.787516] ? __io_req_find_next+0x300/0x300 [ 956.788456] ? do_raw_spin_lock+0x121/0x260 [ 956.789356] ? rwlock_bug.part.0+0x90/0x90 [ 956.790258] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.791268] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.792365] ? alloc_fd+0x2e7/0x670 [ 956.793135] io_uring_setup+0x1fbb/0x2980 [ 956.794019] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.795085] ? wait_for_completion_io+0x270/0x270 [ 956.796119] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.797221] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.798313] do_syscall_64+0x33/0x40 [ 956.799097] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.800176] RIP: 0033:0x7fa304026b19 [ 956.800958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.804836] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.806446] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 956.807951] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.809456] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.810970] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.812475] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.814023] CPU: 0 PID: 6658 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 956.815428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.817099] Call Trace: [ 956.817637] dump_stack+0x107/0x167 [ 956.818381] should_fail.cold+0x5/0xa [ 956.819154] ? create_object.isra.0+0x3a/0xa20 [ 956.820079] should_failslab+0x5/0x20 [ 956.820845] kmem_cache_alloc+0x5b/0x310 [ 956.821669] create_object.isra.0+0x3a/0xa20 [ 956.822568] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.823602] __kmalloc+0x16e/0x390 [ 956.824335] io_wq_create+0xeb/0xc00 [ 956.825098] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.826135] ? io_import_iovec+0x1120/0x1120 [ 956.827025] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.827933] ? __io_req_find_next+0x300/0x300 [ 956.828843] ? do_raw_spin_lock+0x121/0x260 [ 956.829716] ? rwlock_bug.part.0+0x90/0x90 [ 956.830582] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.831557] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.832619] ? alloc_fd+0x2e7/0x670 [ 956.833366] io_uring_setup+0x1fbb/0x2980 [ 956.834220] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.835252] ? wait_for_completion_io+0x270/0x270 [ 956.836248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.837312] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.838362] do_syscall_64+0x33/0x40 [ 956.839115] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.840153] RIP: 0033:0x7fe43d50db19 [ 956.840905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.844636] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.846182] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 956.847625] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e 21:33:15 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 34) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 956.849068] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.850528] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.851749] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:15 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 34) 21:33:15 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 35) [ 956.914602] FAULT_INJECTION: forcing a failure. [ 956.914602] name failslab, interval 1, probability 0, space 0, times 0 [ 956.916666] CPU: 0 PID: 6662 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 956.917840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.919276] Call Trace: [ 956.919736] dump_stack+0x107/0x167 [ 956.920362] should_fail.cold+0x5/0xa [ 956.921019] ? create_object.isra.0+0x3a/0xa20 [ 956.921809] should_failslab+0x5/0x20 [ 956.922476] kmem_cache_alloc+0x5b/0x310 [ 956.923184] create_object.isra.0+0x3a/0xa20 [ 956.923943] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.924827] __kmalloc+0x16e/0x390 [ 956.925453] io_wq_create+0xeb/0xc00 [ 956.926104] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.926988] ? io_import_iovec+0x1120/0x1120 [ 956.927753] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.928463] FAULT_INJECTION: forcing a failure. [ 956.928463] name failslab, interval 1, probability 0, space 0, times 0 [ 956.928536] ? __io_req_find_next+0x300/0x300 [ 956.928558] ? do_raw_spin_lock+0x121/0x260 [ 956.932282] ? rwlock_bug.part.0+0x90/0x90 [ 956.933019] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.933854] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.934774] ? alloc_fd+0x2e7/0x670 [ 956.935416] io_uring_setup+0x1fbb/0x2980 [ 956.936135] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.937014] ? wait_for_completion_io+0x270/0x270 [ 956.937869] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.938790] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.939680] do_syscall_64+0x33/0x40 [ 956.940309] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.941192] RIP: 0033:0x7f6039043b19 [ 956.941835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.945021] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.946344] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 956.947574] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.948808] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.950042] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.951277] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.952540] CPU: 1 PID: 6663 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 956.953921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.955570] Call Trace: [ 956.956101] dump_stack+0x107/0x167 [ 956.956822] should_fail.cold+0x5/0xa [ 956.957577] ? create_object.isra.0+0x3a/0xa20 [ 956.958490] should_failslab+0x5/0x20 [ 956.959244] kmem_cache_alloc+0x5b/0x310 [ 956.960052] create_object.isra.0+0x3a/0xa20 [ 956.960921] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 956.961932] __kmalloc+0x16e/0x390 [ 956.962651] io_wq_create+0xeb/0xc00 [ 956.963399] io_uring_alloc_task_context+0x1f1/0x6a0 [ 956.964234] FAULT_INJECTION: forcing a failure. [ 956.964234] name failslab, interval 1, probability 0, space 0, times 0 [ 956.964407] ? io_import_iovec+0x1120/0x1120 [ 956.967180] ? io_apoll_task_func+0x2d0/0x2d0 [ 956.968060] ? __io_req_find_next+0x300/0x300 [ 956.968945] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.969971] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 956.971040] __io_uring_add_tctx_node+0x2c6/0x520 [ 956.971984] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 956.972977] ? io_uring_setup+0x1fb3/0x2980 [ 956.973791] io_uring_setup+0x1fbb/0x2980 [ 956.974594] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 956.975591] ? wait_for_completion_io+0x270/0x270 [ 956.976558] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 956.977583] ? syscall_enter_from_user_mode+0x1d/0x50 [ 956.978600] do_syscall_64+0x33/0x40 [ 956.979331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 956.980337] RIP: 0033:0x7fa2b71a6b19 [ 956.981066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 956.984681] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 956.986184] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 956.987586] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 956.988987] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 956.990380] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 956.991766] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 956.993180] CPU: 0 PID: 6665 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 956.994337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 956.995705] Call Trace: [ 956.996158] dump_stack+0x107/0x167 [ 956.996769] should_fail.cold+0x5/0xa [ 956.997411] ? io_wq_create+0x6ef/0xc00 [ 956.998081] should_failslab+0x5/0x20 [ 956.998714] kmem_cache_alloc_node_trace+0x59/0x340 [ 956.999548] io_wq_create+0x6ef/0xc00 [ 957.000186] io_uring_alloc_task_context+0x1f1/0x6a0 [ 957.001026] ? io_import_iovec+0x1120/0x1120 [ 957.001756] ? io_apoll_task_func+0x2d0/0x2d0 [ 957.002502] ? __io_req_find_next+0x300/0x300 [ 957.003247] ? do_raw_spin_lock+0x121/0x260 [ 957.003958] ? rwlock_bug.part.0+0x90/0x90 [ 957.004663] __io_uring_add_tctx_node+0x2c6/0x520 [ 957.005480] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 957.006354] ? alloc_fd+0x2e7/0x670 [ 957.006963] io_uring_setup+0x1fbb/0x2980 [ 957.007655] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 957.008503] ? wait_for_completion_io+0x270/0x270 [ 957.009320] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 957.010193] ? syscall_enter_from_user_mode+0x1d/0x50 [ 957.011044] do_syscall_64+0x33/0x40 [ 957.011661] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 957.012508] RIP: 0033:0x7fe43d50db19 [ 957.013126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 957.016182] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 957.017442] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 957.018635] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 957.019817] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 957.020999] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 957.022187] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:16 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:16 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 36) 21:33:16 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 36) [ 957.117700] FAULT_INJECTION: forcing a failure. [ 957.117700] name failslab, interval 1, probability 0, space 0, times 0 [ 957.119448] CPU: 0 PID: 6670 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 957.120435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 957.121618] Call Trace: [ 957.122000] dump_stack+0x107/0x167 [ 957.122529] should_fail.cold+0x5/0xa [ 957.123078] ? create_object.isra.0+0x3a/0xa20 [ 957.123740] should_failslab+0x5/0x20 [ 957.124289] kmem_cache_alloc+0x5b/0x310 [ 957.124871] ? io_wq_create+0x114/0xc00 [ 957.125440] create_object.isra.0+0x3a/0xa20 [ 957.126079] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 957.126809] kmem_cache_alloc_node_trace+0x16d/0x340 [ 957.127543] io_wq_create+0x6ef/0xc00 [ 957.128095] io_uring_alloc_task_context+0x1f1/0x6a0 [ 957.128820] ? io_import_iovec+0x1120/0x1120 [ 957.129452] ? io_apoll_task_func+0x2d0/0x2d0 [ 957.130101] ? __io_req_find_next+0x300/0x300 [ 957.130740] ? do_raw_spin_lock+0x121/0x260 [ 957.131353] ? rwlock_bug.part.0+0x90/0x90 [ 957.131959] __io_uring_add_tctx_node+0x2c6/0x520 [ 957.132647] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 957.133393] ? alloc_fd+0x2e7/0x670 [ 957.133912] io_uring_setup+0x1fbb/0x2980 [ 957.134515] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 957.135245] ? wait_for_completion_io+0x270/0x270 [ 957.135777] FAULT_INJECTION: forcing a failure. [ 957.135777] name failslab, interval 1, probability 0, space 0, times 0 [ 957.135932] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 957.138663] ? syscall_enter_from_user_mode+0x1d/0x50 [ 957.139406] do_syscall_64+0x33/0x40 [ 957.139935] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 957.140660] RIP: 0033:0x7fe43d50db19 [ 957.141192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 957.143841] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 957.144918] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 957.145935] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 957.146950] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 957.147947] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 957.148947] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 957.149970] CPU: 1 PID: 6672 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 957.151209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 957.152677] Call Trace: [ 957.153148] dump_stack+0x107/0x167 [ 957.153792] should_fail.cold+0x5/0xa [ 957.154478] ? create_object.isra.0+0x3a/0xa20 [ 957.155288] should_failslab+0x5/0x20 [ 957.155965] kmem_cache_alloc+0x5b/0x310 [ 957.156684] ? io_wq_create+0x114/0xc00 [ 957.157390] create_object.isra.0+0x3a/0xa20 [ 957.158174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 957.159079] kmem_cache_alloc_node_trace+0x16d/0x340 [ 957.159987] io_wq_create+0x6ef/0xc00 [ 957.160662] io_uring_alloc_task_context+0x1f1/0x6a0 [ 957.161548] ? io_import_iovec+0x1120/0x1120 [ 957.162328] ? io_apoll_task_func+0x2d0/0x2d0 [ 957.163111] ? __io_req_find_next+0x300/0x300 [ 957.163898] ? do_raw_spin_lock+0x121/0x260 [ 957.164653] ? rwlock_bug.part.0+0x90/0x90 [ 957.165400] __io_uring_add_tctx_node+0x2c6/0x520 [ 957.166249] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 957.167168] ? alloc_fd+0x2e7/0x670 [ 957.167813] io_uring_setup+0x1fbb/0x2980 [ 957.168545] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 957.169439] ? wait_for_completion_io+0x270/0x270 [ 957.170307] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 957.171225] ? syscall_enter_from_user_mode+0x1d/0x50 [ 957.172129] do_syscall_64+0x33/0x40 [ 957.172781] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 957.173677] RIP: 0033:0x7fa304026b19 [ 957.174334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 957.177549] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 957.178882] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 957.180126] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 957.181375] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 957.182624] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 957.183866] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 35) 21:33:30 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 37) 21:33:30 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:30 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:30 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 35) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:33:30 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 37) 21:33:30 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:33:30 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 972.003075] FAULT_INJECTION: forcing a failure. [ 972.003075] name failslab, interval 1, probability 0, space 0, times 0 [ 972.004995] CPU: 1 PID: 6689 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 972.006072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.007387] Call Trace: [ 972.007807] dump_stack+0x107/0x167 [ 972.008385] should_fail.cold+0x5/0xa [ 972.008985] ? __io_uring_add_tctx_node+0x15c/0x520 [ 972.009775] should_failslab+0x5/0x20 [ 972.010379] kmem_cache_alloc_trace+0x55/0x320 [ 972.011124] __io_uring_add_tctx_node+0x15c/0x520 [ 972.011886] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.012708] ? alloc_fd+0x2e7/0x670 [ 972.013288] io_uring_setup+0x1fbb/0x2980 [ 972.013948] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.014766] ? wait_for_completion_io+0x270/0x270 [ 972.015552] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.016369] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.017187] do_syscall_64+0x33/0x40 [ 972.017772] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.018590] RIP: 0033:0x7fe43d50db19 [ 972.019182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.022037] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.023297] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 972.024412] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.025526] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.026648] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.027767] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 972.032679] FAULT_INJECTION: forcing a failure. [ 972.032679] name failslab, interval 1, probability 0, space 0, times 0 [ 972.035400] CPU: 0 PID: 6694 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 972.036928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.038785] Call Trace: [ 972.039387] dump_stack+0x107/0x167 [ 972.040217] should_fail.cold+0x5/0xa [ 972.041076] ? __io_uring_add_tctx_node+0x15c/0x520 [ 972.042198] should_failslab+0x5/0x20 [ 972.043057] kmem_cache_alloc_trace+0x55/0x320 [ 972.044084] __io_uring_add_tctx_node+0x15c/0x520 [ 972.044873] FAULT_INJECTION: forcing a failure. [ 972.044873] name failslab, interval 1, probability 0, space 0, times 0 [ 972.045152] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.045172] ? alloc_fd+0x2e7/0x670 [ 972.045205] io_uring_setup+0x1fbb/0x2980 [ 972.049808] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.050988] ? wait_for_completion_io+0x270/0x270 [ 972.052124] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.053325] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.054517] do_syscall_64+0x33/0x40 [ 972.055383] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.056565] RIP: 0033:0x7fa304026b19 [ 972.057418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.061651] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.063413] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 972.065062] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.066717] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.068362] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.070005] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 972.071684] CPU: 1 PID: 6696 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 972.073026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.074640] Call Trace: [ 972.075150] dump_stack+0x107/0x167 [ 972.075852] should_fail.cold+0x5/0xa [ 972.076589] ? io_wq_create+0x6ef/0xc00 [ 972.077358] should_failslab+0x5/0x20 [ 972.078098] kmem_cache_alloc_node_trace+0x59/0x340 [ 972.079087] io_wq_create+0x6ef/0xc00 [ 972.079844] io_uring_alloc_task_context+0x1f1/0x6a0 [ 972.079865] FAULT_INJECTION: forcing a failure. [ 972.079865] name failslab, interval 1, probability 0, space 0, times 0 [ 972.082816] ? io_import_iovec+0x1120/0x1120 [ 972.083672] ? io_apoll_task_func+0x2d0/0x2d0 [ 972.084523] ? __io_req_find_next+0x300/0x300 [ 972.085383] ? do_raw_spin_lock+0x121/0x260 [ 972.086206] ? rwlock_bug.part.0+0x90/0x90 [ 972.087044] __io_uring_add_tctx_node+0x2c6/0x520 [ 972.087958] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.088789] ? alloc_fd+0x2e7/0x670 [ 972.089491] io_uring_setup+0x1fbb/0x2980 [ 972.090286] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.091272] ? wait_for_completion_io+0x270/0x270 [ 972.092204] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.093203] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.093957] do_syscall_64+0x33/0x40 [ 972.094672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.095666] RIP: 0033:0x7f6039043b19 [ 972.096372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.099882] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.101362] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 972.102738] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.103832] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.104868] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.105908] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 972.106986] CPU: 0 PID: 6693 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 972.108578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.110743] Call Trace: [ 972.111403] dump_stack+0x107/0x167 [ 972.112229] should_fail.cold+0x5/0xa [ 972.113097] ? io_wq_create+0x6ef/0xc00 [ 972.114005] should_failslab+0x5/0x20 [ 972.114883] kmem_cache_alloc_node_trace+0x59/0x340 [ 972.116027] io_wq_create+0x6ef/0xc00 [ 972.116903] io_uring_alloc_task_context+0x1f1/0x6a0 [ 972.118058] ? io_import_iovec+0x1120/0x1120 [ 972.119069] ? io_apoll_task_func+0x2d0/0x2d0 [ 972.120097] ? __io_req_find_next+0x300/0x300 [ 972.121115] ? do_raw_spin_lock+0x121/0x260 [ 972.122096] ? rwlock_bug.part.0+0x90/0x90 [ 972.123069] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 972.124322] __io_uring_add_tctx_node+0x2c6/0x520 [ 972.125424] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.126643] ? alloc_fd+0x2e7/0x670 [ 972.127484] io_uring_setup+0x1fbb/0x2980 [ 972.128444] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.129595] ? wait_for_completion_io+0x270/0x270 [ 972.130735] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.131925] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.133107] do_syscall_64+0x33/0x40 [ 972.133959] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.135144] RIP: 0033:0x7fa2b71a6b19 [ 972.136001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.140232] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.141967] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 972.143601] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.145231] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.146870] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.148503] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 38) [ 972.177666] FAULT_INJECTION: forcing a failure. [ 972.177666] name failslab, interval 1, probability 0, space 0, times 0 [ 972.179442] CPU: 1 PID: 6701 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 972.180480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.181713] Call Trace: [ 972.182116] dump_stack+0x107/0x167 [ 972.182667] should_fail.cold+0x5/0xa [ 972.183250] ? create_object.isra.0+0x3a/0xa20 [ 972.183927] should_failslab+0x5/0x20 [ 972.184490] kmem_cache_alloc+0x5b/0x310 [ 972.185098] create_object.isra.0+0x3a/0xa20 [ 972.185738] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.186486] kmem_cache_alloc_trace+0x151/0x320 [ 972.187345] ? __io_uring_add_tctx_node+0x6e/0x520 [ 972.188151] __io_uring_add_tctx_node+0x15c/0x520 [ 972.189033] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.189819] ? alloc_fd+0x2e7/0x670 [ 972.190505] io_uring_setup+0x1fbb/0x2980 [ 972.191128] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.192069] ? wait_for_completion_io+0x270/0x270 [ 972.192796] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.193763] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.194534] do_syscall_64+0x33/0x40 [ 972.195239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.195990] RIP: 0033:0x7fe43d50db19 [ 972.196674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.199459] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.200863] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 972.202172] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.203495] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.204807] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.206107] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 36) 21:33:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 39) [ 972.295511] FAULT_INJECTION: forcing a failure. [ 972.295511] name failslab, interval 1, probability 0, space 0, times 0 [ 972.297333] CPU: 1 PID: 6704 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 972.298529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.300009] Call Trace: [ 972.300483] dump_stack+0x107/0x167 [ 972.301118] should_fail.cold+0x5/0xa [ 972.301799] ? create_object.isra.0+0x3a/0xa20 [ 972.302617] should_failslab+0x5/0x20 [ 972.303279] kmem_cache_alloc+0x5b/0x310 [ 972.304001] ? io_wq_create+0x114/0xc00 [ 972.304704] create_object.isra.0+0x3a/0xa20 [ 972.305469] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.306359] kmem_cache_alloc_node_trace+0x16d/0x340 [ 972.307259] io_wq_create+0x6ef/0xc00 [ 972.307925] io_uring_alloc_task_context+0x1f1/0x6a0 [ 972.308803] ? io_import_iovec+0x1120/0x1120 [ 972.309567] ? io_apoll_task_func+0x2d0/0x2d0 [ 972.310350] ? __io_req_find_next+0x300/0x300 [ 972.311145] ? do_raw_spin_lock+0x121/0x260 [ 972.311897] ? rwlock_bug.part.0+0x90/0x90 [ 972.312627] __io_uring_add_tctx_node+0x2c6/0x520 [ 972.313475] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.314368] ? alloc_fd+0x2e7/0x670 [ 972.315013] io_uring_setup+0x1fbb/0x2980 [ 972.315746] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.316627] ? wait_for_completion_io+0x270/0x270 [ 972.317481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.318393] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.319291] do_syscall_64+0x33/0x40 [ 972.319932] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.320818] RIP: 0033:0x7f6039043b19 [ 972.321467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.324629] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.325953] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 972.327196] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.328431] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.329664] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.330920] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:31 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 38) [ 972.339961] FAULT_INJECTION: forcing a failure. [ 972.339961] name failslab, interval 1, probability 0, space 0, times 0 [ 972.342074] CPU: 1 PID: 6706 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 972.343244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.344663] Call Trace: [ 972.345123] dump_stack+0x107/0x167 [ 972.345747] should_fail.cold+0x5/0xa [ 972.346401] ? xas_alloc+0x336/0x440 [ 972.347056] should_failslab+0x5/0x20 [ 972.347708] kmem_cache_alloc+0x5b/0x310 [ 972.348405] ? stack_trace_consume_entry+0x160/0x160 [ 972.349278] xas_alloc+0x336/0x440 [ 972.349898] xas_create+0x34a/0x10d0 [ 972.350555] ? kernel_text_address+0xf2/0x120 [ 972.351325] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 972.352229] xas_store+0x8c/0x1c40 [ 972.352839] __xa_store+0x164/0x2d0 [ 972.353457] ? xa_delete_node+0x280/0x280 [ 972.354169] ? trace_hardirqs_on+0x5b/0x180 [ 972.354913] xa_store+0x31/0x50 [ 972.355473] __io_uring_add_tctx_node+0x1cf/0x520 [ 972.356300] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.357185] ? alloc_fd+0x2e7/0x670 [ 972.357814] io_uring_setup+0x1fbb/0x2980 [ 972.358522] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.359394] ? wait_for_completion_io+0x270/0x270 [ 972.360217] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.361096] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.361975] do_syscall_64+0x33/0x40 [ 972.362623] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.363492] RIP: 0033:0x7fe43d50db19 [ 972.364128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:33:31 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 36) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 972.367260] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.368731] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 972.369927] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.371623] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.372828] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.374017] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 972.399685] FAULT_INJECTION: forcing a failure. [ 972.399685] name failslab, interval 1, probability 0, space 0, times 0 [ 972.401331] CPU: 1 PID: 6708 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 972.402446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.403830] Call Trace: [ 972.404278] dump_stack+0x107/0x167 [ 972.404886] should_fail.cold+0x5/0xa [ 972.405521] ? create_object.isra.0+0x3a/0xa20 [ 972.406285] should_failslab+0x5/0x20 [ 972.406923] kmem_cache_alloc+0x5b/0x310 [ 972.407609] create_object.isra.0+0x3a/0xa20 [ 972.408334] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.409174] kmem_cache_alloc_trace+0x151/0x320 [ 972.409954] __io_uring_add_tctx_node+0x15c/0x520 [ 972.410760] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.411634] ? alloc_fd+0x2e7/0x670 [ 972.412249] io_uring_setup+0x1fbb/0x2980 [ 972.412935] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.413774] ? wait_for_completion_io+0x270/0x270 [ 972.414595] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.415451] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.416302] do_syscall_64+0x33/0x40 [ 972.416911] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.417751] RIP: 0033:0x7fa304026b19 [ 972.418364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.421377] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.422635] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 972.423785] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.424944] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.426100] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.427288] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 40) [ 972.500966] FAULT_INJECTION: forcing a failure. [ 972.500966] name failslab, interval 1, probability 0, space 0, times 0 [ 972.504133] CPU: 0 PID: 6711 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 972.505733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.507672] Call Trace: [ 972.508303] dump_stack+0x107/0x167 [ 972.509164] should_fail.cold+0x5/0xa [ 972.510053] ? create_object.isra.0+0x3a/0xa20 [ 972.511143] should_failslab+0x5/0x20 [ 972.511171] kmem_cache_alloc+0x5b/0x310 [ 972.512745] ? io_wq_create+0x114/0xc00 [ 972.513679] create_object.isra.0+0x3a/0xa20 [ 972.514727] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.515914] kmem_cache_alloc_node_trace+0x16d/0x340 [ 972.517125] io_wq_create+0x6ef/0xc00 [ 972.518018] io_uring_alloc_task_context+0x1f1/0x6a0 [ 972.519235] ? io_import_iovec+0x1120/0x1120 [ 972.520265] ? io_apoll_task_func+0x2d0/0x2d0 [ 972.521307] ? __io_req_find_next+0x300/0x300 [ 972.522351] ? do_raw_spin_lock+0x121/0x260 [ 972.523386] ? rwlock_bug.part.0+0x90/0x90 [ 972.524379] __io_uring_add_tctx_node+0x2c6/0x520 [ 972.525501] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.526733] ? alloc_fd+0x2e7/0x670 [ 972.527598] io_uring_setup+0x1fbb/0x2980 [ 972.528584] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.529763] ? wait_for_completion_io+0x270/0x270 [ 972.530922] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.532155] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.533367] do_syscall_64+0x33/0x40 [ 972.534239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.535443] RIP: 0033:0x7fa2b71a6b19 [ 972.536313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.540592] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.542373] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 972.544050] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.545701] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.547384] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.548237] FAULT_INJECTION: forcing a failure. [ 972.548237] name failslab, interval 1, probability 0, space 0, times 0 [ 972.549043] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 972.552086] CPU: 1 PID: 6713 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 972.553125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.554380] Call Trace: [ 972.554801] dump_stack+0x107/0x167 [ 972.555358] should_fail.cold+0x5/0xa [ 972.555941] ? ___slab_alloc+0x155/0x700 [ 972.556560] ? create_object.isra.0+0x3a/0xa20 [ 972.557258] should_failslab+0x5/0x20 [ 972.557836] kmem_cache_alloc+0x5b/0x310 [ 972.558465] create_object.isra.0+0x3a/0xa20 [ 972.559141] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 972.559914] kmem_cache_alloc+0x159/0x310 [ 972.560541] xas_alloc+0x336/0x440 [ 972.561082] xas_create+0x34a/0x10d0 [ 972.561661] ? kernel_text_address+0xf2/0x120 [ 972.562342] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 972.563149] xas_store+0x8c/0x1c40 [ 972.563701] __xa_store+0x164/0x2d0 [ 972.564247] ? xa_delete_node+0x280/0x280 [ 972.564879] ? trace_hardirqs_on+0x5b/0x180 [ 972.565533] xa_store+0x31/0x50 [ 972.566040] __io_uring_add_tctx_node+0x1cf/0x520 [ 972.566788] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 972.567582] ? alloc_fd+0x2e7/0x670 [ 972.568134] io_uring_setup+0x1fbb/0x2980 [ 972.568765] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 972.569526] ? wait_for_completion_io+0x270/0x270 [ 972.570261] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.571067] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.571844] do_syscall_64+0x33/0x40 [ 972.572402] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 972.573166] RIP: 0033:0x7fe43d50db19 [ 972.573727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.576488] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 972.577622] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 972.578697] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 972.579766] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 972.580829] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 972.581872] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:46 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 39) 21:33:46 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:46 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 987.542499] FAULT_INJECTION: forcing a failure. [ 987.542499] name failslab, interval 1, probability 0, space 0, times 0 [ 987.543942] CPU: 1 PID: 6733 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 987.544720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.544839] FAULT_INJECTION: forcing a failure. [ 987.544839] name failslab, interval 1, probability 0, space 0, times 0 [ 987.545657] Call Trace: [ 987.545675] dump_stack+0x107/0x167 [ 987.545692] should_fail.cold+0x5/0xa [ 987.548742] ? __io_uring_add_tctx_node+0x15c/0x520 [ 987.549316] should_failslab+0x5/0x20 [ 987.549751] kmem_cache_alloc_trace+0x55/0x320 [ 987.550275] __io_uring_add_tctx_node+0x15c/0x520 [ 987.550821] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.551426] ? alloc_fd+0x2e7/0x670 [ 987.551849] io_uring_setup+0x1fbb/0x2980 [ 987.552325] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.552901] ? wait_for_completion_io+0x270/0x270 [ 987.553464] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.554059] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.554642] do_syscall_64+0x33/0x40 [ 987.555066] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.555652] RIP: 0033:0x7fa2b71a6b19 [ 987.556116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.558203] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.559061] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 987.559880] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.560692] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.561495] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.562312] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 987.563162] CPU: 0 PID: 6729 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 987.564348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.565772] Call Trace: [ 987.566234] dump_stack+0x107/0x167 [ 987.566860] should_fail.cold+0x5/0xa [ 987.567528] ? __io_uring_add_tctx_node+0x15c/0x520 [ 987.568401] should_failslab+0x5/0x20 [ 987.569070] kmem_cache_alloc_trace+0x55/0x320 [ 987.569867] __io_uring_add_tctx_node+0x15c/0x520 [ 987.570693] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.571619] ? alloc_fd+0x2e7/0x670 [ 987.572256] io_uring_setup+0x1fbb/0x2980 [ 987.573000] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.573890] ? wait_for_completion_io+0x270/0x270 [ 987.574755] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.575687] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.576599] do_syscall_64+0x33/0x40 [ 987.577272] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.577371] FAULT_INJECTION: forcing a failure. [ 987.577371] name failslab, interval 1, probability 0, space 0, times 0 [ 987.578180] RIP: 0033:0x7f6039043b19 [ 987.578197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.578212] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.584687] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 987.585924] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.587168] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.588410] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.589660] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 987.590919] CPU: 1 PID: 6738 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 987.591721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.592677] Call Trace: [ 987.592984] dump_stack+0x107/0x167 [ 987.593402] should_fail.cold+0x5/0xa [ 987.593838] ? xas_alloc+0x336/0x440 [ 987.594270] should_failslab+0x5/0x20 [ 987.594711] kmem_cache_alloc+0x5b/0x310 [ 987.595203] ? stack_trace_consume_entry+0x160/0x160 [ 987.595797] xas_alloc+0x336/0x440 [ 987.596205] xas_create+0x34a/0x10d0 [ 987.596636] ? kernel_text_address+0xf2/0x120 [ 987.597150] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 987.597754] xas_store+0x8c/0x1c40 [ 987.598171] __xa_store+0x164/0x2d0 [ 987.598592] ? xa_delete_node+0x280/0x280 [ 987.599060] ? trace_hardirqs_on+0x5b/0x180 [ 987.599576] xa_store+0x31/0x50 [ 987.599957] __io_uring_add_tctx_node+0x1cf/0x520 [ 987.600506] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.601097] ? alloc_fd+0x2e7/0x670 [ 987.601512] io_uring_setup+0x1fbb/0x2980 [ 987.601982] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.602575] ? wait_for_completion_io+0x270/0x270 [ 987.603141] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.603745] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.604326] do_syscall_64+0x33/0x40 [ 987.604752] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.605333] RIP: 0033:0x7fa304026b19 [ 987.605756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.607839] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.607852] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 987.607858] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.607865] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.607881] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.612422] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 37) 21:33:46 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:46 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:46 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 37) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:33:46 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 41) [ 987.616096] FAULT_INJECTION: forcing a failure. [ 987.616096] name failslab, interval 1, probability 0, space 0, times 0 [ 987.618126] CPU: 0 PID: 6737 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 987.619337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.620809] Call Trace: [ 987.621275] dump_stack+0x107/0x167 [ 987.621923] should_fail.cold+0x5/0xa [ 987.622592] ? create_object.isra.0+0x3a/0xa20 [ 987.623433] should_failslab+0x5/0x20 [ 987.624111] kmem_cache_alloc+0x5b/0x310 [ 987.624849] create_object.isra.0+0x3a/0xa20 [ 987.625635] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 987.626561] kmem_cache_alloc+0x159/0x310 [ 987.627317] xas_alloc+0x336/0x440 [ 987.627963] xas_create+0x34a/0x10d0 [ 987.628641] ? queued_spin_lock_slowpath+0xcc/0x8c0 [ 987.629542] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 987.630496] xas_store+0x8c/0x1c40 [ 987.631147] __xa_store+0x164/0x2d0 [ 987.631795] ? xa_delete_node+0x280/0x280 [ 987.632542] ? trace_hardirqs_on+0x5b/0x180 [ 987.633320] xa_store+0x31/0x50 [ 987.633910] __io_uring_add_tctx_node+0x1cf/0x520 [ 987.634778] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.635722] ? alloc_fd+0x2e7/0x670 [ 987.636388] io_uring_setup+0x1fbb/0x2980 [ 987.637145] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.638058] ? wait_for_completion_io+0x270/0x270 [ 987.638959] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.639907] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.640831] do_syscall_64+0x33/0x40 [ 987.641505] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.642421] RIP: 0033:0x7fe43d50db19 [ 987.643095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.646399] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.647769] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 987.649040] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.650324] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.651624] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.652900] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 987.693057] FAULT_INJECTION: forcing a failure. [ 987.693057] name failslab, interval 1, probability 0, space 0, times 0 [ 987.695184] CPU: 0 PID: 6743 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 987.696422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.697926] Call Trace: [ 987.698404] dump_stack+0x107/0x167 [ 987.699061] should_fail.cold+0x5/0xa 21:33:46 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 38) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:33:46 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 40) [ 987.699766] ? create_object.isra.0+0x3a/0xa20 [ 987.700734] should_failslab+0x5/0x20 [ 987.701427] kmem_cache_alloc+0x5b/0x310 [ 987.702179] create_object.isra.0+0x3a/0xa20 [ 987.702982] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 987.703925] kmem_cache_alloc_trace+0x151/0x320 [ 987.704783] __io_uring_add_tctx_node+0x15c/0x520 [ 987.705664] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.706616] ? alloc_fd+0x2e7/0x670 [ 987.707293] io_uring_setup+0x1fbb/0x2980 [ 987.708057] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.708761] FAULT_INJECTION: forcing a failure. [ 987.708761] name failslab, interval 1, probability 0, space 0, times 0 [ 987.708985] ? wait_for_completion_io+0x270/0x270 [ 987.709023] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.712100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.713042] do_syscall_64+0x33/0x40 [ 987.713720] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.714658] RIP: 0033:0x7fa2b71a6b19 [ 987.715346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.718694] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.720094] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 987.721393] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.722692] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.724003] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.725302] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 987.726628] CPU: 1 PID: 6745 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 987.727453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.728388] Call Trace: [ 987.728691] dump_stack+0x107/0x167 [ 987.729103] should_fail.cold+0x5/0xa [ 987.729541] ? create_object.isra.0+0x3a/0xa20 [ 987.730115] should_failslab+0x5/0x20 [ 987.730543] kmem_cache_alloc+0x5b/0x310 [ 987.731000] create_object.isra.0+0x3a/0xa20 [ 987.731503] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 987.732069] kmem_cache_alloc+0x159/0x310 [ 987.732547] xas_alloc+0x336/0x440 [ 987.732951] xas_create+0x34a/0x10d0 [ 987.733375] ? kernel_text_address+0xf2/0x120 [ 987.733889] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 987.734508] xas_store+0x8c/0x1c40 [ 987.734918] __xa_store+0x164/0x2d0 [ 987.735350] ? xa_delete_node+0x280/0x280 [ 987.735819] ? trace_hardirqs_on+0x5b/0x180 [ 987.736314] xa_store+0x31/0x50 [ 987.736685] __io_uring_add_tctx_node+0x1cf/0x520 [ 987.737234] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.737826] ? alloc_fd+0x2e7/0x670 [ 987.738241] io_uring_setup+0x1fbb/0x2980 [ 987.738715] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.739307] ? wait_for_completion_io+0x270/0x270 [ 987.739863] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.740458] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.741036] do_syscall_64+0x33/0x40 [ 987.741459] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.742034] RIP: 0033:0x7fa304026b19 [ 987.742458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.744539] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.745405] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 987.746203] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.747005] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.747844] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.748649] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 38) [ 987.781521] FAULT_INJECTION: forcing a failure. [ 987.781521] name failslab, interval 1, probability 0, space 0, times 0 [ 987.782909] CPU: 1 PID: 6751 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 987.783700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.784635] Call Trace: [ 987.784936] dump_stack+0x107/0x167 [ 987.785348] should_fail.cold+0x5/0xa [ 987.785780] ? create_object.isra.0+0x3a/0xa20 [ 987.786305] should_failslab+0x5/0x20 [ 987.786741] kmem_cache_alloc+0x5b/0x310 [ 987.787213] create_object.isra.0+0x3a/0xa20 [ 987.787716] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 987.788295] kmem_cache_alloc_trace+0x151/0x320 [ 987.788836] __io_uring_add_tctx_node+0x15c/0x520 [ 987.789390] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.789983] ? alloc_fd+0x2e7/0x670 [ 987.790405] io_uring_setup+0x1fbb/0x2980 [ 987.790880] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.791473] ? wait_for_completion_io+0x270/0x270 [ 987.792034] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.792637] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.793223] do_syscall_64+0x33/0x40 [ 987.793648] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.794234] RIP: 0033:0x7f6039043b19 [ 987.794663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.796774] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.797633] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 987.798440] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 987.799253] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.800060] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.800871] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:46 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:33:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 39) 21:33:46 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 41) [ 987.914048] FAULT_INJECTION: forcing a failure. [ 987.914048] name failslab, interval 1, probability 0, space 0, times 0 [ 987.916326] CPU: 0 PID: 6759 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 987.917675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 987.919299] Call Trace: [ 987.919830] dump_stack+0x107/0x167 [ 987.920539] should_fail.cold+0x5/0xa [ 987.921288] ? xas_alloc+0x336/0x440 [ 987.922020] should_failslab+0x5/0x20 [ 987.922767] kmem_cache_alloc+0x5b/0x310 [ 987.923572] ? stack_trace_consume_entry+0x160/0x160 [ 987.924571] xas_alloc+0x336/0x440 [ 987.925263] xas_create+0x34a/0x10d0 [ 987.925993] ? kernel_text_address+0xf2/0x120 21:33:46 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 987.926878] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 987.928066] xas_store+0x8c/0x1c40 [ 987.928778] __xa_store+0x164/0x2d0 [ 987.929495] ? xa_delete_node+0x280/0x280 [ 987.930327] ? trace_hardirqs_on+0x5b/0x180 [ 987.931196] xa_store+0x31/0x50 [ 987.931842] __io_uring_add_tctx_node+0x1cf/0x520 [ 987.932796] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 987.933825] ? alloc_fd+0x2e7/0x670 [ 987.934549] io_uring_setup+0x1fbb/0x2980 [ 987.935373] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 987.936383] ? wait_for_completion_io+0x270/0x270 [ 987.937348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 987.938374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.939400] do_syscall_64+0x33/0x40 [ 987.940135] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 987.941156] RIP: 0033:0x7f6039043b19 [ 987.941890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.945535] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 987.947035] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 987.948455] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e 21:33:46 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 987.949861] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 987.951347] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 987.952747] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 40) [ 987.996554] FAULT_INJECTION: forcing a failure. [ 987.996554] name failslab, interval 1, probability 0, space 0, times 0 [ 987.998740] CPU: 0 PID: 6762 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 988.000084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.001712] Call Trace: [ 988.002235] dump_stack+0x107/0x167 [ 988.002944] should_fail.cold+0x5/0xa [ 988.003692] ? xas_alloc+0x336/0x440 [ 988.004420] should_failslab+0x5/0x20 [ 988.005167] kmem_cache_alloc+0x5b/0x310 [ 988.005961] xas_alloc+0x336/0x440 [ 988.006665] xas_create+0x34a/0x10d0 [ 988.007405] ? kernel_text_address+0xf2/0x120 [ 988.008289] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.009310] xas_store+0x8c/0x1c40 [ 988.010022] __xa_store+0x164/0x2d0 [ 988.010741] ? xa_delete_node+0x280/0x280 [ 988.011556] ? trace_hardirqs_on+0x5b/0x180 [ 988.012401] xa_store+0x31/0x50 [ 988.013044] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.013333] FAULT_INJECTION: forcing a failure. [ 988.013333] name failslab, interval 1, probability 0, space 0, times 0 [ 988.013985] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.014007] ? alloc_fd+0x2e7/0x670 [ 988.017004] io_uring_setup+0x1fbb/0x2980 [ 988.017826] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.018817] ? wait_for_completion_io+0x270/0x270 [ 988.019797] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.020832] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.021852] do_syscall_64+0x33/0x40 [ 988.022577] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.023595] RIP: 0033:0x7fa304026b19 [ 988.024331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.027972] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.029473] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 988.030873] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.032279] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.033683] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.035074] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 988.036500] CPU: 1 PID: 6767 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 988.037288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.038224] Call Trace: [ 988.038530] dump_stack+0x107/0x167 [ 988.038942] should_fail.cold+0x5/0xa [ 988.039393] ? create_object.isra.0+0x3a/0xa20 [ 988.039925] should_failslab+0x5/0x20 [ 988.040360] kmem_cache_alloc+0x5b/0x310 [ 988.040825] create_object.isra.0+0x3a/0xa20 [ 988.041321] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 988.041897] kmem_cache_alloc+0x159/0x310 [ 988.042369] xas_alloc+0x336/0x440 [ 988.042769] xas_create+0x34a/0x10d0 [ 988.043209] ? kernel_text_address+0xf2/0x120 [ 988.043710] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.044305] xas_store+0x8c/0x1c40 [ 988.044714] __xa_store+0x164/0x2d0 [ 988.045125] ? xa_delete_node+0x280/0x280 [ 988.045601] ? trace_hardirqs_on+0x5b/0x180 [ 988.046091] xa_store+0x31/0x50 [ 988.046469] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.047012] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.047603] ? alloc_fd+0x2e7/0x670 [ 988.048020] io_uring_setup+0x1fbb/0x2980 [ 988.048486] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.049064] ? wait_for_completion_io+0x270/0x270 [ 988.049610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.050206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.050781] do_syscall_64+0x33/0x40 [ 988.051213] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.051792] RIP: 0033:0x7f6039043b19 [ 988.052216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.054294] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.055164] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 988.055972] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.056786] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.057592] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.058402] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:47 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 42) 21:33:47 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 39) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 988.083456] FAULT_INJECTION: forcing a failure. [ 988.083456] name failslab, interval 1, probability 0, space 0, times 0 [ 988.084915] CPU: 1 PID: 6771 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 988.085269] FAULT_INJECTION: forcing a failure. [ 988.085269] name failslab, interval 1, probability 0, space 0, times 0 [ 988.085695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.085707] Call Trace: [ 988.089114] dump_stack+0x107/0x167 [ 988.089535] should_fail.cold+0x5/0xa [ 988.089972] ? xas_alloc+0x336/0x440 [ 988.090401] should_failslab+0x5/0x20 [ 988.090834] kmem_cache_alloc+0x5b/0x310 [ 988.091315] ? stack_trace_consume_entry+0x160/0x160 [ 988.091894] xas_alloc+0x336/0x440 [ 988.092300] xas_create+0x34a/0x10d0 [ 988.092731] ? kernel_text_address+0xf2/0x120 [ 988.093246] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.093834] xas_store+0x8c/0x1c40 [ 988.094245] __xa_store+0x164/0x2d0 [ 988.094662] ? xa_delete_node+0x280/0x280 [ 988.095160] ? trace_hardirqs_on+0x5b/0x180 [ 988.095653] xa_store+0x31/0x50 [ 988.096032] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.096579] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.097178] ? alloc_fd+0x2e7/0x670 [ 988.097598] io_uring_setup+0x1fbb/0x2980 [ 988.098075] ? vfs_write+0x2ac/0xb10 [ 988.098491] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.099072] ? wait_for_completion_io+0x270/0x270 [ 988.099657] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.100256] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.100917] do_syscall_64+0x33/0x40 [ 988.101342] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.101922] RIP: 0033:0x7fa2b71a6b19 [ 988.102347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.104474] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.105338] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 988.106150] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.106961] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.107779] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.108592] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 988.109426] CPU: 0 PID: 6769 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 988.110784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.112411] Call Trace: [ 988.112927] dump_stack+0x107/0x167 [ 988.113638] should_fail.cold+0x5/0xa [ 988.114400] ? create_object.isra.0+0x3a/0xa20 [ 988.115318] should_failslab+0x5/0x20 [ 988.116072] kmem_cache_alloc+0x5b/0x310 [ 988.116867] ? mark_held_locks+0x9e/0xe0 [ 988.117665] create_object.isra.0+0x3a/0xa20 [ 988.118548] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 988.119553] kmem_cache_alloc+0x159/0x310 [ 988.120387] xas_alloc+0x336/0x440 [ 988.121092] xas_create+0x34a/0x10d0 [ 988.121843] ? kernel_text_address+0xf2/0x120 [ 988.122726] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.123798] xas_store+0x8c/0x1c40 [ 988.124521] __xa_store+0x164/0x2d0 [ 988.125250] ? xa_delete_node+0x280/0x280 [ 988.126086] ? trace_hardirqs_on+0x5b/0x180 [ 988.126952] xa_store+0x31/0x50 [ 988.127623] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.128593] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.129636] ? alloc_fd+0x2e7/0x670 [ 988.130372] io_uring_setup+0x1fbb/0x2980 [ 988.131219] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.132232] ? wait_for_completion_io+0x270/0x270 [ 988.133212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.134259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.135306] do_syscall_64+0x33/0x40 [ 988.136049] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.137079] RIP: 0033:0x7fe43d50db19 [ 988.137819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.141513] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.143032] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 988.144483] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.145906] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.147346] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.148781] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:47 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 40) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 988.211987] FAULT_INJECTION: forcing a failure. [ 988.211987] name failslab, interval 1, probability 0, space 0, times 0 [ 988.214614] CPU: 0 PID: 6774 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 988.215970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.217633] Call Trace: [ 988.218166] dump_stack+0x107/0x167 [ 988.218894] should_fail.cold+0x5/0xa [ 988.219666] ? xas_alloc+0x336/0x440 [ 988.220416] should_failslab+0x5/0x20 [ 988.221176] kmem_cache_alloc+0x5b/0x310 [ 988.221990] ? stack_trace_consume_entry+0x160/0x160 [ 988.223010] xas_alloc+0x336/0x440 [ 988.223735] xas_create+0x34a/0x10d0 [ 988.224495] ? kernel_text_address+0xf2/0x120 [ 988.225396] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.226452] xas_store+0x8c/0x1c40 [ 988.227186] __xa_store+0x164/0x2d0 [ 988.227918] ? xa_delete_node+0x280/0x280 [ 988.228757] ? trace_hardirqs_on+0x5b/0x180 [ 988.229630] xa_store+0x31/0x50 [ 988.230293] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.231274] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.232330] ? alloc_fd+0x2e7/0x670 [ 988.233067] io_uring_setup+0x1fbb/0x2980 [ 988.233903] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.234925] ? wait_for_completion_io+0x270/0x270 [ 988.235917] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.236968] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.238002] do_syscall_64+0x33/0x40 [ 988.238746] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.239777] RIP: 0033:0x7fa2b71a6b19 [ 988.240520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.244219] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.245743] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 988.247186] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.248623] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.250059] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.251497] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:33:47 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:47 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:33:47 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:33:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 41) [ 988.307074] FAULT_INJECTION: forcing a failure. [ 988.307074] name failslab, interval 1, probability 0, space 0, times 0 [ 988.308502] CPU: 1 PID: 6783 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 988.309282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 988.310242] Call Trace: [ 988.310550] dump_stack+0x107/0x167 [ 988.310963] should_fail.cold+0x5/0xa [ 988.311427] ? xas_alloc+0x336/0x440 [ 988.311917] should_failslab+0x5/0x20 [ 988.312358] kmem_cache_alloc+0x5b/0x310 [ 988.312843] xas_alloc+0x336/0x440 [ 988.313257] xas_create+0x34a/0x10d0 [ 988.313694] ? kernel_text_address+0xf2/0x120 [ 988.314211] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 988.314857] xas_store+0x8c/0x1c40 [ 988.315282] __xa_store+0x164/0x2d0 [ 988.315698] ? xa_delete_node+0x280/0x280 [ 988.316179] ? trace_hardirqs_on+0x5b/0x180 [ 988.316680] xa_store+0x31/0x50 [ 988.317061] __io_uring_add_tctx_node+0x1cf/0x520 [ 988.317608] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 988.318206] ? alloc_fd+0x2e7/0x670 [ 988.318633] io_uring_setup+0x1fbb/0x2980 [ 988.319120] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 988.319711] ? wait_for_completion_io+0x270/0x270 [ 988.320328] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 988.320924] ? syscall_enter_from_user_mode+0x1d/0x50 [ 988.321523] do_syscall_64+0x33/0x40 [ 988.321947] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 988.322629] RIP: 0033:0x7f6039043b19 [ 988.323056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.325297] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 988.326221] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 988.327030] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 988.327897] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 988.328704] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 988.329515] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:06 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 42) 21:34:06 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 43) 21:34:06 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 42) 21:34:06 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:06 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 41) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:06 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:34:06 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:06 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1007.348587] FAULT_INJECTION: forcing a failure. [ 1007.348587] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.350875] FAULT_INJECTION: forcing a failure. [ 1007.350875] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.351384] CPU: 0 PID: 6801 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1007.355485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.357337] Call Trace: [ 1007.357928] dump_stack+0x107/0x167 [ 1007.358712] should_fail.cold+0x5/0xa [ 1007.359572] ? xas_alloc+0x336/0x440 [ 1007.360419] should_failslab+0x5/0x20 [ 1007.361280] kmem_cache_alloc+0x5b/0x310 [ 1007.362184] xas_alloc+0x336/0x440 [ 1007.362966] xas_create+0x34a/0x10d0 [ 1007.363815] ? kernel_text_address+0xf2/0x120 [ 1007.364830] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.365974] xas_store+0x8c/0x1c40 [ 1007.366796] __xa_store+0x164/0x2d0 [ 1007.367625] ? xa_delete_node+0x280/0x280 [ 1007.368539] ? trace_hardirqs_on+0x5b/0x180 [ 1007.369518] xa_store+0x31/0x50 [ 1007.370273] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.371336] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.372516] ? alloc_fd+0x2e7/0x670 [ 1007.373358] io_uring_setup+0x1fbb/0x2980 [ 1007.374281] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.375424] ? wait_for_completion_io+0x270/0x270 [ 1007.376563] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.377704] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.378893] do_syscall_64+0x33/0x40 [ 1007.379752] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.380875] RIP: 0033:0x7fa2b71a6b19 [ 1007.381735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.386002] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.387691] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1007.389300] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.390908] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.392431] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.393947] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.395500] CPU: 1 PID: 6803 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1007.397142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.399030] Call Trace: [ 1007.399647] dump_stack+0x107/0x167 [ 1007.400518] should_fail.cold+0x5/0xa [ 1007.401402] ? create_object.isra.0+0x3a/0xa20 [ 1007.402460] should_failslab+0x5/0x20 [ 1007.403341] kmem_cache_alloc+0x5b/0x310 [ 1007.404302] ? mark_held_locks+0x9e/0xe0 [ 1007.405240] create_object.isra.0+0x3a/0xa20 [ 1007.406246] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1007.407418] kmem_cache_alloc+0x159/0x310 [ 1007.407447] xas_alloc+0x336/0x440 [ 1007.407470] xas_create+0x34a/0x10d0 [ 1007.407499] ? kernel_text_address+0xf2/0x120 [ 1007.407530] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.412253] xas_store+0x8c/0x1c40 [ 1007.413083] __xa_store+0x164/0x2d0 [ 1007.414037] ? xa_delete_node+0x280/0x280 [ 1007.415062] ? trace_hardirqs_on+0x5b/0x180 [ 1007.416091] xa_store+0x31/0x50 [ 1007.416857] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.417992] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.419200] ? alloc_fd+0x2e7/0x670 [ 1007.420083] io_uring_setup+0x1fbb/0x2980 [ 1007.421046] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.422216] ? wait_for_completion_io+0x270/0x270 [ 1007.423351] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.424580] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.425767] do_syscall_64+0x33/0x40 [ 1007.426625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.427820] RIP: 0033:0x7fa304026b19 [ 1007.428689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.433219] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.434972] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1007.436643] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.438277] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.439947] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.441588] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.467536] FAULT_INJECTION: forcing a failure. [ 1007.467536] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.471571] CPU: 1 PID: 6811 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1007.473479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.475934] Call Trace: [ 1007.476654] dump_stack+0x107/0x167 [ 1007.477670] should_fail.cold+0x5/0xa [ 1007.478707] ? xas_alloc+0x336/0x440 [ 1007.479689] should_failslab+0x5/0x20 [ 1007.480694] kmem_cache_alloc+0x5b/0x310 [ 1007.481773] xas_alloc+0x336/0x440 [ 1007.482719] xas_create+0x34a/0x10d0 [ 1007.483034] FAULT_INJECTION: forcing a failure. [ 1007.483034] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.483725] ? kernel_text_address+0xf2/0x120 [ 1007.483756] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.483799] xas_store+0x8c/0x1c40 [ 1007.483847] __xa_store+0x164/0x2d0 [ 1007.483878] ? xa_delete_node+0x280/0x280 [ 1007.483919] ? trace_hardirqs_on+0x5b/0x180 [ 1007.493183] xa_store+0x31/0x50 [ 1007.494079] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.495387] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.496824] ? alloc_fd+0x2e7/0x670 [ 1007.497845] io_uring_setup+0x1fbb/0x2980 [ 1007.498978] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.500328] ? wait_for_completion_io+0x270/0x270 [ 1007.501627] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.503017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.504332] do_syscall_64+0x33/0x40 [ 1007.505263] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.506582] RIP: 0033:0x7fe43d50db19 [ 1007.507535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.512333] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.514373] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 1007.516218] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.518021] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.519797] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.521625] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.523570] CPU: 0 PID: 6812 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1007.524675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.525986] Call Trace: [ 1007.526407] dump_stack+0x107/0x167 [ 1007.526981] should_fail.cold+0x5/0xa [ 1007.527581] ? xas_alloc+0x336/0x440 [ 1007.528180] should_failslab+0x5/0x20 [ 1007.528782] kmem_cache_alloc+0x5b/0x310 [ 1007.529431] xas_alloc+0x336/0x440 [ 1007.529999] xas_create+0x34a/0x10d0 [ 1007.530598] ? kernel_text_address+0xf2/0x120 [ 1007.531308] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.532152] xas_store+0x8c/0x1c40 [ 1007.532723] __xa_store+0x164/0x2d0 [ 1007.533304] ? xa_delete_node+0x280/0x280 [ 1007.533974] ? trace_hardirqs_on+0x5b/0x180 [ 1007.534669] xa_store+0x31/0x50 [ 1007.535195] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.535966] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.536784] ? alloc_fd+0x2e7/0x670 [ 1007.537373] io_uring_setup+0x1fbb/0x2980 [ 1007.538042] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.538851] ? wait_for_completion_io+0x270/0x270 [ 1007.539622] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.540535] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.541519] do_syscall_64+0x33/0x40 [ 1007.542301] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.543332] RIP: 0033:0x7f6039043b19 [ 1007.544092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.547696] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.548980] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 1007.550172] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.551339] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.552511] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.553793] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:06 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 44) 21:34:06 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:06 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 42) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:06 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 43) 21:34:06 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 43) [ 1007.781754] FAULT_INJECTION: forcing a failure. [ 1007.781754] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.783489] CPU: 0 PID: 6816 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1007.784524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.785802] Call Trace: [ 1007.786232] dump_stack+0x107/0x167 [ 1007.786803] should_fail.cold+0x5/0xa [ 1007.787374] ? xas_alloc+0x336/0x440 [ 1007.787944] should_failslab+0x5/0x20 [ 1007.788515] kmem_cache_alloc+0x5b/0x310 [ 1007.789636] xas_alloc+0x336/0x440 [ 1007.790215] xas_create+0x34a/0x10d0 [ 1007.791701] ? kernel_text_address+0xf2/0x120 [ 1007.792422] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.793235] xas_store+0x8c/0x1c40 [ 1007.793797] __xa_store+0x164/0x2d0 [ 1007.794356] ? xa_delete_node+0x280/0x280 [ 1007.795002] ? trace_hardirqs_on+0x5b/0x180 [ 1007.795670] xa_store+0x31/0x50 [ 1007.796197] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.796939] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.797741] ? alloc_fd+0x2e7/0x670 [ 1007.798310] io_uring_setup+0x1fbb/0x2980 [ 1007.798957] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.799747] ? wait_for_completion_io+0x270/0x270 [ 1007.800523] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.801339] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.802152] do_syscall_64+0x33/0x40 [ 1007.802748] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.803535] RIP: 0033:0x7f6039043b19 [ 1007.804123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.807022] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.808196] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1007.809328] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.810449] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.811085] FAULT_INJECTION: forcing a failure. [ 1007.811085] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.811578] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.811586] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.817477] CPU: 1 PID: 6819 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1007.819011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.820870] Call Trace: [ 1007.821466] dump_stack+0x107/0x167 [ 1007.822290] should_fail.cold+0x5/0xa [ 1007.823155] ? create_object.isra.0+0x3a/0xa20 [ 1007.824188] should_failslab+0x5/0x20 [ 1007.825051] kmem_cache_alloc+0x5b/0x310 [ 1007.825961] ? mark_held_locks+0x9e/0xe0 [ 1007.826868] create_object.isra.0+0x3a/0xa20 [ 1007.827866] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1007.829012] kmem_cache_alloc+0x159/0x310 [ 1007.829945] xas_alloc+0x336/0x440 [ 1007.830737] xas_create+0x34a/0x10d0 [ 1007.831575] ? kernel_text_address+0xf2/0x120 [ 1007.832589] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.833767] xas_store+0x8c/0x1c40 [ 1007.834574] __xa_store+0x164/0x2d0 [ 1007.835390] ? xa_delete_node+0x280/0x280 [ 1007.836344] ? trace_hardirqs_on+0x5b/0x180 [ 1007.837311] xa_store+0x31/0x50 [ 1007.838047] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.839120] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.840298] ? alloc_fd+0x2e7/0x670 [ 1007.841120] io_uring_setup+0x1fbb/0x2980 [ 1007.842052] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.843179] ? wait_for_completion_io+0x270/0x270 [ 1007.844290] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.845564] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.846905] do_syscall_64+0x33/0x40 [ 1007.847934] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.849322] RIP: 0033:0x7fe43d50db19 [ 1007.850338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:34:06 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 44) [ 1007.855331] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.857291] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1007.862089] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.862980] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.863880] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.864791] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.889459] FAULT_INJECTION: forcing a failure. [ 1007.889459] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.891683] CPU: 0 PID: 6823 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1007.892942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.894425] FAULT_INJECTION: forcing a failure. [ 1007.894425] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.894453] Call Trace: [ 1007.894482] dump_stack+0x107/0x167 [ 1007.897167] should_fail.cold+0x5/0xa [ 1007.897860] ? create_object.isra.0+0x3a/0xa20 [ 1007.898701] should_failslab+0x5/0x20 [ 1007.899400] kmem_cache_alloc+0x5b/0x310 [ 1007.900141] ? mark_held_locks+0x9e/0xe0 [ 1007.900882] create_object.isra.0+0x3a/0xa20 [ 1007.901676] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1007.902598] kmem_cache_alloc+0x159/0x310 [ 1007.903367] xas_alloc+0x336/0x440 [ 1007.904079] xas_create+0x34a/0x10d0 [ 1007.904810] ? kernel_text_address+0xf2/0x120 [ 1007.905671] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.906667] xas_store+0x8c/0x1c40 [ 1007.907371] __xa_store+0x164/0x2d0 [ 1007.908092] ? xa_delete_node+0x280/0x280 [ 1007.908897] ? trace_hardirqs_on+0x5b/0x180 [ 1007.909735] xa_store+0x31/0x50 [ 1007.910369] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.911287] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.912303] ? io_uring_setup+0x13d1/0x2980 [ 1007.913143] io_uring_setup+0x1fbb/0x2980 [ 1007.913940] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.914907] ? wait_for_completion_io+0x270/0x270 [ 1007.915854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.916853] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.917833] do_syscall_64+0x33/0x40 [ 1007.918553] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.919546] RIP: 0033:0x7fa2b71a6b19 [ 1007.920283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.923815] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.925273] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1007.926621] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.927985] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.929343] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.930693] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1007.932099] CPU: 1 PID: 6825 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1007.933636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.935451] Call Trace: [ 1007.936066] dump_stack+0x107/0x167 [ 1007.936866] should_fail.cold+0x5/0xa [ 1007.937738] ? xas_alloc+0x336/0x440 [ 1007.938636] should_failslab+0x5/0x20 [ 1007.939645] kmem_cache_alloc+0x5b/0x310 [ 1007.940726] xas_alloc+0x336/0x440 [ 1007.941687] xas_create+0x34a/0x10d0 [ 1007.942678] ? kernel_text_address+0xf2/0x120 [ 1007.943888] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1007.945231] xas_store+0x8c/0x1c40 [ 1007.945270] __xa_store+0x164/0x2d0 [ 1007.946734] ? xa_delete_node+0x280/0x280 [ 1007.947661] ? trace_hardirqs_on+0x5b/0x180 [ 1007.948657] xa_store+0x31/0x50 [ 1007.949395] __io_uring_add_tctx_node+0x1cf/0x520 [ 1007.950472] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1007.951632] ? alloc_fd+0x2e7/0x670 [ 1007.952463] io_uring_setup+0x1fbb/0x2980 [ 1007.953402] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1007.954540] ? wait_for_completion_io+0x270/0x270 [ 1007.955628] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.956776] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.957924] do_syscall_64+0x33/0x40 [ 1007.958751] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1007.959919] RIP: 0033:0x7fa304026b19 [ 1007.960745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.964826] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1007.966529] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1007.968080] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1007.969663] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1007.971230] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1007.972880] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1008.008416] FAULT_INJECTION: forcing a failure. [ 1008.008416] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.011434] CPU: 1 PID: 6827 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1008.013202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1008.015404] Call Trace: [ 1008.016174] dump_stack+0x107/0x167 [ 1008.017204] should_fail.cold+0x5/0xa [ 1008.018276] ? xas_alloc+0x336/0x440 [ 1008.019335] should_failslab+0x5/0x20 [ 1008.020418] kmem_cache_alloc+0x5b/0x310 [ 1008.021564] xas_alloc+0x336/0x440 [ 1008.022566] xas_create+0x34a/0x10d0 [ 1008.023632] ? kernel_text_address+0xf2/0x120 [ 1008.024911] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1008.026308] xas_store+0x8c/0x1c40 [ 1008.027256] __xa_store+0x164/0x2d0 [ 1008.028214] ? xa_delete_node+0x280/0x280 [ 1008.029295] ? trace_hardirqs_on+0x5b/0x180 [ 1008.030428] xa_store+0x31/0x50 [ 1008.031288] __io_uring_add_tctx_node+0x1cf/0x520 [ 1008.032546] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1008.033896] ? alloc_fd+0x2e7/0x670 [ 1008.034861] io_uring_setup+0x1fbb/0x2980 [ 1008.035968] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1008.037287] ? wait_for_completion_io+0x270/0x270 [ 1008.038457] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1008.039657] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1008.040772] do_syscall_64+0x33/0x40 [ 1008.041554] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1008.042639] RIP: 0033:0x7f6039043b19 [ 1008.043422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.047376] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1008.049003] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1008.050515] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1008.052033] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1008.053536] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1008.055035] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:07 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 43) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:07 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1008.141038] FAULT_INJECTION: forcing a failure. [ 1008.141038] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.142906] CPU: 0 PID: 6830 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1008.143912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1008.145122] Call Trace: [ 1008.145510] dump_stack+0x107/0x167 [ 1008.146048] should_fail.cold+0x5/0xa [ 1008.146606] ? create_object.isra.0+0x3a/0xa20 [ 1008.147276] should_failslab+0x5/0x20 [ 1008.147844] kmem_cache_alloc+0x5b/0x310 [ 1008.148437] ? mark_held_locks+0x9e/0xe0 [ 1008.149031] create_object.isra.0+0x3a/0xa20 [ 1008.149673] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1008.150405] kmem_cache_alloc+0x159/0x310 [ 1008.151029] xas_alloc+0x336/0x440 [ 1008.151550] xas_create+0x34a/0x10d0 [ 1008.152104] ? kernel_text_address+0xf2/0x120 [ 1008.152745] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1008.153497] xas_store+0x8c/0x1c40 [ 1008.154015] __xa_store+0x164/0x2d0 [ 1008.154546] ? xa_delete_node+0x280/0x280 [ 1008.155148] ? trace_hardirqs_on+0x5b/0x180 [ 1008.155779] xa_store+0x31/0x50 [ 1008.156293] __io_uring_add_tctx_node+0x1cf/0x520 [ 1008.156980] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1008.157740] ? alloc_fd+0x2e7/0x670 [ 1008.158272] io_uring_setup+0x1fbb/0x2980 [ 1008.158882] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1008.159607] ? wait_for_completion_io+0x270/0x270 [ 1008.160317] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1008.161071] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1008.161799] do_syscall_64+0x33/0x40 [ 1008.162333] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1008.163055] RIP: 0033:0x7fa2b71a6b19 [ 1008.163587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.166183] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1008.167279] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1008.168310] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1008.169329] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1008.170343] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1008.171355] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 45) 21:34:07 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 44) [ 1008.232757] FAULT_INJECTION: forcing a failure. [ 1008.232757] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.234353] CPU: 0 PID: 6836 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1008.235307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1008.236482] Call Trace: [ 1008.236853] dump_stack+0x107/0x167 [ 1008.237367] should_fail.cold+0x5/0xa [ 1008.237905] ? xas_alloc+0x336/0x440 [ 1008.238434] should_failslab+0x5/0x20 [ 1008.238965] kmem_cache_alloc+0x5b/0x310 [ 1008.239541] xas_alloc+0x336/0x440 [ 1008.240043] xas_create+0x34a/0x10d0 [ 1008.240571] ? kernel_text_address+0xf2/0x120 [ 1008.241208] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1008.241942] xas_store+0x8c/0x1c40 [ 1008.242442] __xa_store+0x164/0x2d0 [ 1008.242947] ? xa_delete_node+0x280/0x280 [ 1008.243529] ? trace_hardirqs_on+0x5b/0x180 [ 1008.243895] FAULT_INJECTION: forcing a failure. [ 1008.243895] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.244138] xa_store+0x31/0x50 [ 1008.244154] __io_uring_add_tctx_node+0x1cf/0x520 [ 1008.244175] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1008.248412] ? alloc_fd+0x2e7/0x670 [ 1008.248933] io_uring_setup+0x1fbb/0x2980 [ 1008.249524] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1008.250237] ? wait_for_completion_io+0x270/0x270 [ 1008.250923] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1008.251653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1008.252413] do_syscall_64+0x33/0x40 [ 1008.252925] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1008.253635] RIP: 0033:0x7fa304026b19 [ 1008.254150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.256708] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1008.257766] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1008.258758] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1008.259741] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1008.260729] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1008.261714] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1008.262738] CPU: 1 PID: 6837 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1008.264246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1008.266036] Call Trace: [ 1008.266615] dump_stack+0x107/0x167 [ 1008.267402] should_fail.cold+0x5/0xa [ 1008.268235] ? create_object.isra.0+0x3a/0xa20 [ 1008.269223] should_failslab+0x5/0x20 [ 1008.270048] kmem_cache_alloc+0x5b/0x310 [ 1008.270932] ? mark_held_locks+0x9e/0xe0 [ 1008.271821] create_object.isra.0+0x3a/0xa20 [ 1008.272776] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1008.273879] kmem_cache_alloc+0x159/0x310 [ 1008.274790] xas_alloc+0x336/0x440 [ 1008.275562] xas_create+0x34a/0x10d0 [ 1008.276389] ? kernel_text_address+0xf2/0x120 [ 1008.277365] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1008.278503] xas_store+0x8c/0x1c40 [ 1008.279287] __xa_store+0x164/0x2d0 [ 1008.280091] ? xa_delete_node+0x280/0x280 [ 1008.280998] ? trace_hardirqs_on+0x5b/0x180 [ 1008.281939] xa_store+0x31/0x50 [ 1008.282659] __io_uring_add_tctx_node+0x1cf/0x520 [ 1008.283703] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1008.284848] ? alloc_fd+0x2e7/0x670 [ 1008.285655] io_uring_setup+0x1fbb/0x2980 [ 1008.286562] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1008.287664] ? wait_for_completion_io+0x270/0x270 [ 1008.288744] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1008.289883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1008.291008] do_syscall_64+0x33/0x40 [ 1008.291825] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1008.292934] RIP: 0033:0x7fe43d50db19 [ 1008.293740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.297732] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1008.299380] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1008.300929] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1008.302474] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1008.304024] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1008.305568] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 46) 21:34:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:34:23 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 45) 21:34:23 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:23 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:23 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 44) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 45) 21:34:23 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1024.374833] FAULT_INJECTION: forcing a failure. [ 1024.374833] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.377337] CPU: 1 PID: 6847 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1024.378642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.380230] Call Trace: [ 1024.380757] dump_stack+0x107/0x167 [ 1024.381461] should_fail.cold+0x5/0xa [ 1024.382198] ? create_object.isra.0+0x3a/0xa20 [ 1024.383080] should_failslab+0x5/0x20 [ 1024.383810] kmem_cache_alloc+0x5b/0x310 [ 1024.384604] ? mark_held_locks+0x9e/0xe0 [ 1024.385386] create_object.isra.0+0x3a/0xa20 [ 1024.386224] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1024.387198] kmem_cache_alloc+0x159/0x310 [ 1024.387999] xas_alloc+0x336/0x440 [ 1024.388694] xas_create+0x34a/0x10d0 [ 1024.389411] ? kernel_text_address+0xf2/0x120 [ 1024.390265] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.391262] xas_store+0x8c/0x1c40 [ 1024.391948] __xa_store+0x164/0x2d0 [ 1024.392654] ? xa_delete_node+0x280/0x280 [ 1024.393447] ? trace_hardirqs_on+0x5b/0x180 [ 1024.394270] xa_store+0x31/0x50 [ 1024.394899] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.395814] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.396815] ? alloc_fd+0x2e7/0x670 [ 1024.397515] io_uring_setup+0x1fbb/0x2980 [ 1024.398309] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.399278] ? wait_for_completion_io+0x270/0x270 [ 1024.400220] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.401212] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.402200] do_syscall_64+0x33/0x40 [ 1024.402908] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.403900] RIP: 0033:0x7fe43d50db19 [ 1024.404615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.408129] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.409589] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1024.410950] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.412313] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.413678] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.415029] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1024.420642] FAULT_INJECTION: forcing a failure. [ 1024.420642] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.423548] CPU: 0 PID: 6857 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1024.425306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.427352] Call Trace: [ 1024.428008] dump_stack+0x107/0x167 [ 1024.428968] should_fail.cold+0x5/0xa [ 1024.429912] ? xas_alloc+0x336/0x440 [ 1024.430833] should_failslab+0x5/0x20 [ 1024.431772] kmem_cache_alloc+0x5b/0x310 [ 1024.432847] xas_alloc+0x336/0x440 [ 1024.433687] xas_create+0x34a/0x10d0 [ 1024.434528] ? kernel_text_address+0xf2/0x120 [ 1024.435529] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.436723] xas_store+0x8c/0x1c40 [ 1024.437551] __xa_store+0x164/0x2d0 [ 1024.438360] ? xa_delete_node+0x280/0x280 [ 1024.438679] FAULT_INJECTION: forcing a failure. [ 1024.438679] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.439286] ? trace_hardirqs_on+0x5b/0x180 [ 1024.439323] xa_store+0x31/0x50 [ 1024.443043] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.444130] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.445351] ? alloc_fd+0x2e7/0x670 [ 1024.446172] io_uring_setup+0x1fbb/0x2980 [ 1024.447103] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.448224] ? wait_for_completion_io+0x270/0x270 [ 1024.449354] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.450509] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.451672] do_syscall_64+0x33/0x40 [ 1024.452504] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.453678] RIP: 0033:0x7f6039043b19 [ 1024.454502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.458773] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.460452] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1024.462015] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.463586] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.465208] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.466770] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1024.468384] CPU: 1 PID: 6859 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1024.469665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.471189] Call Trace: [ 1024.471682] dump_stack+0x107/0x167 [ 1024.472355] should_fail.cold+0x5/0xa [ 1024.473069] ? create_object.isra.0+0x3a/0xa20 [ 1024.473913] should_failslab+0x5/0x20 [ 1024.474609] kmem_cache_alloc+0x5b/0x310 [ 1024.475350] ? mark_held_locks+0x9e/0xe0 [ 1024.476098] create_object.isra.0+0x3a/0xa20 [ 1024.476908] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1024.477841] kmem_cache_alloc+0x159/0x310 [ 1024.478600] xas_alloc+0x336/0x440 [ 1024.479251] xas_create+0x34a/0x10d0 [ 1024.479944] ? kernel_text_address+0xf2/0x120 [ 1024.480784] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.481735] xas_store+0x8c/0x1c40 [ 1024.481764] __xa_store+0x164/0x2d0 [ 1024.481782] ? xa_delete_node+0x280/0x280 [ 1024.481805] ? trace_hardirqs_on+0x5b/0x180 [ 1024.484732] xa_store+0x31/0x50 [ 1024.485322] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.486181] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.487119] ? alloc_fd+0x2e7/0x670 [ 1024.487779] io_uring_setup+0x1fbb/0x2980 [ 1024.488533] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.489449] ? wait_for_completion_io+0x270/0x270 [ 1024.490325] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.491258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.492177] do_syscall_64+0x33/0x40 [ 1024.492859] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.493770] RIP: 0033:0x7fa2b71a6b19 [ 1024.494437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.497738] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.499097] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1024.500388] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.501655] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.502914] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.504182] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 47) 21:34:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 1024.570791] FAULT_INJECTION: forcing a failure. [ 1024.570791] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.572784] CPU: 1 PID: 6864 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1024.573953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.575361] Call Trace: [ 1024.575818] dump_stack+0x107/0x167 [ 1024.576447] should_fail.cold+0x5/0xa [ 1024.577092] ? xas_alloc+0x336/0x440 [ 1024.577722] should_failslab+0x5/0x20 [ 1024.578367] kmem_cache_alloc+0x5b/0x310 [ 1024.579058] xas_alloc+0x336/0x440 [ 1024.579665] xas_create+0x34a/0x10d0 [ 1024.580303] ? kernel_text_address+0xf2/0x120 [ 1024.581077] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.581970] xas_store+0x8c/0x1c40 [ 1024.582592] __xa_store+0x164/0x2d0 [ 1024.583212] ? xa_delete_node+0x280/0x280 [ 1024.583922] ? trace_hardirqs_on+0x5b/0x180 [ 1024.584667] xa_store+0x31/0x50 [ 1024.585236] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.586049] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.586942] ? alloc_fd+0x2e7/0x670 [ 1024.587569] io_uring_setup+0x1fbb/0x2980 [ 1024.588275] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.589148] ? wait_for_completion_io+0x270/0x270 [ 1024.589985] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.590878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.591761] do_syscall_64+0x33/0x40 [ 1024.592397] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.593269] RIP: 0033:0x7fa304026b19 [ 1024.593903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.597025] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.598311] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 1024.599515] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.600717] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.601908] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.603098] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1024.643585] FAULT_INJECTION: forcing a failure. [ 1024.643585] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.645887] CPU: 0 PID: 6868 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1024.647248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.648915] Call Trace: [ 1024.649447] dump_stack+0x107/0x167 [ 1024.650172] should_fail.cold+0x5/0xa [ 1024.650933] ? xas_alloc+0x336/0x440 [ 1024.651680] should_failslab+0x5/0x20 [ 1024.652456] kmem_cache_alloc+0x5b/0x310 [ 1024.653271] xas_alloc+0x336/0x440 [ 1024.653983] xas_create+0x34a/0x10d0 [ 1024.654747] ? kernel_text_address+0xf2/0x120 [ 1024.655644] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.656710] xas_store+0x8c/0x1c40 [ 1024.657433] __xa_store+0x164/0x2d0 [ 1024.658162] ? xa_delete_node+0x280/0x280 [ 1024.659000] ? trace_hardirqs_on+0x5b/0x180 [ 1024.659865] xa_store+0x31/0x50 [ 1024.660545] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.661507] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.662550] ? alloc_fd+0x2e7/0x670 [ 1024.663287] io_uring_setup+0x1fbb/0x2980 [ 1024.664121] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.665146] ? wait_for_completion_io+0x270/0x270 [ 1024.666130] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.667173] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.668200] do_syscall_64+0x33/0x40 [ 1024.668953] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.669973] RIP: 0033:0x7fe43d50db19 [ 1024.670711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.674369] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.675886] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1024.677308] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.678724] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.680139] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.681562] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="444f00ef465cbd5ee98933b749793d5d7214b8d86b6d275152d8125c31e68dbad574db4ace83", @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:34:23 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:23 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 45) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:23 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 46) [ 1024.745722] FAULT_INJECTION: forcing a failure. [ 1024.745722] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.747566] CPU: 1 PID: 6872 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1024.748612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.749859] Call Trace: [ 1024.750255] dump_stack+0x107/0x167 [ 1024.750803] should_fail.cold+0x5/0xa [ 1024.751370] ? create_object.isra.0+0x3a/0xa20 [ 1024.752067] should_failslab+0x5/0x20 [ 1024.752658] kmem_cache_alloc+0x5b/0x310 [ 1024.753279] ? mark_held_locks+0x9e/0xe0 [ 1024.753900] create_object.isra.0+0x3a/0xa20 [ 1024.754575] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1024.755337] kmem_cache_alloc+0x159/0x310 [ 1024.755982] xas_alloc+0x336/0x440 [ 1024.756524] xas_create+0x34a/0x10d0 [ 1024.757097] ? kernel_text_address+0xf2/0x120 [ 1024.757782] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.758591] xas_store+0x8c/0x1c40 [ 1024.759134] __xa_store+0x164/0x2d0 [ 1024.759671] ? xa_delete_node+0x280/0x280 [ 1024.760297] ? trace_hardirqs_on+0x5b/0x180 [ 1024.761000] xa_store+0x31/0x50 [ 1024.761508] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.762228] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.763003] ? alloc_fd+0x2e7/0x670 [ 1024.763544] io_uring_setup+0x1fbb/0x2980 [ 1024.764176] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.764953] ? wait_for_completion_io+0x270/0x270 [ 1024.765698] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.766487] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.767261] do_syscall_64+0x33/0x40 [ 1024.767808] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.768597] RIP: 0033:0x7fa304026b19 [ 1024.769160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.771896] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.773047] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1024.774112] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.775170] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.776213] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.777295] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 46) 21:34:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 48) [ 1024.801423] FAULT_INJECTION: forcing a failure. [ 1024.801423] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.803961] CPU: 0 PID: 6878 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1024.805339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.806980] Call Trace: [ 1024.807517] dump_stack+0x107/0x167 [ 1024.808246] should_fail.cold+0x5/0xa [ 1024.809020] ? xas_alloc+0x336/0x440 [ 1024.809770] should_failslab+0x5/0x20 [ 1024.810529] kmem_cache_alloc+0x5b/0x310 [ 1024.811341] xas_alloc+0x336/0x440 [ 1024.812055] xas_create+0x34a/0x10d0 [ 1024.812821] ? kernel_text_address+0xf2/0x120 [ 1024.813720] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.814762] xas_store+0x8c/0x1c40 [ 1024.814782] FAULT_INJECTION: forcing a failure. [ 1024.814782] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.815484] __xa_store+0x164/0x2d0 [ 1024.815509] ? xa_delete_node+0x280/0x280 [ 1024.818619] ? trace_hardirqs_on+0x5b/0x180 [ 1024.819489] xa_store+0x31/0x50 [ 1024.820149] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.821115] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.822158] ? alloc_fd+0x2e7/0x670 [ 1024.822894] io_uring_setup+0x1fbb/0x2980 [ 1024.823734] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.824772] ? wait_for_completion_io+0x270/0x270 [ 1024.825785] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.826830] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.827854] do_syscall_64+0x33/0x40 [ 1024.828623] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.829640] RIP: 0033:0x7fa2b71a6b19 [ 1024.830383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.834047] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.835556] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1024.836985] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.838403] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.839822] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.841257] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1024.842700] CPU: 1 PID: 6880 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1024.843660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.844838] Call Trace: [ 1024.845204] dump_stack+0x107/0x167 [ 1024.845219] should_fail.cold+0x5/0xa [ 1024.845235] ? create_object.isra.0+0x3a/0xa20 [ 1024.845260] should_failslab+0x5/0x20 [ 1024.847635] kmem_cache_alloc+0x5b/0x310 [ 1024.848198] ? mark_held_locks+0x9e/0xe0 [ 1024.848779] create_object.isra.0+0x3a/0xa20 [ 1024.849397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1024.850106] kmem_cache_alloc+0x159/0x310 [ 1024.850684] xas_alloc+0x336/0x440 [ 1024.851186] xas_create+0x34a/0x10d0 [ 1024.851706] ? kernel_text_address+0xf2/0x120 [ 1024.852331] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.853056] xas_store+0x8c/0x1c40 [ 1024.853557] __xa_store+0x164/0x2d0 [ 1024.854052] ? xa_delete_node+0x280/0x280 [ 1024.854631] ? trace_hardirqs_on+0x5b/0x180 [ 1024.855219] xa_store+0x31/0x50 [ 1024.855677] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.856332] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.857064] ? alloc_fd+0x2e7/0x670 [ 1024.857568] io_uring_setup+0x1fbb/0x2980 [ 1024.858146] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.858835] ? wait_for_completion_io+0x270/0x270 [ 1024.859519] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.860231] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.860953] do_syscall_64+0x33/0x40 [ 1024.861460] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.862173] RIP: 0033:0x7fe43d50db19 [ 1024.862678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.865207] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.866231] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1024.867186] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.868149] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.869127] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.870082] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1024.919551] FAULT_INJECTION: forcing a failure. [ 1024.919551] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.921870] CPU: 0 PID: 6883 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1024.923217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.924858] Call Trace: [ 1024.925384] dump_stack+0x107/0x167 [ 1024.926100] should_fail.cold+0x5/0xa [ 1024.926852] ? create_object.isra.0+0x3a/0xa20 [ 1024.927754] should_failslab+0x5/0x20 [ 1024.928515] kmem_cache_alloc+0x5b/0x310 [ 1024.929321] ? mark_held_locks+0x9e/0xe0 [ 1024.930129] create_object.isra.0+0x3a/0xa20 [ 1024.930999] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1024.932020] kmem_cache_alloc+0x159/0x310 [ 1024.932856] xas_alloc+0x336/0x440 [ 1024.933567] xas_create+0x34a/0x10d0 [ 1024.934312] ? kernel_text_address+0xf2/0x120 [ 1024.935203] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.936233] xas_store+0x8c/0x1c40 [ 1024.936966] __xa_store+0x164/0x2d0 [ 1024.937687] ? xa_delete_node+0x280/0x280 [ 1024.938518] ? trace_hardirqs_on+0x5b/0x180 [ 1024.939381] xa_store+0x31/0x50 [ 1024.940040] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.941002] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.942047] ? alloc_fd+0x2e7/0x670 [ 1024.942786] io_uring_setup+0x1fbb/0x2980 [ 1024.943610] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.944621] ? wait_for_completion_io+0x270/0x270 [ 1024.945588] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.946630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.947652] do_syscall_64+0x33/0x40 [ 1024.948413] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1024.949424] RIP: 0033:0x7f6039043b19 [ 1024.950166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1024.953819] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1024.955333] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1024.956763] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1024.958180] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1024.959599] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1024.961025] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:23 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 46) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:23 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 47) 21:34:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 1024.983823] FAULT_INJECTION: forcing a failure. [ 1024.983823] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.985419] CPU: 1 PID: 6887 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1024.986285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1024.987359] Call Trace: [ 1024.987701] dump_stack+0x107/0x167 [ 1024.988178] should_fail.cold+0x5/0xa [ 1024.988679] ? xas_alloc+0x336/0x440 [ 1024.989167] should_failslab+0x5/0x20 [ 1024.989663] kmem_cache_alloc+0x5b/0x310 [ 1024.990192] xas_alloc+0x336/0x440 [ 1024.990653] xas_create+0x34a/0x10d0 [ 1024.991146] ? kernel_text_address+0xf2/0x120 [ 1024.991736] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1024.992424] xas_store+0x8c/0x1c40 [ 1024.992895] __xa_store+0x164/0x2d0 [ 1024.993369] ? xa_delete_node+0x280/0x280 [ 1024.993914] ? trace_hardirqs_on+0x5b/0x180 [ 1024.994478] xa_store+0x31/0x50 [ 1024.994911] __io_uring_add_tctx_node+0x1cf/0x520 [ 1024.995535] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1024.996212] ? alloc_fd+0x2e7/0x670 [ 1024.996695] io_uring_setup+0x1fbb/0x2980 [ 1024.997234] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1024.997896] ? wait_for_completion_io+0x270/0x270 [ 1024.998534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1024.999217] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1024.999890] do_syscall_64+0x33/0x40 [ 1025.000376] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.001049] RIP: 0033:0x7fa304026b19 [ 1025.001532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.003913] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1025.004910] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1025.005832] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1025.006763] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1025.007687] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1025.008606] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1025.028466] FAULT_INJECTION: forcing a failure. [ 1025.028466] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.029884] CPU: 1 PID: 6890 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1025.030744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1025.031783] Call Trace: [ 1025.032109] dump_stack+0x107/0x167 [ 1025.032574] should_fail.cold+0x5/0xa [ 1025.033051] ? create_object.isra.0+0x3a/0xa20 [ 1025.033624] should_failslab+0x5/0x20 [ 1025.034098] kmem_cache_alloc+0x5b/0x310 [ 1025.034606] ? mark_held_locks+0x9e/0xe0 [ 1025.035120] create_object.isra.0+0x3a/0xa20 [ 1025.035672] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1025.036309] kmem_cache_alloc+0x159/0x310 [ 1025.036842] xas_alloc+0x336/0x440 [ 1025.037285] xas_create+0x34a/0x10d0 [ 1025.037761] ? kernel_text_address+0xf2/0x120 [ 1025.038327] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1025.038985] xas_store+0x8c/0x1c40 [ 1025.039439] __xa_store+0x164/0x2d0 [ 1025.039890] ? xa_delete_node+0x280/0x280 [ 1025.040422] xa_store+0x31/0x50 [ 1025.040833] __io_uring_add_tctx_node+0x1cf/0x520 [ 1025.041436] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1025.042086] ? alloc_fd+0x2e7/0x670 [ 1025.042540] io_uring_setup+0x1fbb/0x2980 [ 1025.043061] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1025.043694] ? wait_for_completion_io+0x270/0x270 [ 1025.044308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1025.044962] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1025.045605] do_syscall_64+0x33/0x40 [ 1025.046066] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1025.046703] RIP: 0033:0x7fa2b71a6b19 [ 1025.047166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1025.049452] RSP: 002b:00007fa2b46fb108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1025.050398] RAX: ffffffffffffffda RBX: 00007fa2b72ba020 RCX: 00007fa2b71a6b19 [ 1025.051282] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1025.052156] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1025.053038] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1025.053916] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:39 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 47) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:39 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 48) 21:34:39 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:39 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:39 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 47) 21:34:39 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 49) 21:34:39 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:39 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) [ 1040.436707] FAULT_INJECTION: forcing a failure. [ 1040.436707] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.439349] CPU: 0 PID: 6903 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1040.440845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.442731] Call Trace: [ 1040.443317] dump_stack+0x107/0x167 [ 1040.444129] should_fail.cold+0x5/0xa [ 1040.444977] ? xas_alloc+0x336/0x440 [ 1040.445804] should_failslab+0x5/0x20 [ 1040.446652] kmem_cache_alloc+0x5b/0x310 [ 1040.447550] xas_alloc+0x336/0x440 [ 1040.448345] xas_create+0x34a/0x10d0 [ 1040.449193] ? kernel_text_address+0xf2/0x120 [ 1040.450188] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1040.451344] xas_store+0x8c/0x1c40 [ 1040.452139] __xa_store+0x164/0x2d0 [ 1040.452949] ? xa_delete_node+0x280/0x280 [ 1040.453880] ? trace_hardirqs_on+0x5b/0x180 [ 1040.454832] xa_store+0x31/0x50 [ 1040.455560] __io_uring_add_tctx_node+0x1cf/0x520 [ 1040.456619] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1040.457765] ? alloc_fd+0x2e7/0x670 [ 1040.458570] io_uring_setup+0x1fbb/0x2980 [ 1040.459484] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1040.460599] ? wait_for_completion_io+0x270/0x270 [ 1040.461678] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1040.462826] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1040.463948] do_syscall_64+0x33/0x40 [ 1040.464760] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1040.465877] RIP: 0033:0x7fa2b71a6b19 [ 1040.466687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1040.470675] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1040.472314] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1040.473864] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1040.475411] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1040.476961] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1040.478494] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1040.490941] FAULT_INJECTION: forcing a failure. [ 1040.490941] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.493383] CPU: 0 PID: 6915 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1040.494845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.496621] Call Trace: [ 1040.497188] dump_stack+0x107/0x167 [ 1040.497968] should_fail.cold+0x5/0xa [ 1040.498782] ? create_object.isra.0+0x3a/0xa20 [ 1040.499752] should_failslab+0x5/0x20 [ 1040.500565] kmem_cache_alloc+0x5b/0x310 [ 1040.501384] FAULT_INJECTION: forcing a failure. [ 1040.501384] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.501452] ? mark_held_locks+0x9e/0xe0 [ 1040.504301] create_object.isra.0+0x3a/0xa20 [ 1040.505240] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1040.506321] kmem_cache_alloc+0x159/0x310 [ 1040.507203] xas_alloc+0x336/0x440 [ 1040.507958] xas_create+0x34a/0x10d0 [ 1040.508753] ? kernel_text_address+0xf2/0x120 [ 1040.509713] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1040.510817] xas_store+0x8c/0x1c40 [ 1040.511578] __xa_store+0x164/0x2d0 [ 1040.512340] ? xa_delete_node+0x280/0x280 [ 1040.513226] ? trace_hardirqs_on+0x5b/0x180 [ 1040.514141] xa_store+0x31/0x50 [ 1040.514831] __io_uring_add_tctx_node+0x1cf/0x520 [ 1040.515836] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1040.516930] ? alloc_fd+0x2e7/0x670 [ 1040.517709] io_uring_setup+0x1fbb/0x2980 [ 1040.518586] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1040.519655] ? wait_for_completion_io+0x270/0x270 [ 1040.520686] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1040.521782] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1040.522853] do_syscall_64+0x33/0x40 [ 1040.523632] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1040.524689] RIP: 0033:0x7fa304026b19 [ 1040.525475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1040.529311] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1040.531031] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1040.532707] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1040.534386] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1040.536058] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1040.537746] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1040.539447] CPU: 1 PID: 6906 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1040.540646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.542087] Call Trace: [ 1040.542330] FAULT_INJECTION: forcing a failure. [ 1040.542330] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.542544] dump_stack+0x107/0x167 [ 1040.542566] should_fail.cold+0x5/0xa [ 1040.546378] ? xas_alloc+0x336/0x440 [ 1040.547028] should_failslab+0x5/0x20 [ 1040.547682] kmem_cache_alloc+0x5b/0x310 [ 1040.548392] xas_alloc+0x336/0x440 [ 1040.549011] xas_create+0x34a/0x10d0 [ 1040.549664] ? kernel_text_address+0xf2/0x120 [ 1040.550441] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1040.551353] xas_store+0x8c/0x1c40 [ 1040.551976] __xa_store+0x164/0x2d0 [ 1040.552613] ? xa_delete_node+0x280/0x280 [ 1040.553342] ? trace_hardirqs_on+0x5b/0x180 [ 1040.554092] xa_store+0x31/0x50 [ 1040.554660] __io_uring_add_tctx_node+0x1cf/0x520 [ 1040.555482] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1040.556376] ? alloc_fd+0x2e7/0x670 [ 1040.557010] io_uring_setup+0x1fbb/0x2980 [ 1040.557719] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1040.558586] ? wait_for_completion_io+0x270/0x270 [ 1040.559421] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1040.560316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1040.561208] do_syscall_64+0x33/0x40 [ 1040.561850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1040.562746] RIP: 0033:0x7fe43d50db19 [ 1040.563384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1040.566537] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1040.567834] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1040.569049] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1040.570267] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1040.571486] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1040.572691] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1040.573931] CPU: 0 PID: 6914 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1040.575504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.577425] Call Trace: [ 1040.578036] dump_stack+0x107/0x167 [ 1040.578872] should_fail.cold+0x5/0xa [ 1040.579745] ? xas_alloc+0x336/0x440 [ 1040.580610] should_failslab+0x5/0x20 [ 1040.581490] kmem_cache_alloc+0x5b/0x310 [ 1040.582424] xas_alloc+0x336/0x440 [ 1040.583241] xas_create+0x34a/0x10d0 [ 1040.584100] ? kernel_text_address+0xf2/0x120 [ 1040.585135] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1040.586321] xas_store+0x8c/0x1c40 [ 1040.587145] __xa_store+0x164/0x2d0 [ 1040.587969] ? xa_delete_node+0x280/0x280 [ 1040.588912] ? trace_hardirqs_on+0x5b/0x180 [ 1040.589899] xa_store+0x31/0x50 [ 1040.590649] __io_uring_add_tctx_node+0x1cf/0x520 [ 1040.591737] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1040.592927] ? alloc_fd+0x2e7/0x670 [ 1040.593766] io_uring_setup+0x1fbb/0x2980 [ 1040.594704] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1040.595859] ? wait_for_completion_io+0x270/0x270 [ 1040.596970] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1040.598150] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1040.599309] do_syscall_64+0x33/0x40 [ 1040.600148] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1040.601307] RIP: 0033:0x7f6039043b19 [ 1040.602146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1040.606315] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1040.608018] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1040.609622] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1040.611228] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1040.612828] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1040.614441] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:57 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 48) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:34:57 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 48) 21:34:57 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:57 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:57 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 49) 21:34:57 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:34:57 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000f80)=ANY=[@ANYBLOB="bf3371aa02d30949ad5e77a754f9abbf0a9d12d125137494ef15e4fbf4010383eb2eafd39790af96fdffffffb71458764ba75f025fcdfe0b3d94531dc6b00403e1d1e51c1e2dd221b31c1763a6c2a418252c703339897327d37931001fdbf4f64db48f3861f47cc536eb7db03c933a6aa25322b11a8841bfecf8bd8e7929a5ef6f6da193471e805891b28b4d4089f750903e3e5d9be38e7b1b939a18e839a4c17cd5bf6c5d7553ed1b5358acbd630fc484e6c44192e21e4d7bdcbc4b3924a4a21b6c3c581cff876e80bab60a7514237d8f1326323777d4618c31b6b090fff9a2dc7e4e6e4408216ec5978fde85281fa05486374005fbb345715c524f7c0e12d9f433c655e82d63dc352324fd3c8a994cf81137f1a549972d14229766c5", @ANYRESHEX=r0, @ANYBLOB="020028bd7000fddbdf253b000000c303330040887f00080211000000080211000020d64a249788c000040200874100164f8686da0990dddabbe7ebebc23f8e44fde3bf2033a02d1a0000100300000000000000030081000f00000006000500000007dde4b23b2c5c138606c09fa6e2bf461fc3f2753eb4d686ddcd7a1a99a0ac383461556c534295f542eb57cee9de52bbe189aaabd1b58922da11f27e26400a6c9941688ea379c66f4edf6ab82fda756f88a0dfef65ada77690e017a176f51fa0640a5383b19841e3c563d172ae286e21e2815baa9d4f2eb935dde281652a629450595e243b769e65c661459b9aabb82ce423cc5c2da2b9b0ad6cbb4c66cbcf0d17b42d2ca3f1c73ccf1d4f1c4ed45e66c12d48718138a29c3a5e48c69c872cb611880d29c674c189fb9b4fa0c8cec7b8d088a7f38cda86bb1f80dc4e210a7dd152f00a3cf2002bdd25421ac1a2ef8c500cbb3eb68ca3cfd1121290a4e8410943b15b35bc9ee5c5e0eb1431676faedd92cb13368580109f1a9284a7091a7f7834812b1d78cdf41676adcd563f62826984c2ba46aeae42a53b3d4d8d72ac9b68e9e96e6adca1e9d017aa51fdebee3cae083e0e9fceae7ee8f85ff9739ad190ec561819335076989e26d9847c17adfb9314b4717f8d52ed008eb14eaaf955233e80ea69e4449fccaf057d85bc2e5117f9672e98bf7d33034d6dcb35aa440237343c4420dd3835a295fda09b1f43731ae66b5c27d0025711b3475fe9a7adc2612fdf55185a0fecc1d2e608223229fbc064681c5214df1f2cfbd03b2c4de3dd28610ea9d40599a44848d2daa18c4c2e20c5ee29c3c7e443a833b73d9ef276122b154b1c91488bbbbddd0ee8e524c864e5fb8dd113eda3cfcfdd65721f279a33d0a03dccb2003480c5e6c782c8be4f82abbb5da58afd134b784336b2dfac43a72ed19f59665c4d38ff6766475fee3449498b867ca984b6d4d8cdbddeceae0eba7a3afbe23484a99805db32e0f054dfcc57cd09d7546518407324284fe15de880dd328294d9585c9a2cfdb436ade82bbb1e6d677adea284a3c6c79aea5961f5d11186ec81e2b825fb0f1fb38ad8132baace5045bcddbd7495bac0a87d6e691df468b3c7bbe325f68858c98f43bcd97da4471444caa4544c3384c77a541e88a493f17aa58172966be6e479c79fbae58fb16284b2065f94ae9daaaea4015c4d69dff1ff960293c4818b9b05b3a35a9c9683be2e82e9038372d84a9ff6add58eab6f4f5a0e88f26f9738e12a42a7ce8dc0ab27f9ec33dd83a2cf6498d4b8c88c74ace677f79a402e0c1a33c303eb68825eba756e2a786fdddce8a96f8a10496a06e8704c5d9498e83b487b8c54da7922f100bb0b810004006c00040087000800570061120000"], 0x3e8}, 0x1, 0x0, 0x0, 0x20008010}, 0x8000) 21:34:57 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 50) [ 1058.540543] FAULT_INJECTION: forcing a failure. [ 1058.540543] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.543244] CPU: 0 PID: 6939 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1058.544837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.546770] Call Trace: [ 1058.547390] dump_stack+0x107/0x167 [ 1058.548242] should_fail.cold+0x5/0xa [ 1058.549121] ? xas_alloc+0x336/0x440 [ 1058.549984] should_failslab+0x5/0x20 [ 1058.550867] kmem_cache_alloc+0x5b/0x310 [ 1058.551797] xas_alloc+0x336/0x440 [ 1058.552609] xas_create+0x34a/0x10d0 [ 1058.553469] ? kernel_text_address+0xf2/0x120 [ 1058.554507] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.555703] xas_store+0x8c/0x1c40 [ 1058.556528] __xa_store+0x164/0x2d0 [ 1058.557355] ? xa_delete_node+0x280/0x280 [ 1058.558315] ? trace_hardirqs_on+0x5b/0x180 [ 1058.559304] xa_store+0x31/0x50 [ 1058.560051] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.561146] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.561673] FAULT_INJECTION: forcing a failure. [ 1058.561673] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.562340] ? alloc_fd+0x2e7/0x670 [ 1058.562375] io_uring_setup+0x1fbb/0x2980 [ 1058.562405] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.562439] ? wait_for_completion_io+0x270/0x270 [ 1058.569267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.570522] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.571732] do_syscall_64+0x33/0x40 [ 1058.572605] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.573832] RIP: 0033:0x7fe43d50db19 [ 1058.574710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.579098] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.580897] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1058.582588] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1058.584271] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.585970] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1058.587648] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1058.589369] CPU: 1 PID: 6943 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1058.590953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.592907] Call Trace: [ 1058.593527] dump_stack+0x107/0x167 [ 1058.594388] should_fail.cold+0x5/0xa [ 1058.595277] ? xas_alloc+0x336/0x440 [ 1058.596156] should_failslab+0x5/0x20 [ 1058.597035] kmem_cache_alloc+0x5b/0x310 [ 1058.597747] FAULT_INJECTION: forcing a failure. [ 1058.597747] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.597994] xas_alloc+0x336/0x440 [ 1058.601352] xas_create+0x34a/0x10d0 [ 1058.602236] ? kernel_text_address+0xf2/0x120 [ 1058.603271] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.604474] xas_store+0x8c/0x1c40 [ 1058.605302] __xa_store+0x164/0x2d0 [ 1058.606132] ? xa_delete_node+0x280/0x280 [ 1058.607089] ? trace_hardirqs_on+0x5b/0x180 [ 1058.608084] xa_store+0x31/0x50 [ 1058.608842] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.609959] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.611157] ? alloc_fd+0x2e7/0x670 [ 1058.612009] io_uring_setup+0x1fbb/0x2980 [ 1058.612978] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.614160] ? wait_for_completion_io+0x270/0x270 [ 1058.615293] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.616483] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.617715] do_syscall_64+0x33/0x40 [ 1058.618568] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.619734] RIP: 0033:0x7fa304026b19 [ 1058.620558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.624800] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.626558] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 1058.628199] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1058.629846] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.631474] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1058.633317] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1058.635274] CPU: 0 PID: 6940 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1058.636945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.638936] Call Trace: [ 1058.639570] dump_stack+0x107/0x167 [ 1058.640424] should_fail.cold+0x5/0xa [ 1058.641344] ? create_object.isra.0+0x3a/0xa20 [ 1058.642441] should_failslab+0x5/0x20 [ 1058.643337] kmem_cache_alloc+0x5b/0x310 [ 1058.644285] ? mark_held_locks+0x9e/0xe0 [ 1058.645244] create_object.isra.0+0x3a/0xa20 [ 1058.646372] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.647818] kmem_cache_alloc+0x159/0x310 [ 1058.648958] xas_alloc+0x336/0x440 [ 1058.649954] xas_create+0x34a/0x10d0 [ 1058.650985] ? kernel_text_address+0xf2/0x120 [ 1058.652203] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.653617] xas_store+0x8c/0x1c40 [ 1058.654607] __xa_store+0x164/0x2d0 [ 1058.655592] ? xa_delete_node+0x280/0x280 [ 1058.656710] ? trace_hardirqs_on+0x5b/0x180 [ 1058.657904] xa_store+0x31/0x50 [ 1058.658799] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.660093] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.661482] ? alloc_fd+0x2e7/0x670 [ 1058.662487] io_uring_setup+0x1fbb/0x2980 [ 1058.663612] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.664974] ? wait_for_completion_io+0x270/0x270 [ 1058.666297] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.667677] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.669040] do_syscall_64+0x33/0x40 [ 1058.669997] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.671334] RIP: 0033:0x7fa2b71a6b19 [ 1058.672311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.676818] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.678702] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1058.680275] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1058.681904] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 21:34:57 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 50) [ 1058.683827] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1058.685957] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1058.701287] FAULT_INJECTION: forcing a failure. [ 1058.701287] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.704334] CPU: 0 PID: 6938 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1058.706180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.708402] Call Trace: [ 1058.709097] dump_stack+0x107/0x167 [ 1058.709982] should_fail.cold+0x5/0xa [ 1058.710919] ? create_object.isra.0+0x3a/0xa20 [ 1058.712029] should_failslab+0x5/0x20 [ 1058.712939] kmem_cache_alloc+0x5b/0x310 [ 1058.713927] ? mark_held_locks+0x9e/0xe0 [ 1058.714957] create_object.isra.0+0x3a/0xa20 [ 1058.716037] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.717305] kmem_cache_alloc+0x159/0x310 [ 1058.718359] xas_alloc+0x336/0x440 [ 1058.719246] xas_create+0x34a/0x10d0 [ 1058.720129] ? kernel_text_address+0xf2/0x120 [ 1058.721151] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.722405] xas_store+0x8c/0x1c40 [ 1058.723361] __xa_store+0x164/0x2d0 [ 1058.724338] ? xa_delete_node+0x280/0x280 [ 1058.725450] ? trace_hardirqs_on+0x5b/0x180 [ 1058.726626] xa_store+0x31/0x50 [ 1058.727515] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.728791] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.730184] ? alloc_fd+0x2e7/0x670 [ 1058.731168] io_uring_setup+0x1fbb/0x2980 [ 1058.732278] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.733629] ? wait_for_completion_io+0x270/0x270 [ 1058.734948] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.736333] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.737714] do_syscall_64+0x33/0x40 [ 1058.738701] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.740060] RIP: 0033:0x7f6039043b19 [ 1058.741047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.745876] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.747874] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1058.749750] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1058.751614] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.753478] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1058.755342] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1058.778779] FAULT_INJECTION: forcing a failure. [ 1058.778779] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.781925] CPU: 1 PID: 6950 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1058.783787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.786009] Call Trace: [ 1058.786729] dump_stack+0x107/0x167 [ 1058.787718] should_fail.cold+0x5/0xa [ 1058.788739] ? ___slab_alloc+0x360/0x700 [ 1058.789854] ? create_object.isra.0+0x3a/0xa20 [ 1058.791079] should_failslab+0x5/0x20 [ 1058.792108] kmem_cache_alloc+0x5b/0x310 [ 1058.793200] create_object.isra.0+0x3a/0xa20 [ 1058.794389] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.795758] kmem_cache_alloc+0x159/0x310 [ 1058.796893] xas_alloc+0x336/0x440 [ 1058.797860] xas_create+0x34a/0x10d0 [ 1058.798840] ? kernel_text_address+0xf2/0x120 [ 1058.800037] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.801390] xas_store+0x8c/0x1c40 [ 1058.802380] __xa_store+0x164/0x2d0 [ 1058.803342] ? xa_delete_node+0x280/0x280 [ 1058.804452] ? trace_hardirqs_on+0x5b/0x180 [ 1058.805623] xa_store+0x31/0x50 [ 1058.806503] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.807783] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.809174] ? alloc_fd+0x2e7/0x670 [ 1058.810161] io_uring_setup+0x1fbb/0x2980 [ 1058.811245] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.812532] ? wait_for_completion_io+0x270/0x270 [ 1058.813763] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.815073] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.816387] do_syscall_64+0x33/0x40 [ 1058.817292] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.818472] RIP: 0033:0x7fa304026b19 [ 1058.819341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.824062] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.826048] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1058.827910] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1058.829781] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.831641] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1058.833502] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:57 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 51) [ 1058.962390] FAULT_INJECTION: forcing a failure. [ 1058.962390] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.965161] CPU: 1 PID: 6952 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1058.966806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.968750] Call Trace: [ 1058.969393] dump_stack+0x107/0x167 [ 1058.970262] should_fail.cold+0x5/0xa [ 1058.971151] ? xas_alloc+0x336/0x440 [ 1058.972077] should_failslab+0x5/0x20 [ 1058.972998] kmem_cache_alloc+0x5b/0x310 [ 1058.973975] xas_alloc+0x336/0x440 [ 1058.974967] xas_create+0x34a/0x10d0 [ 1058.975996] ? kernel_text_address+0xf2/0x120 [ 1058.977038] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.978490] xas_store+0x8c/0x1c40 [ 1058.979348] __xa_store+0x164/0x2d0 [ 1058.980314] ? xa_delete_node+0x280/0x280 [ 1058.981463] ? trace_hardirqs_on+0x5b/0x180 [ 1058.982604] xa_store+0x31/0x50 [ 1058.983402] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.984536] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.985831] ? alloc_fd+0x2e7/0x670 [ 1058.986738] io_uring_setup+0x1fbb/0x2980 [ 1058.987739] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.988993] ? wait_for_completion_io+0x270/0x270 [ 1058.990203] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.991639] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.992850] do_syscall_64+0x33/0x40 [ 1058.993762] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.995005] RIP: 0033:0x7fe43d50db19 [ 1058.995887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1059.000333] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1059.002208] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1059.003879] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1059.005564] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1059.007261] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1059.008917] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:34:57 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 49) 21:34:58 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 49) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 1059.043244] FAULT_INJECTION: forcing a failure. [ 1059.043244] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.046194] CPU: 1 PID: 6954 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1059.047821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1059.049793] Call Trace: [ 1059.051629] dump_stack+0x107/0x167 [ 1059.052629] should_fail.cold+0x5/0xa [ 1059.053501] ? xas_alloc+0x336/0x440 [ 1059.055656] should_failslab+0x5/0x20 [ 1059.057856] kmem_cache_alloc+0x5b/0x310 [ 1059.058763] xas_alloc+0x336/0x440 [ 1059.059697] xas_create+0x34a/0x10d0 [ 1059.060677] ? kernel_text_address+0xf2/0x120 [ 1059.061735] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1059.062889] xas_store+0x8c/0x1c40 [ 1059.063831] __xa_store+0x164/0x2d0 [ 1059.064803] ? xa_delete_node+0x280/0x280 [ 1059.065904] ? trace_hardirqs_on+0x5b/0x180 [ 1059.067018] xa_store+0x31/0x50 [ 1059.067890] __io_uring_add_tctx_node+0x1cf/0x520 [ 1059.069115] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1059.070463] ? alloc_fd+0x2e7/0x670 [ 1059.071479] io_uring_setup+0x1fbb/0x2980 [ 1059.072617] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1059.073977] ? wait_for_completion_io+0x270/0x270 [ 1059.075313] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1059.076729] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1059.078140] do_syscall_64+0x33/0x40 [ 1059.079143] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1059.080529] RIP: 0033:0x7f6039043b19 [ 1059.081539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1059.086520] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1059.088596] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1059.090537] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1059.092467] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1059.094406] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1059.096338] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1059.192560] FAULT_INJECTION: forcing a failure. [ 1059.192560] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.195374] CPU: 1 PID: 6956 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1059.196864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1059.198723] Call Trace: [ 1059.199309] dump_stack+0x107/0x167 [ 1059.200111] should_fail.cold+0x5/0xa [ 1059.200950] ? create_object.isra.0+0x3a/0xa20 [ 1059.201979] should_failslab+0x5/0x20 [ 1059.202865] kmem_cache_alloc+0x5b/0x310 [ 1059.203770] ? mark_held_locks+0x9e/0xe0 [ 1059.204707] create_object.isra.0+0x3a/0xa20 [ 1059.205741] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1059.206861] kmem_cache_alloc+0x159/0x310 [ 1059.207797] xas_alloc+0x336/0x440 [ 1059.208582] xas_create+0x34a/0x10d0 [ 1059.209432] ? kernel_text_address+0xf2/0x120 [ 1059.210442] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1059.211595] xas_store+0x8c/0x1c40 [ 1059.212405] __xa_store+0x164/0x2d0 [ 1059.213207] ? xa_delete_node+0x280/0x280 [ 1059.214147] ? trace_hardirqs_on+0x5b/0x180 [ 1059.215103] xa_store+0x31/0x50 [ 1059.215845] __io_uring_add_tctx_node+0x1cf/0x520 [ 1059.216907] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1059.218105] ? alloc_fd+0x2e7/0x670 [ 1059.218918] io_uring_setup+0x1fbb/0x2980 [ 1059.219924] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1059.221043] ? wait_for_completion_io+0x270/0x270 [ 1059.222159] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1059.223313] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1059.224474] do_syscall_64+0x33/0x40 [ 1059.225294] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1059.226447] RIP: 0033:0x7fa2b71a6b19 [ 1059.227264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1059.231529] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1059.233203] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1059.234783] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1059.236347] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1059.237923] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1059.239487] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:13 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 51) 21:35:13 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:13 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:13 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 50) 21:35:13 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:13 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 52) 21:35:13 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x8000) 21:35:13 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 50) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 1074.903293] FAULT_INJECTION: forcing a failure. [ 1074.903293] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.905669] CPU: 0 PID: 6979 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1074.907091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.908811] Call Trace: [ 1074.909368] dump_stack+0x107/0x167 [ 1074.910125] should_fail.cold+0x5/0xa [ 1074.910931] ? create_object.isra.0+0x3a/0xa20 [ 1074.911883] should_failslab+0x5/0x20 [ 1074.912680] kmem_cache_alloc+0x5b/0x310 [ 1074.913526] ? mark_held_locks+0x9e/0xe0 [ 1074.914385] create_object.isra.0+0x3a/0xa20 [ 1074.915326] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1074.916419] kmem_cache_alloc+0x159/0x310 [ 1074.917315] xas_alloc+0x336/0x440 [ 1074.918079] xas_create+0x34a/0x10d0 [ 1074.918905] ? kernel_text_address+0xf2/0x120 [ 1074.919872] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1074.921000] xas_store+0x8c/0x1c40 [ 1074.921777] __xa_store+0x164/0x2d0 [ 1074.922571] ? xa_delete_node+0x280/0x280 [ 1074.923469] ? trace_hardirqs_on+0x5b/0x180 [ 1074.924403] xa_store+0x31/0x50 [ 1074.925115] __io_uring_add_tctx_node+0x1cf/0x520 [ 1074.926171] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1074.927528] ? alloc_fd+0x2e7/0x670 [ 1074.928490] io_uring_setup+0x1fbb/0x2980 [ 1074.929582] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.930948] ? wait_for_completion_io+0x270/0x270 [ 1074.932186] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.933317] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.934450] do_syscall_64+0x33/0x40 [ 1074.935249] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.936357] RIP: 0033:0x7f6039043b19 [ 1074.937160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.941142] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.942793] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1074.944336] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1074.945874] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1074.947427] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1074.948967] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1074.971037] FAULT_INJECTION: forcing a failure. [ 1074.971037] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.973666] CPU: 0 PID: 6980 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1074.975102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.976835] Call Trace: [ 1074.977388] dump_stack+0x107/0x167 [ 1074.978151] should_fail.cold+0x5/0xa [ 1074.978959] ? ___slab_alloc+0x155/0x700 [ 1074.979806] ? create_object.isra.0+0x3a/0xa20 [ 1074.980758] should_failslab+0x5/0x20 [ 1074.981562] kmem_cache_alloc+0x5b/0x310 [ 1074.982423] create_object.isra.0+0x3a/0xa20 [ 1074.983354] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1074.984444] kmem_cache_alloc+0x159/0x310 [ 1074.985329] xas_alloc+0x336/0x440 [ 1074.986079] xas_create+0x34a/0x10d0 [ 1074.986887] ? kernel_text_address+0xf2/0x120 [ 1074.987822] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1074.988927] xas_store+0x8c/0x1c40 [ 1074.989691] __xa_store+0x164/0x2d0 [ 1074.990474] ? xa_delete_node+0x280/0x280 [ 1074.991357] ? trace_hardirqs_on+0x5b/0x180 [ 1074.992274] xa_store+0x31/0x50 [ 1074.992975] __io_uring_add_tctx_node+0x1cf/0x520 [ 1074.993996] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1074.995113] ? alloc_fd+0x2e7/0x670 [ 1074.995892] io_uring_setup+0x1fbb/0x2980 [ 1074.996776] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.997844] ? wait_for_completion_io+0x270/0x270 [ 1074.998885] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.999977] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.001049] do_syscall_64+0x33/0x40 [ 1075.001838] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.002930] RIP: 0033:0x7fa2b71a6b19 [ 1075.003719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.006727] FAULT_INJECTION: forcing a failure. [ 1075.006727] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.007626] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.007647] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1075.007658] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.007679] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.016352] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.017864] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.019401] CPU: 1 PID: 6982 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1075.020969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.022906] Call Trace: [ 1075.023215] FAULT_INJECTION: forcing a failure. [ 1075.023215] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.023520] dump_stack+0x107/0x167 [ 1075.026663] should_fail.cold+0x5/0xa [ 1075.027549] ? create_object.isra.0+0x3a/0xa20 [ 1075.028604] should_failslab+0x5/0x20 [ 1075.029481] kmem_cache_alloc+0x5b/0x310 [ 1075.030425] ? mark_held_locks+0x9e/0xe0 [ 1075.031362] create_object.isra.0+0x3a/0xa20 [ 1075.032367] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1075.033535] kmem_cache_alloc+0x159/0x310 [ 1075.034501] xas_alloc+0x336/0x440 [ 1075.035320] xas_create+0x34a/0x10d0 [ 1075.036190] ? kernel_text_address+0xf2/0x120 [ 1075.037220] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.038433] xas_store+0x8c/0x1c40 [ 1075.039267] __xa_store+0x164/0x2d0 [ 1075.040103] ? xa_delete_node+0x280/0x280 [ 1075.041063] ? trace_hardirqs_on+0x5b/0x180 [ 1075.042058] xa_store+0x31/0x50 [ 1075.042818] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.043924] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.045119] ? alloc_fd+0x2e7/0x670 [ 1075.045964] io_uring_setup+0x1fbb/0x2980 [ 1075.046906] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.048066] ? wait_for_completion_io+0x270/0x270 [ 1075.049187] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.050393] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.051575] do_syscall_64+0x33/0x40 [ 1075.052425] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.053594] RIP: 0033:0x7fe43d50db19 [ 1075.054458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.058622] RSP: 002b:00007fe43aa62108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.060327] RAX: ffffffffffffffda RBX: 00007fe43d621020 RCX: 00007fe43d50db19 [ 1075.061929] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.063531] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.065124] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.066753] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.068402] CPU: 0 PID: 6975 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1075.069854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.071605] Call Trace: [ 1075.072161] dump_stack+0x107/0x167 [ 1075.072929] should_fail.cold+0x5/0xa [ 1075.073731] ? xas_alloc+0x336/0x440 [ 1075.074525] should_failslab+0x5/0x20 [ 1075.075330] kmem_cache_alloc+0x5b/0x310 [ 1075.076194] xas_alloc+0x336/0x440 [ 1075.076956] xas_create+0x34a/0x10d0 [ 1075.077752] ? kernel_text_address+0xf2/0x120 [ 1075.078707] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.079812] xas_store+0x8c/0x1c40 [ 1075.080573] __xa_store+0x164/0x2d0 [ 1075.081339] ? xa_delete_node+0x280/0x280 [ 1075.082226] ? trace_hardirqs_on+0x5b/0x180 [ 1075.083139] xa_store+0x31/0x50 [ 1075.083835] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.084854] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.085968] ? alloc_fd+0x2e7/0x670 [ 1075.086758] io_uring_setup+0x1fbb/0x2980 [ 1075.087642] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.088708] ? wait_for_completion_io+0x270/0x270 [ 1075.089744] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.090854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.091927] do_syscall_64+0x33/0x40 [ 1075.092711] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.093787] RIP: 0033:0x7fa304026b19 [ 1075.094579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.098459] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.100060] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1075.101561] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.103078] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.104587] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.106088] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:14 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 51) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:35:14 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 52) 21:35:14 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 51) [ 1075.221600] FAULT_INJECTION: forcing a failure. [ 1075.221600] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.224109] CPU: 0 PID: 6989 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1075.225544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.227354] Call Trace: [ 1075.227913] dump_stack+0x107/0x167 [ 1075.228684] should_fail.cold+0x5/0xa [ 1075.229478] ? xas_alloc+0x336/0x440 [ 1075.230284] should_failslab+0x5/0x20 [ 1075.231079] kmem_cache_alloc+0x5b/0x310 [ 1075.231937] xas_alloc+0x336/0x440 [ 1075.232688] xas_create+0x34a/0x10d0 [ 1075.233481] ? kernel_text_address+0xf2/0x120 [ 1075.234438] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.235538] xas_store+0x8c/0x1c40 [ 1075.236301] __xa_store+0x164/0x2d0 [ 1075.237063] ? xa_delete_node+0x280/0x280 [ 1075.237931] ? trace_hardirqs_on+0x5b/0x180 [ 1075.238845] xa_store+0x31/0x50 [ 1075.239540] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.240551] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.241644] ? alloc_fd+0x2e7/0x670 [ 1075.242429] io_uring_setup+0x1fbb/0x2980 [ 1075.243316] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.244381] ? wait_for_completion_io+0x270/0x270 [ 1075.245412] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.246535] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.247616] do_syscall_64+0x33/0x40 [ 1075.248396] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.249478] RIP: 0033:0x7fa2b71a6b19 [ 1075.250270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.254120] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.255725] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1075.257225] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.258719] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.260201] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.261703] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.283980] FAULT_INJECTION: forcing a failure. [ 1075.283980] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.286399] FAULT_INJECTION: forcing a failure. [ 1075.286399] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.286665] CPU: 1 PID: 6992 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1075.290395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.292251] Call Trace: [ 1075.292851] dump_stack+0x107/0x167 [ 1075.293670] should_fail.cold+0x5/0xa [ 1075.294548] ? xas_alloc+0x336/0x440 [ 1075.295383] should_failslab+0x5/0x20 [ 1075.296235] kmem_cache_alloc+0x5b/0x310 [ 1075.297150] xas_alloc+0x336/0x440 [ 1075.297955] xas_create+0x34a/0x10d0 [ 1075.298813] ? kernel_text_address+0xf2/0x120 [ 1075.299821] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.300997] xas_store+0x8c/0x1c40 [ 1075.301810] __xa_store+0x164/0x2d0 [ 1075.302638] ? xa_delete_node+0x280/0x280 [ 1075.303581] ? trace_hardirqs_on+0x5b/0x180 [ 1075.304555] xa_store+0x31/0x50 [ 1075.305305] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.306396] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.307567] ? alloc_fd+0x2e7/0x670 [ 1075.308400] io_uring_setup+0x1fbb/0x2980 [ 1075.309338] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.310485] ? wait_for_completion_io+0x270/0x270 [ 1075.311590] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.312765] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.313922] do_syscall_64+0x33/0x40 [ 1075.314762] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.315905] RIP: 0033:0x7f6039043b19 [ 1075.316737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.320850] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.322566] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1075.324156] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.325769] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.327384] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.328979] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.330629] CPU: 0 PID: 6993 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1075.332103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.333819] Call Trace: [ 1075.334389] dump_stack+0x107/0x167 [ 1075.335151] should_fail.cold+0x5/0xa [ 1075.335949] ? create_object.isra.0+0x3a/0xa20 [ 1075.336908] should_failslab+0x5/0x20 [ 1075.337699] kmem_cache_alloc+0x5b/0x310 [ 1075.338566] ? mark_held_locks+0x9e/0xe0 [ 1075.339424] create_object.isra.0+0x3a/0xa20 [ 1075.340333] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1075.341397] kmem_cache_alloc+0x159/0x310 [ 1075.342294] xas_alloc+0x336/0x440 [ 1075.343041] xas_create+0x34a/0x10d0 [ 1075.343839] ? kernel_text_address+0xf2/0x120 [ 1075.344774] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.345873] xas_store+0x8c/0x1c40 [ 1075.346637] __xa_store+0x164/0x2d0 [ 1075.347398] ? xa_delete_node+0x280/0x280 [ 1075.348271] ? trace_hardirqs_on+0x5b/0x180 [ 1075.349198] xa_store+0x31/0x50 [ 1075.349889] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.350911] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.352001] ? alloc_fd+0x2e7/0x670 [ 1075.352777] io_uring_setup+0x1fbb/0x2980 [ 1075.353652] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.354715] ? wait_for_completion_io+0x270/0x270 [ 1075.355747] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.356839] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.357916] do_syscall_64+0x33/0x40 [ 1075.358710] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.359777] RIP: 0033:0x7fa304026b19 [ 1075.360550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.364360] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.365949] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1075.367449] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.368940] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.370444] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.371937] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:14 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 53) 21:35:14 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1075.439613] FAULT_INJECTION: forcing a failure. [ 1075.439613] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.442005] CPU: 0 PID: 6996 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1075.443439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.445162] Call Trace: [ 1075.445721] dump_stack+0x107/0x167 [ 1075.446494] should_fail.cold+0x5/0xa [ 1075.447299] ? xas_alloc+0x336/0x440 [ 1075.448089] should_failslab+0x5/0x20 [ 1075.448893] kmem_cache_alloc+0x5b/0x310 [ 1075.449741] xas_alloc+0x336/0x440 [ 1075.450508] xas_create+0x34a/0x10d0 [ 1075.451304] ? kernel_text_address+0xf2/0x120 [ 1075.452241] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.453338] xas_store+0x8c/0x1c40 [ 1075.454094] __xa_store+0x164/0x2d0 [ 1075.454870] ? xa_delete_node+0x280/0x280 [ 1075.455745] ? trace_hardirqs_on+0x5b/0x180 [ 1075.456659] xa_store+0x31/0x50 [ 1075.457352] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.458375] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.459471] ? alloc_fd+0x2e7/0x670 [ 1075.460244] io_uring_setup+0x1fbb/0x2980 [ 1075.461128] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.462204] ? wait_for_completion_io+0x270/0x270 [ 1075.463243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.464345] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.465430] do_syscall_64+0x33/0x40 [ 1075.466216] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.467294] RIP: 0033:0x7fe43d50db19 [ 1075.468071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.471939] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.473525] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1075.475022] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.476524] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.478025] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.479534] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:14 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 52) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:35:14 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x8000) 21:35:14 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 52) [ 1075.606083] FAULT_INJECTION: forcing a failure. [ 1075.606083] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.608744] CPU: 1 PID: 7003 Comm: syz-executor.6 Not tainted 5.10.233 #1 21:35:14 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1075.610277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.612365] Call Trace: [ 1075.612962] dump_stack+0x107/0x167 [ 1075.613780] should_fail.cold+0x5/0xa [ 1075.614645] ? ___slab_alloc+0x155/0x700 [ 1075.615561] ? create_object.isra.0+0x3a/0xa20 [ 1075.616593] should_failslab+0x5/0x20 [ 1075.617448] kmem_cache_alloc+0x5b/0x310 [ 1075.618381] create_object.isra.0+0x3a/0xa20 [ 1075.619360] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1075.620504] kmem_cache_alloc+0x159/0x310 [ 1075.621437] xas_alloc+0x336/0x440 [ 1075.622246] xas_create+0x34a/0x10d0 [ 1075.623086] ? kernel_text_address+0xf2/0x120 [ 1075.624095] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.625278] xas_store+0x8c/0x1c40 [ 1075.626089] __xa_store+0x164/0x2d0 [ 1075.626915] ? xa_delete_node+0x280/0x280 [ 1075.627855] ? trace_hardirqs_on+0x5b/0x180 [ 1075.628831] xa_store+0x31/0x50 [ 1075.629573] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.630664] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.631838] ? alloc_fd+0x2e7/0x670 [ 1075.632662] io_uring_setup+0x1fbb/0x2980 [ 1075.633599] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.634744] ? wait_for_completion_io+0x270/0x270 [ 1075.635846] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.637023] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.638190] do_syscall_64+0x33/0x40 [ 1075.639063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.640205] RIP: 0033:0x7fa2b71a6b19 [ 1075.641036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.645171] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.646890] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1075.648480] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.650071] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.651678] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 21:35:14 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 54) [ 1075.653278] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.674477] FAULT_INJECTION: forcing a failure. [ 1075.674477] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.677062] CPU: 1 PID: 7004 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1075.678601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.680450] Call Trace: [ 1075.681188] dump_stack+0x107/0x167 [ 1075.682008] should_fail.cold+0x5/0xa [ 1075.682873] ? create_object.isra.0+0x3a/0xa20 [ 1075.683938] should_failslab+0x5/0x20 [ 1075.684795] kmem_cache_alloc+0x5b/0x310 [ 1075.685708] ? mark_held_locks+0x9e/0xe0 [ 1075.686636] create_object.isra.0+0x3a/0xa20 [ 1075.687622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1075.688769] kmem_cache_alloc+0x159/0x310 [ 1075.689709] xas_alloc+0x336/0x440 [ 1075.690522] xas_create+0x34a/0x10d0 [ 1075.690971] FAULT_INJECTION: forcing a failure. [ 1075.690971] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.691364] ? kernel_text_address+0xf2/0x120 [ 1075.691387] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.691412] xas_store+0x8c/0x1c40 [ 1075.696660] __xa_store+0x164/0x2d0 [ 1075.697481] ? xa_delete_node+0x280/0x280 [ 1075.698429] ? trace_hardirqs_on+0x5b/0x180 [ 1075.699412] xa_store+0x31/0x50 [ 1075.700166] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.701249] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.702435] ? alloc_fd+0x2e7/0x670 [ 1075.703264] io_uring_setup+0x1fbb/0x2980 [ 1075.704205] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.705350] ? wait_for_completion_io+0x270/0x270 [ 1075.706466] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.707646] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.708814] do_syscall_64+0x33/0x40 [ 1075.709657] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.710822] RIP: 0033:0x7f6039043b19 [ 1075.711659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.715784] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.717497] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1075.719112] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.720721] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.722334] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.723940] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1075.725570] CPU: 0 PID: 7007 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1075.727014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.728747] Call Trace: [ 1075.729303] dump_stack+0x107/0x167 [ 1075.730064] should_fail.cold+0x5/0xa [ 1075.730870] ? create_object.isra.0+0x3a/0xa20 [ 1075.731824] should_failslab+0x5/0x20 [ 1075.732603] kmem_cache_alloc+0x5b/0x310 [ 1075.733452] ? mark_held_locks+0x9e/0xe0 [ 1075.734319] create_object.isra.0+0x3a/0xa20 [ 1075.735241] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1075.736311] kmem_cache_alloc+0x159/0x310 [ 1075.737182] xas_alloc+0x336/0x440 [ 1075.737932] xas_create+0x34a/0x10d0 [ 1075.738730] ? kernel_text_address+0xf2/0x120 [ 1075.739664] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.740744] xas_store+0x8c/0x1c40 [ 1075.741504] __xa_store+0x164/0x2d0 [ 1075.742288] ? xa_delete_node+0x280/0x280 [ 1075.743160] ? trace_hardirqs_on+0x5b/0x180 [ 1075.744074] xa_store+0x31/0x50 [ 1075.744769] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.745763] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.746883] ? alloc_fd+0x2e7/0x670 [ 1075.747659] io_uring_setup+0x1fbb/0x2980 [ 1075.748527] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.749585] ? wait_for_completion_io+0x270/0x270 [ 1075.750644] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.751740] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.752803] do_syscall_64+0x33/0x40 [ 1075.753581] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.754661] RIP: 0033:0x7fe43d50db19 [ 1075.755443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.759300] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.760891] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1075.762385] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.763875] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.765363] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.766870] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:14 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 53) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:35:14 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:14 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x8000) [ 1075.942892] FAULT_INJECTION: forcing a failure. [ 1075.942892] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.945745] CPU: 1 PID: 7013 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1075.947301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.949161] Call Trace: [ 1075.949763] dump_stack+0x107/0x167 [ 1075.950587] should_fail.cold+0x5/0xa [ 1075.951455] ? xas_alloc+0x336/0x440 [ 1075.952304] should_failslab+0x5/0x20 [ 1075.953159] kmem_cache_alloc+0x5b/0x310 [ 1075.954076] xas_alloc+0x336/0x440 [ 1075.954887] xas_create+0x34a/0x10d0 [ 1075.955742] ? kernel_text_address+0xf2/0x120 [ 1075.956752] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.957927] xas_store+0x8c/0x1c40 [ 1075.958754] __xa_store+0x164/0x2d0 [ 1075.959578] ? xa_delete_node+0x280/0x280 [ 1075.960517] ? trace_hardirqs_on+0x5b/0x180 [ 1075.961490] xa_store+0x31/0x50 [ 1075.962258] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.963351] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.964552] ? alloc_fd+0x2e7/0x670 [ 1075.965378] io_uring_setup+0x1fbb/0x2980 [ 1075.966327] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.967466] ? wait_for_completion_io+0x270/0x270 [ 1075.968565] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.969736] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.970903] do_syscall_64+0x33/0x40 [ 1075.971760] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.972909] RIP: 0033:0x7fa2b71a6b19 [ 1075.973745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.977890] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.979612] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1075.981213] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1075.982819] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.984417] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1075.986022] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:31 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:31 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:31 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1092.173846] FAULT_INJECTION: forcing a failure. [ 1092.173846] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.175186] CPU: 1 PID: 7031 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1092.176042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.177051] Call Trace: [ 1092.177343] dump_stack+0x107/0x167 [ 1092.177739] should_fail.cold+0x5/0xa [ 1092.178159] ? create_object.isra.0+0x3a/0xa20 [ 1092.178659] should_failslab+0x5/0x20 [ 1092.179085] kmem_cache_alloc+0x5b/0x310 [ 1092.179529] ? mark_held_locks+0x9e/0xe0 [ 1092.179977] create_object.isra.0+0x3a/0xa20 [ 1092.180455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1092.181010] kmem_cache_alloc+0x159/0x310 [ 1092.181465] xas_alloc+0x336/0x440 [ 1092.181850] xas_create+0x34a/0x10d0 [ 1092.182263] ? kernel_text_address+0xf2/0x120 [ 1092.182772] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.183345] xas_store+0x8c/0x1c40 [ 1092.183738] __xa_store+0x164/0x2d0 [ 1092.184136] ? xa_delete_node+0x280/0x280 [ 1092.184594] ? trace_hardirqs_on+0x5b/0x180 [ 1092.185066] xa_store+0x31/0x50 [ 1092.185426] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.185951] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.186524] ? alloc_fd+0x2e7/0x670 [ 1092.186935] io_uring_setup+0x1fbb/0x2980 [ 1092.187391] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.187951] ? wait_for_completion_io+0x270/0x270 [ 1092.188487] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.189063] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.189634] do_syscall_64+0x33/0x40 [ 1092.190036] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.190591] RIP: 0033:0x7fa2b71a6b19 [ 1092.191003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.192997] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.193823] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1092.194596] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.195377] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.196145] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 21:35:31 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 53) 21:35:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 53) 21:35:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 55) 21:35:31 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 54) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 1092.196915] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1092.252234] FAULT_INJECTION: forcing a failure. [ 1092.252234] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.253537] CPU: 1 PID: 7043 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1092.254303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.255237] Call Trace: [ 1092.255529] dump_stack+0x107/0x167 [ 1092.255938] should_fail.cold+0x5/0xa [ 1092.256361] ? xas_alloc+0x336/0x440 [ 1092.256778] should_failslab+0x5/0x20 [ 1092.257201] kmem_cache_alloc+0x5b/0x310 [ 1092.257654] xas_alloc+0x336/0x440 [ 1092.258057] xas_create+0x34a/0x10d0 [ 1092.258482] ? kernel_text_address+0xf2/0x120 [ 1092.258991] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.259584] xas_store+0x8c/0x1c40 [ 1092.259988] __xa_store+0x164/0x2d0 [ 1092.260402] ? xa_delete_node+0x280/0x280 [ 1092.260867] ? trace_hardirqs_on+0x5b/0x180 [ 1092.261355] xa_store+0x31/0x50 [ 1092.261724] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.262261] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.262848] ? alloc_fd+0x2e7/0x670 [ 1092.263260] io_uring_setup+0x1fbb/0x2980 [ 1092.263727] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.264302] ? wait_for_completion_io+0x270/0x270 [ 1092.264859] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.265443] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.266019] do_syscall_64+0x33/0x40 [ 1092.266439] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.267014] RIP: 0033:0x7f6039043b19 [ 1092.267436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.269500] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.270351] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 1092.271141] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.271934] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.272727] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.273520] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1092.320988] FAULT_INJECTION: forcing a failure. [ 1092.320988] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.322345] CPU: 1 PID: 7042 Comm: syz-executor.5 Not tainted 5.10.233 #1 21:35:31 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0) 21:35:31 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 55) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 1092.323103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.324250] Call Trace: [ 1092.324541] dump_stack+0x107/0x167 [ 1092.324940] should_fail.cold+0x5/0xa [ 1092.325353] ? xas_alloc+0x336/0x440 [ 1092.325767] should_failslab+0x5/0x20 [ 1092.326186] kmem_cache_alloc+0x5b/0x310 [ 1092.326632] xas_alloc+0x336/0x440 [ 1092.327035] xas_create+0x34a/0x10d0 [ 1092.327444] ? kernel_text_address+0xf2/0x120 [ 1092.327943] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.328510] xas_store+0x8c/0x1c40 [ 1092.328904] __xa_store+0x164/0x2d0 [ 1092.329301] ? xa_delete_node+0x280/0x280 [ 1092.329756] ? trace_hardirqs_on+0x5b/0x180 [ 1092.330229] xa_store+0x31/0x50 [ 1092.330592] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.331126] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.331733] ? alloc_fd+0x2e7/0x670 [ 1092.332133] io_uring_setup+0x1fbb/0x2980 [ 1092.332589] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.333138] ? wait_for_completion_io+0x270/0x270 [ 1092.333669] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.334241] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.334809] do_syscall_64+0x33/0x40 [ 1092.335211] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.335768] RIP: 0033:0x7fe43d50db19 [ 1092.336171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.338172] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.339004] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1092.339779] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.340554] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.341333] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.342109] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 54) [ 1092.354034] FAULT_INJECTION: forcing a failure. [ 1092.354034] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.356819] CPU: 0 PID: 7047 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1092.358288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.360074] Call Trace: [ 1092.360640] dump_stack+0x107/0x167 [ 1092.361426] should_fail.cold+0x5/0xa [ 1092.362243] ? xas_alloc+0x336/0x440 [ 1092.363054] should_failslab+0x5/0x20 [ 1092.363876] kmem_cache_alloc+0x5b/0x310 [ 1092.364756] xas_alloc+0x336/0x440 [ 1092.365521] xas_create+0x34a/0x10d0 [ 1092.366328] ? kernel_text_address+0xf2/0x120 [ 1092.367301] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.368421] xas_store+0x8c/0x1c40 [ 1092.369190] __xa_store+0x164/0x2d0 [ 1092.369969] ? xa_delete_node+0x280/0x280 [ 1092.370872] ? trace_hardirqs_on+0x5b/0x180 [ 1092.371799] xa_store+0x31/0x50 [ 1092.372507] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.373534] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.374651] ? alloc_fd+0x2e7/0x670 [ 1092.375446] io_uring_setup+0x1fbb/0x2980 [ 1092.376338] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.377417] ? wait_for_completion_io+0x270/0x270 [ 1092.378471] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.379590] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.380695] do_syscall_64+0x33/0x40 [ 1092.381488] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.382579] RIP: 0033:0x7fa2b71a6b19 [ 1092.383379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.387312] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.388935] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1092.390454] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.391979] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.393494] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.395026] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1092.401606] FAULT_INJECTION: forcing a failure. [ 1092.401606] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.404010] CPU: 0 PID: 7044 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1092.405464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.407232] Call Trace: [ 1092.407793] dump_stack+0x107/0x167 [ 1092.408567] should_fail.cold+0x5/0xa [ 1092.409375] ? xas_alloc+0x336/0x440 [ 1092.410175] should_failslab+0x5/0x20 [ 1092.410993] kmem_cache_alloc+0x5b/0x310 [ 1092.411862] xas_alloc+0x336/0x440 [ 1092.412621] xas_create+0x34a/0x10d0 [ 1092.413422] ? kernel_text_address+0xf2/0x120 [ 1092.414377] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.415500] xas_store+0x8c/0x1c40 [ 1092.416271] __xa_store+0x164/0x2d0 [ 1092.417046] ? xa_delete_node+0x280/0x280 [ 1092.417935] ? trace_hardirqs_on+0x5b/0x180 [ 1092.418868] xa_store+0x31/0x50 [ 1092.419579] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.420609] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.421723] ? alloc_fd+0x2e7/0x670 [ 1092.422509] io_uring_setup+0x1fbb/0x2980 [ 1092.423406] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.424487] ? wait_for_completion_io+0x270/0x270 [ 1092.425534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.426651] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.427758] do_syscall_64+0x33/0x40 [ 1092.428552] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.429645] RIP: 0033:0x7fa304026b19 [ 1092.430439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.434345] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.435977] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1092.437496] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.439025] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.440545] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.442066] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 56) [ 1092.465192] FAULT_INJECTION: forcing a failure. [ 1092.465192] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.467651] CPU: 0 PID: 7057 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1092.469107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.470887] Call Trace: [ 1092.471573] dump_stack+0x107/0x167 [ 1092.472353] should_fail.cold+0x5/0xa [ 1092.473170] ? create_object.isra.0+0x3a/0xa20 [ 1092.474147] should_failslab+0x5/0x20 [ 1092.474970] kmem_cache_alloc+0x5b/0x310 [ 1092.475839] ? mark_held_locks+0x9e/0xe0 [ 1092.476711] create_object.isra.0+0x3a/0xa20 [ 1092.477723] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1092.479118] kmem_cache_alloc+0x159/0x310 [ 1092.480182] xas_alloc+0x336/0x440 [ 1092.481105] xas_create+0x34a/0x10d0 [ 1092.482081] ? kernel_text_address+0xf2/0x120 [ 1092.483269] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.484618] xas_store+0x8c/0x1c40 [ 1092.485581] __xa_store+0x164/0x2d0 [ 1092.486535] ? xa_delete_node+0x280/0x280 [ 1092.487640] ? trace_hardirqs_on+0x5b/0x180 [ 1092.488714] xa_store+0x31/0x50 [ 1092.489418] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.490531] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.491954] ? alloc_fd+0x2e7/0x670 [ 1092.492914] io_uring_setup+0x1fbb/0x2980 [ 1092.494005] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.495329] ? wait_for_completion_io+0x270/0x270 [ 1092.496611] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.497963] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.499319] do_syscall_64+0x33/0x40 [ 1092.500286] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.501611] RIP: 0033:0x7fe43d50db19 [ 1092.502578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.507360] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.509319] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1092.509341] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.511951] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.513765] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.515570] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1092.537322] FAULT_INJECTION: forcing a failure. [ 1092.537322] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.540221] CPU: 0 PID: 7060 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1092.541892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.543863] Call Trace: [ 1092.544438] dump_stack+0x107/0x167 [ 1092.545219] should_fail.cold+0x5/0xa [ 1092.546036] ? create_object.isra.0+0x3a/0xa20 [ 1092.547096] should_failslab+0x5/0x20 [ 1092.548084] kmem_cache_alloc+0x5b/0x310 [ 1092.549132] ? mark_held_locks+0x9e/0xe0 [ 1092.550190] create_object.isra.0+0x3a/0xa20 [ 1092.551344] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1092.552660] kmem_cache_alloc+0x159/0x310 [ 1092.553742] xas_alloc+0x336/0x440 [ 1092.554671] xas_create+0x34a/0x10d0 [ 1092.555677] ? kernel_text_address+0xf2/0x120 [ 1092.556843] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.558205] xas_store+0x8c/0x1c40 [ 1092.559163] __xa_store+0x164/0x2d0 [ 1092.560106] ? xa_delete_node+0x280/0x280 [ 1092.561188] ? trace_hardirqs_on+0x5b/0x180 [ 1092.562318] xa_store+0x31/0x50 [ 1092.563194] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.564458] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.565809] ? alloc_fd+0x2e7/0x670 [ 1092.566788] io_uring_setup+0x1fbb/0x2980 [ 1092.567883] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.569195] ? wait_for_completion_io+0x270/0x270 [ 1092.570477] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.571844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.573272] do_syscall_64+0x33/0x40 [ 1092.574555] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.575757] RIP: 0033:0x7f6039043b19 [ 1092.576621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.580851] RSP: 002b:00007f6036598108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.582667] RAX: ffffffffffffffda RBX: 00007f6039157020 RCX: 00007f6039043b19 [ 1092.584347] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.585881] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.587424] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.588957] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:31 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:31 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 54) 21:35:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 55) [ 1092.704395] FAULT_INJECTION: forcing a failure. [ 1092.704395] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.705621] CPU: 1 PID: 7065 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1092.706351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.707229] Call Trace: [ 1092.707512] dump_stack+0x107/0x167 [ 1092.707904] should_fail.cold+0x5/0xa [ 1092.708309] ? ___slab_alloc+0x155/0x700 [ 1092.708747] ? create_object.isra.0+0x3a/0xa20 [ 1092.709229] should_failslab+0x5/0x20 [ 1092.709634] kmem_cache_alloc+0x5b/0x310 [ 1092.710071] create_object.isra.0+0x3a/0xa20 [ 1092.710539] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1092.711094] kmem_cache_alloc+0x159/0x310 [ 1092.711539] xas_alloc+0x336/0x440 [ 1092.711917] xas_create+0x34a/0x10d0 [ 1092.712315] ? kernel_text_address+0xf2/0x120 [ 1092.712778] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.713330] xas_store+0x8c/0x1c40 [ 1092.713721] __xa_store+0x164/0x2d0 [ 1092.714109] ? xa_delete_node+0x280/0x280 [ 1092.714550] ? trace_hardirqs_on+0x5b/0x180 [ 1092.715019] xa_store+0x31/0x50 [ 1092.715367] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.715875] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.716412] ? alloc_fd+0x2e7/0x670 [ 1092.716801] io_uring_setup+0x1fbb/0x2980 [ 1092.717245] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.717778] ? wait_for_completion_io+0x270/0x270 [ 1092.718285] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.718844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.719388] do_syscall_64+0x33/0x40 [ 1092.719783] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.720331] RIP: 0033:0x7fa304026b19 [ 1092.720724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.722660] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.723467] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1092.724218] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.724973] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.725720] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.726465] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1092.793926] FAULT_INJECTION: forcing a failure. [ 1092.793926] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.796711] CPU: 0 PID: 7067 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1092.798354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1092.800359] Call Trace: [ 1092.800997] dump_stack+0x107/0x167 [ 1092.801876] should_fail.cold+0x5/0xa [ 1092.802811] ? xas_alloc+0x336/0x440 [ 1092.803716] should_failslab+0x5/0x20 [ 1092.804629] kmem_cache_alloc+0x5b/0x310 [ 1092.805605] xas_alloc+0x336/0x440 [ 1092.806449] xas_create+0x34a/0x10d0 [ 1092.807363] ? kernel_text_address+0xf2/0x120 [ 1092.808436] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1092.809689] xas_store+0x8c/0x1c40 [ 1092.810552] __xa_store+0x164/0x2d0 [ 1092.811440] ? xa_delete_node+0x280/0x280 [ 1092.812440] ? trace_hardirqs_on+0x5b/0x180 [ 1092.813476] xa_store+0x31/0x50 [ 1092.814464] __io_uring_add_tctx_node+0x1cf/0x520 [ 1092.816024] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1092.817528] ? alloc_fd+0x2e7/0x670 [ 1092.818531] io_uring_setup+0x1fbb/0x2980 [ 1092.819655] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1092.820984] ? wait_for_completion_io+0x270/0x270 [ 1092.822393] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1092.823792] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1092.825147] do_syscall_64+0x33/0x40 [ 1092.826127] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1092.827520] RIP: 0033:0x7f6039043b19 [ 1092.828529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.833539] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1092.835670] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1092.837654] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1092.839644] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1092.841556] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1092.843445] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 56) 21:35:47 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0) 21:35:47 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:47 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 57) 21:35:47 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 56) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:35:47 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:35:47 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 55) 21:35:47 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1108.631654] FAULT_INJECTION: forcing a failure. [ 1108.631654] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.633340] CPU: 0 PID: 7075 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1108.634335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.635557] Call Trace: [ 1108.635949] dump_stack+0x107/0x167 [ 1108.636487] should_fail.cold+0x5/0xa [ 1108.637050] ? create_object.isra.0+0x3a/0xa20 [ 1108.637723] should_failslab+0x5/0x20 [ 1108.638288] kmem_cache_alloc+0x5b/0x310 [ 1108.638884] ? mark_held_locks+0x9e/0xe0 [ 1108.639485] create_object.isra.0+0x3a/0xa20 [ 1108.640131] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1108.640879] kmem_cache_alloc+0x159/0x310 [ 1108.641496] xas_alloc+0x336/0x440 [ 1108.642024] xas_create+0x34a/0x10d0 [ 1108.642579] ? kernel_text_address+0xf2/0x120 [ 1108.643241] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.644019] xas_store+0x8c/0x1c40 [ 1108.644557] __xa_store+0x164/0x2d0 [ 1108.645095] ? xa_delete_node+0x280/0x280 [ 1108.645717] ? trace_hardirqs_on+0x5b/0x180 [ 1108.646359] xa_store+0x31/0x50 [ 1108.646854] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.647572] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.648339] ? alloc_fd+0x2e7/0x670 [ 1108.648886] io_uring_setup+0x1fbb/0x2980 [ 1108.649511] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.650235] ? wait_for_completion_io+0x270/0x270 [ 1108.650972] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.652159] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.653477] do_syscall_64+0x33/0x40 [ 1108.654422] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.654894] FAULT_INJECTION: forcing a failure. [ 1108.654894] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.655744] RIP: 0033:0x7f6039043b19 [ 1108.655766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.655781] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.664624] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1108.666436] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.668237] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.669864] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.671504] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1108.673156] CPU: 1 PID: 7085 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1108.673958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.674935] Call Trace: [ 1108.675244] dump_stack+0x107/0x167 [ 1108.675673] should_fail.cold+0x5/0xa [ 1108.676116] ? xas_alloc+0x336/0x440 [ 1108.676554] should_failslab+0x5/0x20 [ 1108.677002] kmem_cache_alloc+0x5b/0x310 [ 1108.677471] xas_alloc+0x336/0x440 [ 1108.677873] xas_create+0x34a/0x10d0 [ 1108.678317] ? kernel_text_address+0xf2/0x120 [ 1108.678838] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.679459] xas_store+0x8c/0x1c40 [ 1108.679876] __xa_store+0x164/0x2d0 [ 1108.680301] ? xa_delete_node+0x280/0x280 [ 1108.680785] ? trace_hardirqs_on+0x5b/0x180 [ 1108.681289] xa_store+0x31/0x50 [ 1108.681674] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.682218] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.682831] ? alloc_fd+0x2e7/0x670 [ 1108.683248] io_uring_setup+0x1fbb/0x2980 [ 1108.683739] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.684338] ? wait_for_completion_io+0x270/0x270 [ 1108.684892] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.685502] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.686101] do_syscall_64+0x33/0x40 [ 1108.686531] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.687134] RIP: 0033:0x7fe43d50db19 [ 1108.687564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.689680] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.690556] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1108.691379] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.692218] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.692994] FAULT_INJECTION: forcing a failure. [ 1108.692994] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.693031] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.693045] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1108.697640] CPU: 0 PID: 7087 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1108.699294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.701295] Call Trace: [ 1108.701951] dump_stack+0x107/0x167 [ 1108.702261] FAULT_INJECTION: forcing a failure. [ 1108.702261] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.702939] should_fail.cold+0x5/0xa [ 1108.702967] ? xas_alloc+0x336/0x440 [ 1108.706244] should_failslab+0x5/0x20 [ 1108.707111] kmem_cache_alloc+0x5b/0x310 [ 1108.708050] xas_alloc+0x336/0x440 [ 1108.708861] xas_create+0x34a/0x10d0 [ 1108.709718] ? kernel_text_address+0xf2/0x120 [ 1108.710741] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.711953] xas_store+0x8c/0x1c40 [ 1108.712776] __xa_store+0x164/0x2d0 [ 1108.713604] ? xa_delete_node+0x280/0x280 [ 1108.714553] ? trace_hardirqs_on+0x5b/0x180 [ 1108.715548] xa_store+0x31/0x50 [ 1108.716302] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.717398] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.718584] ? alloc_fd+0x2e7/0x670 [ 1108.719432] io_uring_setup+0x1fbb/0x2980 [ 1108.720348] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.721502] ? wait_for_completion_io+0x270/0x270 [ 1108.722622] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.723821] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.724994] do_syscall_64+0x33/0x40 [ 1108.725834] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.726987] RIP: 0033:0x7fa304026b19 [ 1108.727844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.732024] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.733686] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1108.735311] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.736945] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.738572] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.740205] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1108.742005] CPU: 1 PID: 7084 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1108.743015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.744237] Call Trace: [ 1108.744645] dump_stack+0x107/0x167 [ 1108.745158] should_fail.cold+0x5/0xa [ 1108.745674] ? create_object.isra.0+0x3a/0xa20 [ 1108.746197] should_failslab+0x5/0x20 [ 1108.746646] kmem_cache_alloc+0x5b/0x310 [ 1108.747112] ? mark_held_locks+0x9e/0xe0 [ 1108.747602] create_object.isra.0+0x3a/0xa20 [ 1108.748104] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1108.748698] kmem_cache_alloc+0x159/0x310 [ 1108.749179] xas_alloc+0x336/0x440 [ 1108.749585] xas_create+0x34a/0x10d0 [ 1108.750012] ? kernel_text_address+0xf2/0x120 [ 1108.750521] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.751131] xas_store+0x8c/0x1c40 [ 1108.751591] __xa_store+0x164/0x2d0 [ 1108.752013] ? xa_delete_node+0x280/0x280 [ 1108.752489] ? trace_hardirqs_on+0x5b/0x180 [ 1108.752983] xa_store+0x31/0x50 [ 1108.753362] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.753912] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.754518] ? alloc_fd+0x2e7/0x670 [ 1108.754940] io_uring_setup+0x1fbb/0x2980 [ 1108.755429] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.756012] ? wait_for_completion_io+0x270/0x270 [ 1108.756656] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.757347] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.758067] do_syscall_64+0x33/0x40 [ 1108.758580] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.759294] RIP: 0033:0x7fa2b71a6b19 [ 1108.759823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.762381] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.763452] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1108.764484] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.765477] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.766474] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.767473] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:35:47 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x0, 0x0}, 0x10) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0) 21:35:47 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 56) 21:35:47 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 58) [ 1108.887197] FAULT_INJECTION: forcing a failure. [ 1108.887197] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.888883] CPU: 1 PID: 7097 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1108.889820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.890941] Call Trace: [ 1108.891305] dump_stack+0x107/0x167 [ 1108.891811] should_fail.cold+0x5/0xa [ 1108.892334] ? create_object.isra.0+0x3a/0xa20 [ 1108.892968] should_failslab+0x5/0x20 [ 1108.893485] kmem_cache_alloc+0x5b/0x310 [ 1108.894040] ? mark_held_locks+0x9e/0xe0 [ 1108.894590] create_object.isra.0+0x3a/0xa20 [ 1108.895188] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1108.895887] kmem_cache_alloc+0x159/0x310 [ 1108.896456] xas_alloc+0x336/0x440 [ 1108.896941] xas_create+0x34a/0x10d0 [ 1108.897454] ? kernel_text_address+0xf2/0x120 [ 1108.898062] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.898464] FAULT_INJECTION: forcing a failure. [ 1108.898464] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.898780] xas_store+0x8c/0x1c40 [ 1108.902199] __xa_store+0x164/0x2d0 [ 1108.902705] ? xa_delete_node+0x280/0x280 [ 1108.903300] ? trace_hardirqs_on+0x5b/0x180 [ 1108.903890] xa_store+0x31/0x50 [ 1108.904332] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.904997] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.905695] ? alloc_fd+0x2e7/0x670 [ 1108.906193] io_uring_setup+0x1fbb/0x2980 [ 1108.906759] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.907453] ? wait_for_completion_io+0x270/0x270 [ 1108.908137] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.908840] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.909530] do_syscall_64+0x33/0x40 [ 1108.910028] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.910715] RIP: 0033:0x7fa304026b19 [ 1108.911213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.913684] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.914704] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1108.915664] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.916634] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.917600] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.918552] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1108.919546] CPU: 0 PID: 7098 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1108.921388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1108.923564] Call Trace: [ 1108.924264] dump_stack+0x107/0x167 [ 1108.925218] should_fail.cold+0x5/0xa [ 1108.926221] ? create_object.isra.0+0x3a/0xa20 [ 1108.927467] should_failslab+0x5/0x20 [ 1108.928500] kmem_cache_alloc+0x5b/0x310 [ 1108.929592] ? mark_held_locks+0x9e/0xe0 [ 1108.930691] create_object.isra.0+0x3a/0xa20 [ 1108.933132] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1108.937533] kmem_cache_alloc+0x159/0x310 [ 1108.940990] xas_alloc+0x336/0x440 [ 1108.942026] xas_create+0x34a/0x10d0 [ 1108.943044] ? kernel_text_address+0xf2/0x120 [ 1108.944259] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1108.945718] xas_store+0x8c/0x1c40 [ 1108.946754] __xa_store+0x164/0x2d0 [ 1108.947794] ? xa_delete_node+0x280/0x280 [ 1108.948977] ? trace_hardirqs_on+0x5b/0x180 [ 1108.950166] xa_store+0x31/0x50 [ 1108.951087] __io_uring_add_tctx_node+0x1cf/0x520 [ 1108.952352] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1108.953806] ? alloc_fd+0x2e7/0x670 [ 1108.954835] io_uring_setup+0x1fbb/0x2980 [ 1108.956021] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1108.957430] ? wait_for_completion_io+0x270/0x270 [ 1108.958806] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1108.960278] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1108.961712] do_syscall_64+0x33/0x40 [ 1108.962748] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1108.964153] RIP: 0033:0x7fe43d50db19 [ 1108.965183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1108.970269] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1108.972383] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1108.974419] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1108.976412] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1108.978383] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1108.980372] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:02 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 57) 21:36:02 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 57) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:02 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1123.787896] FAULT_INJECTION: forcing a failure. [ 1123.787896] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.788737] FAULT_INJECTION: forcing a failure. [ 1123.788737] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.790059] CPU: 0 PID: 7114 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1123.792483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1123.793990] Call Trace: [ 1123.794475] dump_stack+0x107/0x167 [ 1123.795137] should_fail.cold+0x5/0xa [ 1123.795829] ? xas_alloc+0x336/0x440 [ 1123.796516] should_failslab+0x5/0x20 [ 1123.797212] kmem_cache_alloc+0x5b/0x310 [ 1123.797966] xas_alloc+0x336/0x440 [ 1123.798623] xas_create+0x34a/0x10d0 [ 1123.799322] ? kernel_text_address+0xf2/0x120 [ 1123.800157] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1123.801120] xas_store+0x8c/0x1c40 [ 1123.801783] __xa_store+0x164/0x2d0 [ 1123.802457] ? xa_delete_node+0x280/0x280 [ 1123.803224] ? trace_hardirqs_on+0x5b/0x180 [ 1123.804028] xa_store+0x31/0x50 [ 1123.804638] __io_uring_add_tctx_node+0x1cf/0x520 [ 1123.805523] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1123.806483] ? alloc_fd+0x2e7/0x670 [ 1123.807159] io_uring_setup+0x1fbb/0x2980 [ 1123.807931] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1123.808862] ? wait_for_completion_io+0x270/0x270 [ 1123.809763] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1123.810723] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1123.811674] do_syscall_64+0x33/0x40 [ 1123.812364] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1123.813304] RIP: 0033:0x7fa2b71a6b19 [ 1123.813986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.817370] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1123.818776] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1123.820109] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1123.821431] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1123.822755] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1123.824082] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1123.825424] CPU: 1 PID: 7117 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1123.826239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1123.827209] Call Trace: [ 1123.827526] dump_stack+0x107/0x167 [ 1123.827960] should_fail.cold+0x5/0xa [ 1123.828402] ? xas_alloc+0x336/0x440 [ 1123.828836] should_failslab+0x5/0x20 [ 1123.829277] kmem_cache_alloc+0x5b/0x310 [ 1123.829752] xas_alloc+0x336/0x440 [ 1123.830172] xas_create+0x34a/0x10d0 [ 1123.830612] ? kernel_text_address+0xf2/0x120 [ 1123.831132] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1123.831956] xas_store+0x8c/0x1c40 [ 1123.832524] __xa_store+0x164/0x2d0 [ 1123.833069] ? xa_delete_node+0x280/0x280 [ 1123.833562] ? trace_hardirqs_on+0x5b/0x180 [ 1123.834071] xa_store+0x31/0x50 [ 1123.834462] __io_uring_add_tctx_node+0x1cf/0x520 [ 1123.835020] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1123.835632] ? alloc_fd+0x2e7/0x670 [ 1123.836070] io_uring_setup+0x1fbb/0x2980 [ 1123.836553] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1123.837144] ? wait_for_completion_io+0x270/0x270 [ 1123.837712] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1123.838323] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1123.838918] do_syscall_64+0x33/0x40 [ 1123.839352] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1123.839955] RIP: 0033:0x7fe43d50db19 [ 1123.840390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.842518] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1123.842532] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 21:36:02 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 59) 21:36:02 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:02 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:02 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 57) 21:36:02 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1123.842539] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1123.842547] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1123.842564] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1123.847404] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1123.890861] FAULT_INJECTION: forcing a failure. [ 1123.890861] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.893051] CPU: 0 PID: 7126 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1123.894361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1123.895955] Call Trace: [ 1123.896464] dump_stack+0x107/0x167 [ 1123.897166] should_fail.cold+0x5/0xa [ 1123.897899] ? xas_alloc+0x336/0x440 [ 1123.898617] should_failslab+0x5/0x20 [ 1123.899347] kmem_cache_alloc+0x5b/0x310 [ 1123.900148] xas_alloc+0x336/0x440 [ 1123.900830] xas_create+0x34a/0x10d0 [ 1123.901553] ? kernel_text_address+0xf2/0x120 [ 1123.902415] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1123.903426] xas_store+0x8c/0x1c40 [ 1123.904131] __xa_store+0x164/0x2d0 [ 1123.904832] ? xa_delete_node+0x280/0x280 [ 1123.905637] ? trace_hardirqs_on+0x5b/0x180 [ 1123.906470] xa_store+0x31/0x50 [ 1123.907107] __io_uring_add_tctx_node+0x1cf/0x520 [ 1123.908039] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1123.909041] ? alloc_fd+0x2e7/0x670 [ 1123.909747] io_uring_setup+0x1fbb/0x2980 [ 1123.910549] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1123.911530] ? wait_for_completion_io+0x270/0x270 [ 1123.912491] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1123.913498] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1123.914488] do_syscall_64+0x33/0x40 [ 1123.915203] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1123.916200] RIP: 0033:0x7f6039043b19 [ 1123.916915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.920465] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1123.921926] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1123.922732] FAULT_INJECTION: forcing a failure. [ 1123.922732] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.923302] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1123.923314] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1123.923331] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1123.928787] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1123.930190] CPU: 1 PID: 7111 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1123.931001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1123.932012] Call Trace: [ 1123.932331] dump_stack+0x107/0x167 [ 1123.932757] should_fail.cold+0x5/0xa [ 1123.933207] ? xas_alloc+0x336/0x440 [ 1123.933646] should_failslab+0x5/0x20 [ 1123.934089] kmem_cache_alloc+0x5b/0x310 [ 1123.934565] xas_alloc+0x336/0x440 [ 1123.934975] xas_create+0x34a/0x10d0 [ 1123.935420] ? kernel_text_address+0xf2/0x120 [ 1123.935950] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 21:36:02 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 60) [ 1123.936565] xas_store+0x8c/0x1c40 [ 1123.937197] __xa_store+0x164/0x2d0 [ 1123.937624] ? xa_delete_node+0x280/0x280 [ 1123.938116] ? trace_hardirqs_on+0x5b/0x180 [ 1123.938629] xa_store+0x31/0x50 [ 1123.939016] __io_uring_add_tctx_node+0x1cf/0x520 [ 1123.939578] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1123.940204] ? alloc_fd+0x2e7/0x670 [ 1123.940633] io_uring_setup+0x1fbb/0x2980 [ 1123.941120] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1123.941715] ? wait_for_completion_io+0x270/0x270 [ 1123.942293] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1123.942904] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1123.943506] do_syscall_64+0x33/0x40 [ 1123.943948] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1123.944548] RIP: 0033:0x7fa304026b19 [ 1123.944984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.947133] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1123.948035] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1123.948871] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1123.949700] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1123.950532] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1123.951367] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:02 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 58) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:02 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 58) [ 1123.980766] FAULT_INJECTION: forcing a failure. [ 1123.980766] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.982111] CPU: 1 PID: 7130 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1123.982890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1123.983838] Call Trace: [ 1123.984165] dump_stack+0x107/0x167 [ 1123.984590] should_fail.cold+0x5/0xa [ 1123.985028] ? create_object.isra.0+0x3a/0xa20 [ 1123.985560] should_failslab+0x5/0x20 [ 1123.985998] kmem_cache_alloc+0x5b/0x310 [ 1123.986464] ? mark_held_locks+0x9e/0xe0 [ 1123.986939] create_object.isra.0+0x3a/0xa20 [ 1123.987446] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1123.988047] kmem_cache_alloc+0x159/0x310 [ 1123.988534] xas_alloc+0x336/0x440 [ 1123.988946] xas_create+0x34a/0x10d0 [ 1123.989384] ? kernel_text_address+0xf2/0x120 [ 1123.989908] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1123.990511] xas_store+0x8c/0x1c40 [ 1123.990935] __xa_store+0x164/0x2d0 [ 1123.991355] ? xa_delete_node+0x280/0x280 [ 1123.991829] ? trace_hardirqs_on+0x5b/0x180 [ 1123.992335] xa_store+0x31/0x50 [ 1123.992718] __io_uring_add_tctx_node+0x1cf/0x520 [ 1123.993271] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1123.993869] ? alloc_fd+0x2e7/0x670 [ 1123.994300] io_uring_setup+0x1fbb/0x2980 [ 1123.994778] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1123.995362] ? wait_for_completion_io+0x270/0x270 [ 1123.995936] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1123.996532] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1123.997117] do_syscall_64+0x33/0x40 [ 1123.997543] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1123.998129] RIP: 0033:0x7f6039043b19 [ 1123.998564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.000663] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.001526] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1124.002336] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.003152] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.003977] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.004791] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1124.027912] FAULT_INJECTION: forcing a failure. [ 1124.027912] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.030160] CPU: 0 PID: 7134 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1124.031457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.031464] Call Trace: [ 1124.031492] dump_stack+0x107/0x167 [ 1124.031514] should_fail.cold+0x5/0xa [ 1124.034379] ? create_object.isra.0+0x3a/0xa20 [ 1124.035252] should_failslab+0x5/0x20 [ 1124.035991] kmem_cache_alloc+0x5b/0x310 [ 1124.036781] ? mark_held_locks+0x9e/0xe0 [ 1124.037567] create_object.isra.0+0x3a/0xa20 [ 1124.038409] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1124.039387] kmem_cache_alloc+0x159/0x310 [ 1124.040192] xas_alloc+0x336/0x440 [ 1124.040881] xas_create+0x34a/0x10d0 [ 1124.041599] ? kernel_text_address+0xf2/0x120 [ 1124.042462] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.043459] xas_store+0x8c/0x1c40 [ 1124.044160] __xa_store+0x164/0x2d0 [ 1124.044868] ? xa_delete_node+0x280/0x280 [ 1124.045673] ? trace_hardirqs_on+0x5b/0x180 [ 1124.046497] xa_store+0x31/0x50 [ 1124.047126] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.048050] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.049049] ? alloc_fd+0x2e7/0x670 [ 1124.049753] io_uring_setup+0x1fbb/0x2980 [ 1124.050554] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.051523] ? wait_for_completion_io+0x270/0x270 [ 1124.052479] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.053472] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.054451] do_syscall_64+0x33/0x40 [ 1124.055159] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.056136] RIP: 0033:0x7fe43d50db19 [ 1124.056842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.060331] RSP: 002b:00007fe43aa83108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.061772] RAX: ffffffffffffffda RBX: 00007fe43d620f60 RCX: 00007fe43d50db19 [ 1124.063127] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.064487] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.065849] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.067204] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1124.072060] FAULT_INJECTION: forcing a failure. [ 1124.072060] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.074449] CPU: 0 PID: 7133 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1124.075762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.077362] Call Trace: [ 1124.077865] dump_stack+0x107/0x167 [ 1124.078558] should_fail.cold+0x5/0xa [ 1124.079284] ? create_object.isra.0+0x3a/0xa20 [ 1124.080169] should_failslab+0x5/0x20 [ 1124.080905] kmem_cache_alloc+0x5b/0x310 [ 1124.081668] ? mark_held_locks+0x9e/0xe0 [ 1124.082432] create_object.isra.0+0x3a/0xa20 [ 1124.083300] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1124.084332] kmem_cache_alloc+0x159/0x310 [ 1124.085162] xas_alloc+0x336/0x440 [ 1124.085870] xas_create+0x34a/0x10d0 [ 1124.086619] ? kernel_text_address+0xf2/0x120 [ 1124.087515] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.088572] xas_store+0x8c/0x1c40 [ 1124.089285] __xa_store+0x164/0x2d0 [ 1124.090000] ? xa_delete_node+0x280/0x280 [ 1124.090827] ? trace_hardirqs_on+0x5b/0x180 [ 1124.091681] xa_store+0x31/0x50 [ 1124.092342] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.093290] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.094318] ? alloc_fd+0x2e7/0x670 [ 1124.095046] io_uring_setup+0x1fbb/0x2980 [ 1124.095870] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.096874] ? wait_for_completion_io+0x270/0x270 [ 1124.097844] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.098879] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.099903] do_syscall_64+0x33/0x40 [ 1124.100637] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.101645] RIP: 0033:0x7fa2b71a6b19 [ 1124.102378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.106006] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.107510] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1124.108926] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.110332] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.111737] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.113149] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 59) 21:36:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 58) [ 1124.138019] FAULT_INJECTION: forcing a failure. [ 1124.138019] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.139431] CPU: 1 PID: 7139 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1124.140216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.141157] Call Trace: [ 1124.141462] dump_stack+0x107/0x167 [ 1124.141892] should_fail.cold+0x5/0xa [ 1124.142337] ? create_object.isra.0+0x3a/0xa20 [ 1124.142871] should_failslab+0x5/0x20 [ 1124.143315] kmem_cache_alloc+0x5b/0x310 [ 1124.143789] ? mark_held_locks+0x9e/0xe0 [ 1124.144270] create_object.isra.0+0x3a/0xa20 [ 1124.144785] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1124.145378] kmem_cache_alloc+0x159/0x310 [ 1124.145866] xas_alloc+0x336/0x440 [ 1124.146284] xas_create+0x34a/0x10d0 [ 1124.146719] ? kernel_text_address+0xf2/0x120 [ 1124.147248] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.147857] xas_store+0x8c/0x1c40 [ 1124.148286] __xa_store+0x164/0x2d0 [ 1124.148705] ? xa_delete_node+0x280/0x280 [ 1124.149192] ? trace_hardirqs_on+0x5b/0x180 [ 1124.149698] xa_store+0x31/0x50 [ 1124.150083] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.150644] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.151296] ? alloc_fd+0x2e7/0x670 [ 1124.151723] io_uring_setup+0x1fbb/0x2980 [ 1124.152220] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.152812] ? wait_for_completion_io+0x270/0x270 [ 1124.153382] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.153999] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.154594] do_syscall_64+0x33/0x40 [ 1124.155029] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.155624] RIP: 0033:0x7fa304026b19 [ 1124.156061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.158208] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.159101] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1124.159933] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.160765] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.161593] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.162418] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1124.164733] FAULT_INJECTION: forcing a failure. [ 1124.164733] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.166054] CPU: 1 PID: 7137 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1124.166831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.167771] Call Trace: [ 1124.168074] dump_stack+0x107/0x167 [ 1124.168486] should_fail.cold+0x5/0xa [ 1124.168917] ? xas_alloc+0x336/0x440 [ 1124.169356] should_failslab+0x5/0x20 [ 1124.169794] kmem_cache_alloc+0x5b/0x310 [ 1124.170271] xas_alloc+0x336/0x440 [ 1124.170681] xas_create+0x34a/0x10d0 [ 1124.171117] ? kernel_text_address+0xf2/0x120 [ 1124.171641] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.172250] xas_store+0x8c/0x1c40 [ 1124.172668] __xa_store+0x164/0x2d0 [ 1124.173095] ? xa_delete_node+0x280/0x280 [ 1124.173582] ? trace_hardirqs_on+0x5b/0x180 [ 1124.174084] xa_store+0x31/0x50 [ 1124.174471] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.175030] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.175637] ? alloc_fd+0x2e7/0x670 [ 1124.176073] io_uring_setup+0x1fbb/0x2980 [ 1124.176562] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.177145] ? wait_for_completion_io+0x270/0x270 [ 1124.177712] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.178317] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.178918] do_syscall_64+0x33/0x40 [ 1124.179349] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.179958] RIP: 0033:0x7f6039043b19 21:36:03 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 61) [ 1124.180391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.182712] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.183573] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1124.184385] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.185191] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.185997] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.186807] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:03 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 59) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:03 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:03 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1124.281287] FAULT_INJECTION: forcing a failure. [ 1124.281287] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.283735] CPU: 0 PID: 7143 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1124.285059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.286638] Call Trace: [ 1124.287144] dump_stack+0x107/0x167 [ 1124.287837] should_fail.cold+0x5/0xa [ 1124.288582] ? vm_area_dup+0x78/0x290 [ 1124.289315] should_failslab+0x5/0x20 [ 1124.290042] kmem_cache_alloc+0x5b/0x310 [ 1124.290821] vm_area_dup+0x78/0x290 [ 1124.291519] ? lock_release+0x680/0x680 [ 1124.292290] ? mark_lock+0xf5/0x2df0 [ 1124.293011] ? lock_chain_count+0x20/0x20 [ 1124.293802] ? mark_lock+0xf5/0x2df0 [ 1124.294522] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.295524] ? lock_chain_count+0x20/0x20 [ 1124.296333] ? mark_lock+0xf5/0x2df0 [ 1124.297051] ? vm_area_alloc+0x110/0x110 [ 1124.297829] ? __lock_acquire+0x1657/0x5b00 [ 1124.298665] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.299193] FAULT_INJECTION: forcing a failure. [ 1124.299193] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.299661] ? vmacache_find+0x55/0x2a0 [ 1124.301765] __split_vma+0xa8/0x4e0 [ 1124.302462] __do_munmap+0x365/0x1260 [ 1124.303188] ? arch_get_unmapped_area+0x450/0x450 [ 1124.304117] ? lock_release+0x680/0x680 [ 1124.304873] mmap_region+0x7c8/0x1500 [ 1124.305608] do_mmap+0xcdb/0x11e0 [ 1124.306272] vm_mmap_pgoff+0x198/0x1f0 [ 1124.307005] ? randomize_page+0xb0/0xb0 [ 1124.307765] ksys_mmap_pgoff+0x41c/0x560 [ 1124.308536] ? find_mergeable_anon_vma+0x250/0x250 [ 1124.309460] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.310443] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.311407] do_syscall_64+0x33/0x40 [ 1124.312126] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.313080] RIP: 0033:0x7fe43d50db62 [ 1124.313773] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1124.317233] RSP: 002b:00007fe43aa830f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1124.318649] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1124.320001] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1124.321336] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1124.322668] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1124.324007] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1124.325366] CPU: 1 PID: 7147 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1124.326169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.327138] Call Trace: [ 1124.327457] dump_stack+0x107/0x167 [ 1124.327884] should_fail.cold+0x5/0xa [ 1124.328337] ? ___slab_alloc+0x155/0x700 [ 1124.328816] ? create_object.isra.0+0x3a/0xa20 [ 1124.329349] should_failslab+0x5/0x20 [ 1124.329789] kmem_cache_alloc+0x5b/0x310 [ 1124.330262] create_object.isra.0+0x3a/0xa20 [ 1124.330768] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1124.331354] kmem_cache_alloc+0x159/0x310 [ 1124.331837] xas_alloc+0x336/0x440 [ 1124.332258] xas_create+0x34a/0x10d0 [ 1124.332695] ? kernel_text_address+0xf2/0x120 [ 1124.333216] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 21:36:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 60) 21:36:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 59) [ 1124.333820] xas_store+0x8c/0x1c40 [ 1124.334480] __xa_store+0x164/0x2d0 [ 1124.334901] ? xa_delete_node+0x280/0x280 [ 1124.335381] ? trace_hardirqs_on+0x5b/0x180 [ 1124.335882] xa_store+0x31/0x50 [ 1124.336273] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.336825] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.337434] ? alloc_fd+0x2e7/0x670 [ 1124.337861] io_uring_setup+0x1fbb/0x2980 [ 1124.338343] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.338928] ? wait_for_completion_io+0x270/0x270 [ 1124.339492] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.340108] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.340702] do_syscall_64+0x33/0x40 [ 1124.341130] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.341718] RIP: 0033:0x7f6039043b19 [ 1124.342147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.344284] RSP: 002b:00007f60365b9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.345164] RAX: ffffffffffffffda RBX: 00007f6039156f60 RCX: 00007f6039043b19 [ 1124.345992] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.346824] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.347650] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.348491] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1124.357350] FAULT_INJECTION: forcing a failure. [ 1124.357350] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.359746] CPU: 0 PID: 7150 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1124.361024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.362573] Call Trace: [ 1124.363071] dump_stack+0x107/0x167 [ 1124.363746] should_fail.cold+0x5/0xa [ 1124.364469] ? xas_alloc+0x336/0x440 [ 1124.365165] should_failslab+0x5/0x20 [ 1124.365869] kmem_cache_alloc+0x5b/0x310 [ 1124.366629] xas_alloc+0x336/0x440 [ 1124.367289] xas_create+0x34a/0x10d0 [ 1124.367991] ? kernel_text_address+0xf2/0x120 [ 1124.368827] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.369793] xas_store+0x8c/0x1c40 [ 1124.370459] __xa_store+0x164/0x2d0 [ 1124.371127] ? xa_delete_node+0x280/0x280 [ 1124.371890] ? trace_hardirqs_on+0x5b/0x180 [ 1124.372695] xa_store+0x31/0x50 [ 1124.373303] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.374187] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.375147] ? alloc_fd+0x2e7/0x670 [ 1124.375820] io_uring_setup+0x1fbb/0x2980 [ 1124.376591] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.377521] ? wait_for_completion_io+0x270/0x270 [ 1124.378421] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.379380] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.380472] do_syscall_64+0x33/0x40 [ 1124.381312] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.382384] RIP: 0033:0x7fa2b71a6b19 [ 1124.383072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.386479] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.387877] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1124.389197] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.390504] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.391816] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.393134] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:03 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1124.446094] FAULT_INJECTION: forcing a failure. [ 1124.446094] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.448136] CPU: 0 PID: 7159 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1124.449358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.450838] Call Trace: [ 1124.451315] dump_stack+0x107/0x167 [ 1124.451975] should_fail.cold+0x5/0xa [ 1124.452660] ? xas_alloc+0x336/0x440 [ 1124.453328] should_failslab+0x5/0x20 [ 1124.454005] kmem_cache_alloc+0x5b/0x310 [ 1124.454734] xas_alloc+0x336/0x440 [ 1124.455374] xas_create+0x34a/0x10d0 [ 1124.456052] ? kernel_text_address+0xf2/0x120 [ 1124.456857] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.457793] xas_store+0x8c/0x1c40 [ 1124.458441] __xa_store+0x164/0x2d0 [ 1124.459091] ? xa_delete_node+0x280/0x280 [ 1124.459839] ? trace_hardirqs_on+0x5b/0x180 [ 1124.460623] xa_store+0x31/0x50 [ 1124.461213] __io_uring_add_tctx_node+0x1cf/0x520 [ 1124.462070] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1124.463001] ? alloc_fd+0x2e7/0x670 [ 1124.463658] io_uring_setup+0x1fbb/0x2980 [ 1124.464406] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1124.465313] ? wait_for_completion_io+0x270/0x270 [ 1124.466191] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.467126] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.468039] do_syscall_64+0x33/0x40 [ 1124.468696] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.469600] RIP: 0033:0x7fa304026b19 [ 1124.470258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1124.473457] RSP: 002b:00007fa30157b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1124.474801] RAX: ffffffffffffffda RBX: 00007fa30413a020 RCX: 00007fa304026b19 [ 1124.476071] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1124.477344] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1124.478600] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1124.479865] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 61) [ 1124.514387] FAULT_INJECTION: forcing a failure. [ 1124.514387] name failslab, interval 1, probability 0, space 0, times 0 [ 1124.515783] CPU: 1 PID: 7162 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1124.516597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1124.517571] Call Trace: [ 1124.517886] dump_stack+0x107/0x167 [ 1124.518315] should_fail.cold+0x5/0xa [ 1124.518761] ? vm_area_dup+0x78/0x290 [ 1124.519214] should_failslab+0x5/0x20 [ 1124.519663] kmem_cache_alloc+0x5b/0x310 [ 1124.520147] vm_area_dup+0x78/0x290 [ 1124.520579] ? lock_release+0x680/0x680 [ 1124.521047] ? mark_lock+0xf5/0x2df0 [ 1124.521491] ? lock_chain_count+0x20/0x20 [ 1124.521973] ? mark_lock+0xf5/0x2df0 [ 1124.522416] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.523028] ? lock_chain_count+0x20/0x20 [ 1124.523518] ? mark_lock+0xf5/0x2df0 [ 1124.523962] ? vm_area_alloc+0x110/0x110 [ 1124.524437] ? __lock_acquire+0x1657/0x5b00 [ 1124.524947] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1124.525560] ? vmacache_find+0x55/0x2a0 [ 1124.526028] __split_vma+0xa8/0x4e0 [ 1124.526456] __do_munmap+0x365/0x1260 [ 1124.526906] ? arch_get_unmapped_area+0x450/0x450 [ 1124.527481] ? lock_release+0x680/0x680 [ 1124.527949] mmap_region+0x7c8/0x1500 [ 1124.528404] do_mmap+0xcdb/0x11e0 [ 1124.528813] vm_mmap_pgoff+0x198/0x1f0 [ 1124.529273] ? randomize_page+0xb0/0xb0 [ 1124.529743] ksys_mmap_pgoff+0x41c/0x560 [ 1124.530217] ? find_mergeable_anon_vma+0x250/0x250 [ 1124.530803] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1124.531424] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1124.532029] do_syscall_64+0x33/0x40 [ 1124.532471] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1124.533067] RIP: 0033:0x7f6039043b62 [ 1124.533514] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1124.535679] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1124.536588] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1124.537433] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1124.538268] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1124.539102] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1124.539946] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:21 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 60) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:21 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:21 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:21 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 62) 21:36:21 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 60) 21:36:21 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:21 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 62) 21:36:21 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1142.646808] FAULT_INJECTION: forcing a failure. [ 1142.646808] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.647291] FAULT_INJECTION: forcing a failure. [ 1142.647291] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.649599] CPU: 1 PID: 7175 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1142.653884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.655771] Call Trace: [ 1142.656389] dump_stack+0x107/0x167 [ 1142.657233] should_fail.cold+0x5/0xa [ 1142.658102] ? ___slab_alloc+0x155/0x700 [ 1142.659032] ? create_object.isra.0+0x3a/0xa20 [ 1142.660080] should_failslab+0x5/0x20 [ 1142.660962] kmem_cache_alloc+0x5b/0x310 [ 1142.661886] create_object.isra.0+0x3a/0xa20 [ 1142.662888] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1142.664065] kmem_cache_alloc+0x159/0x310 [ 1142.665030] xas_alloc+0x336/0x440 [ 1142.665828] xas_create+0x34a/0x10d0 [ 1142.666680] ? kernel_text_address+0xf2/0x120 [ 1142.667703] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.668932] xas_store+0x8c/0x1c40 [ 1142.669747] __xa_store+0x164/0x2d0 [ 1142.670580] ? xa_delete_node+0x280/0x280 [ 1142.671532] ? trace_hardirqs_on+0x5b/0x180 [ 1142.672526] xa_store+0x31/0x50 [ 1142.673298] __io_uring_add_tctx_node+0x1cf/0x520 [ 1142.674386] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1142.675574] ? alloc_fd+0x2e7/0x670 [ 1142.676425] io_uring_setup+0x1fbb/0x2980 [ 1142.677381] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1142.678530] ? wait_for_completion_io+0x270/0x270 [ 1142.679642] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.680842] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.682015] do_syscall_64+0x33/0x40 [ 1142.682852] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.684025] RIP: 0033:0x7fa2b71a6b19 [ 1142.684878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1142.689010] RSP: 002b:00007fa2b471c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1142.690724] RAX: ffffffffffffffda RBX: 00007fa2b72b9f60 RCX: 00007fa2b71a6b19 [ 1142.692298] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1142.693858] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1142.695451] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1142.697169] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1142.699125] CPU: 0 PID: 7182 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1142.700085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.701183] Call Trace: [ 1142.701508] dump_stack+0x107/0x167 [ 1142.701947] should_fail.cold+0x5/0xa [ 1142.702407] ? create_object.isra.0+0x3a/0xa20 [ 1142.702966] should_failslab+0x5/0x20 [ 1142.703406] kmem_cache_alloc+0x5b/0x310 [ 1142.703882] ? mark_held_locks+0x9e/0xe0 [ 1142.704353] create_object.isra.0+0x3a/0xa20 [ 1142.704870] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1142.705462] kmem_cache_alloc+0x159/0x310 [ 1142.705952] xas_alloc+0x336/0x440 [ 1142.706366] xas_create+0x34a/0x10d0 [ 1142.706804] ? kernel_text_address+0xf2/0x120 [ 1142.707331] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.707938] xas_store+0x8c/0x1c40 [ 1142.707959] __xa_store+0x164/0x2d0 [ 1142.707974] ? xa_delete_node+0x280/0x280 [ 1142.707997] ? trace_hardirqs_on+0x5b/0x180 [ 1142.710181] xa_store+0x31/0x50 [ 1142.710565] __io_uring_add_tctx_node+0x1cf/0x520 [ 1142.711135] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1142.711751] ? alloc_fd+0x2e7/0x670 [ 1142.712182] io_uring_setup+0x1fbb/0x2980 [ 1142.712681] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1142.713269] ? wait_for_completion_io+0x270/0x270 [ 1142.713841] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.714460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.715057] do_syscall_64+0x33/0x40 [ 1142.715492] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.716088] RIP: 0033:0x7fa304026b19 [ 1142.716528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1142.718674] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1142.719554] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1142.720377] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1142.721216] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1142.722040] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1142.722867] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1142.727568] FAULT_INJECTION: forcing a failure. [ 1142.727568] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.728945] CPU: 0 PID: 7189 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1142.729753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.730733] Call Trace: [ 1142.731043] dump_stack+0x107/0x167 [ 1142.731474] should_fail.cold+0x5/0xa [ 1142.731922] ? vm_area_dup+0x78/0x290 [ 1142.732375] should_failslab+0x5/0x20 [ 1142.732827] kmem_cache_alloc+0x5b/0x310 [ 1142.733315] vm_area_dup+0x78/0x290 [ 1142.733741] ? lock_release+0x680/0x680 [ 1142.734208] ? mark_lock+0xf5/0x2df0 [ 1142.734649] ? lock_chain_count+0x20/0x20 [ 1142.735131] ? mark_lock+0xf5/0x2df0 [ 1142.735575] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.736188] ? lock_chain_count+0x20/0x20 [ 1142.736682] ? mark_lock+0xf5/0x2df0 [ 1142.737127] ? vm_area_alloc+0x110/0x110 [ 1142.737609] ? __lock_acquire+0x1657/0x5b00 [ 1142.738120] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.738736] ? vmacache_find+0x55/0x2a0 [ 1142.739204] __split_vma+0xa8/0x4e0 [ 1142.739632] __do_munmap+0x365/0x1260 [ 1142.740078] ? arch_get_unmapped_area+0x450/0x450 [ 1142.740658] ? lock_release+0x680/0x680 [ 1142.741120] mmap_region+0x7c8/0x1500 [ 1142.741577] do_mmap+0xcdb/0x11e0 [ 1142.741989] vm_mmap_pgoff+0x198/0x1f0 [ 1142.742450] ? randomize_page+0xb0/0xb0 [ 1142.742920] ksys_mmap_pgoff+0x41c/0x560 [ 1142.743407] ? find_mergeable_anon_vma+0x250/0x250 [ 1142.743981] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.744612] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.745219] do_syscall_64+0x33/0x40 [ 1142.745656] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.746263] RIP: 0033:0x7f6039043b62 [ 1142.746697] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1142.748877] RSP: 002b:00007f60365980f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1142.749774] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1142.750608] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1142.751447] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1142.752283] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1142.753127] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:21 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 63) [ 1142.776988] FAULT_INJECTION: forcing a failure. [ 1142.776988] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.778373] CPU: 0 PID: 7191 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1142.779175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.780146] Call Trace: [ 1142.780463] dump_stack+0x107/0x167 [ 1142.780896] should_fail.cold+0x5/0xa [ 1142.781342] ? create_object.isra.0+0x3a/0xa20 [ 1142.781876] should_failslab+0x5/0x20 [ 1142.782333] kmem_cache_alloc+0x5b/0x310 [ 1142.782829] create_object.isra.0+0x3a/0xa20 [ 1142.783342] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1142.783936] kmem_cache_alloc+0x159/0x310 [ 1142.784426] vm_area_dup+0x78/0x290 [ 1142.784867] ? lock_release+0x680/0x680 [ 1142.785334] ? mark_lock+0xf5/0x2df0 [ 1142.785770] ? lock_chain_count+0x20/0x20 [ 1142.786251] ? mark_lock+0xf5/0x2df0 [ 1142.786698] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.787313] ? lock_chain_count+0x20/0x20 [ 1142.787798] ? mark_lock+0xf5/0x2df0 [ 1142.788230] ? vm_area_alloc+0x110/0x110 [ 1142.788713] ? __lock_acquire+0x1657/0x5b00 [ 1142.789224] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.789832] ? vmacache_find+0x55/0x2a0 [ 1142.790297] __split_vma+0xa8/0x4e0 [ 1142.790721] __do_munmap+0x365/0x1260 [ 1142.791168] ? arch_get_unmapped_area+0x450/0x450 [ 1142.791728] ? lock_release+0x680/0x680 [ 1142.792190] mmap_region+0x7c8/0x1500 [ 1142.792653] do_mmap+0xcdb/0x11e0 [ 1142.793066] vm_mmap_pgoff+0x198/0x1f0 [ 1142.793524] ? randomize_page+0xb0/0xb0 [ 1142.793995] ksys_mmap_pgoff+0x41c/0x560 [ 1142.794470] ? find_mergeable_anon_vma+0x250/0x250 [ 1142.795040] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.795652] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.796251] do_syscall_64+0x33/0x40 [ 1142.796694] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.797295] RIP: 0033:0x7fe43d50db62 [ 1142.797727] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1142.799869] RSP: 002b:00007fe43aa620f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1142.800771] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1142.801619] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1142.802449] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1142.803283] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1142.804113] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1142.808841] FAULT_INJECTION: forcing a failure. [ 1142.808841] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.810185] CPU: 0 PID: 7196 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1142.810976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.811948] Call Trace: [ 1142.812255] dump_stack+0x107/0x167 [ 1142.812692] should_fail.cold+0x5/0xa [ 1142.813140] ? anon_vma_clone+0xdc/0x590 [ 1142.813617] should_failslab+0x5/0x20 [ 1142.814062] kmem_cache_alloc+0x5b/0x310 [ 1142.814541] anon_vma_clone+0xdc/0x590 [ 1142.814997] __split_vma+0x17c/0x4e0 [ 1142.815430] __do_munmap+0x365/0x1260 [ 1142.815873] ? arch_get_unmapped_area+0x450/0x450 [ 1142.816433] ? lock_release+0x680/0x680 [ 1142.816902] mmap_region+0x7c8/0x1500 [ 1142.817356] do_mmap+0xcdb/0x11e0 [ 1142.817761] vm_mmap_pgoff+0x198/0x1f0 [ 1142.818219] ? randomize_page+0xb0/0xb0 [ 1142.818686] ksys_mmap_pgoff+0x41c/0x560 [ 1142.819161] ? find_mergeable_anon_vma+0x250/0x250 [ 1142.819740] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.820350] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.820961] do_syscall_64+0x33/0x40 [ 1142.821395] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.821990] RIP: 0033:0x7f6039043b62 [ 1142.822423] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1142.824597] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1142.825498] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1142.826327] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1142.827158] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1142.827984] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1142.828831] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:21 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 64) [ 1142.862354] FAULT_INJECTION: forcing a failure. [ 1142.862354] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.863773] CPU: 0 PID: 7199 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1142.864580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.865548] Call Trace: [ 1142.865858] dump_stack+0x107/0x167 [ 1142.866280] should_fail.cold+0x5/0xa [ 1142.866722] ? create_object.isra.0+0x3a/0xa20 [ 1142.867253] should_failslab+0x5/0x20 [ 1142.867698] kmem_cache_alloc+0x5b/0x310 [ 1142.868171] create_object.isra.0+0x3a/0xa20 [ 1142.868682] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1142.869272] kmem_cache_alloc+0x159/0x310 [ 1142.869761] vm_area_dup+0x78/0x290 [ 1142.870185] ? lock_release+0x680/0x680 [ 1142.870645] ? mark_lock+0xf5/0x2df0 [ 1142.871082] ? lock_chain_count+0x20/0x20 [ 1142.871559] ? mark_lock+0xf5/0x2df0 [ 1142.871993] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.872623] ? lock_chain_count+0x20/0x20 [ 1142.873106] ? mark_lock+0xf5/0x2df0 [ 1142.873540] ? vm_area_alloc+0x110/0x110 [ 1142.874010] ? __lock_acquire+0x1657/0x5b00 [ 1142.874524] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.875147] ? vmacache_find+0x55/0x2a0 [ 1142.875608] __split_vma+0xa8/0x4e0 [ 1142.876031] __do_munmap+0x365/0x1260 [ 1142.876474] ? arch_get_unmapped_area+0x450/0x450 [ 1142.877049] ? lock_release+0x680/0x680 [ 1142.877524] mmap_region+0x7c8/0x1500 [ 1142.877975] do_mmap+0xcdb/0x11e0 [ 1142.878380] vm_mmap_pgoff+0x198/0x1f0 [ 1142.878833] ? randomize_page+0xb0/0xb0 [ 1142.879318] ksys_mmap_pgoff+0x41c/0x560 [ 1142.879790] ? find_mergeable_anon_vma+0x250/0x250 [ 1142.880371] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.880995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1142.881595] do_syscall_64+0x33/0x40 [ 1142.882029] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1142.882626] RIP: 0033:0x7f6039043b62 [ 1142.883060] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1142.885241] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1142.886139] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1142.886987] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1142.887839] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1142.888695] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1142.889537] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:21 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 61) 21:36:21 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 63) [ 1142.965777] FAULT_INJECTION: forcing a failure. [ 1142.965777] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.968135] CPU: 1 PID: 7204 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1142.969534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1142.971217] Call Trace: [ 1142.971756] dump_stack+0x107/0x167 [ 1142.972501] should_fail.cold+0x5/0xa [ 1142.973284] ? create_object.isra.0+0x3a/0xa20 [ 1142.974213] should_failslab+0x5/0x20 [ 1142.974984] kmem_cache_alloc+0x5b/0x310 [ 1142.975813] create_object.isra.0+0x3a/0xa20 [ 1142.976711] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1142.977743] kmem_cache_alloc+0x159/0x310 [ 1142.978594] vm_area_dup+0x78/0x290 [ 1142.979332] ? lock_release+0x680/0x680 [ 1142.980138] ? mark_lock+0xf5/0x2df0 [ 1142.980906] ? lock_chain_count+0x20/0x20 [ 1142.981749] ? mark_lock+0xf5/0x2df0 [ 1142.982509] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.983568] ? lock_chain_count+0x20/0x20 [ 1142.984402] ? mark_lock+0xf5/0x2df0 [ 1142.985167] ? vm_area_alloc+0x110/0x110 [ 1142.985421] FAULT_INJECTION: forcing a failure. [ 1142.985421] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.985983] ? __lock_acquire+0x1657/0x5b00 [ 1142.986019] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1142.989242] ? vmacache_find+0x55/0x2a0 [ 1142.990042] __split_vma+0xa8/0x4e0 [ 1142.990775] __do_munmap+0x365/0x1260 [ 1142.991542] ? arch_get_unmapped_area+0x450/0x450 [ 1142.992510] ? lock_release+0x680/0x680 [ 1142.993322] mmap_region+0x7c8/0x1500 [ 1142.994100] do_mmap+0xcdb/0x11e0 [ 1142.994806] vm_mmap_pgoff+0x198/0x1f0 [ 1142.995591] ? randomize_page+0xb0/0xb0 [ 1142.996403] ksys_mmap_pgoff+0x41c/0x560 [ 1142.997228] ? find_mergeable_anon_vma+0x250/0x250 [ 1142.998221] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1142.999272] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1143.000311] do_syscall_64+0x33/0x40 [ 1143.001067] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1143.002099] RIP: 0033:0x7fe43d50db62 [ 1143.002848] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1143.006539] RSP: 002b:00007fe43aa830f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1143.008054] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1143.009480] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1143.010899] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1143.012316] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1143.013739] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1143.015182] CPU: 0 PID: 7203 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1143.015998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1143.016985] Call Trace: [ 1143.017304] dump_stack+0x107/0x167 [ 1143.017740] should_fail.cold+0x5/0xa [ 1143.018192] ? ___slab_alloc+0x155/0x700 [ 1143.018670] ? create_object.isra.0+0x3a/0xa20 [ 1143.019209] should_failslab+0x5/0x20 [ 1143.019656] kmem_cache_alloc+0x5b/0x310 [ 1143.020133] create_object.isra.0+0x3a/0xa20 [ 1143.020654] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1143.021253] kmem_cache_alloc+0x159/0x310 [ 1143.021749] xas_alloc+0x336/0x440 [ 1143.022170] xas_create+0x34a/0x10d0 [ 1143.022614] ? kernel_text_address+0xf2/0x120 [ 1143.023147] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1143.023763] xas_store+0x8c/0x1c40 [ 1143.024188] __xa_store+0x164/0x2d0 [ 1143.024628] ? xa_delete_node+0x280/0x280 [ 1143.025119] ? trace_hardirqs_on+0x5b/0x180 [ 1143.025629] xa_store+0x31/0x50 [ 1143.026019] __io_uring_add_tctx_node+0x1cf/0x520 [ 1143.026587] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1143.027203] ? alloc_fd+0x2e7/0x670 [ 1143.027637] io_uring_setup+0x1fbb/0x2980 [ 1143.028128] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1143.028741] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1143.029360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1143.029966] do_syscall_64+0x33/0x40 [ 1143.030406] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1143.031009] RIP: 0033:0x7fa304026b19 [ 1143.031447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1143.033613] RSP: 002b:00007fa30159c108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1143.034506] RAX: ffffffffffffffda RBX: 00007fa304139f60 RCX: 00007fa304026b19 [ 1143.035346] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 000000000000620e [ 1143.036185] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1143.037027] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000140 [ 1143.037865] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:36 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 65) 21:36:36 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) dup3(r0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:36 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 62) [ 1157.814821] FAULT_INJECTION: forcing a failure. [ 1157.814821] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.816421] CPU: 0 PID: 7219 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1157.817365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.818484] Call Trace: [ 1157.818846] dump_stack+0x107/0x167 [ 1157.819347] should_fail.cold+0x5/0xa [ 1157.819878] ? vm_area_dup+0x78/0x290 [ 1157.820405] should_failslab+0x5/0x20 [ 1157.820929] kmem_cache_alloc+0x5b/0x310 [ 1157.821497] vm_area_dup+0x78/0x290 [ 1157.821998] ? lock_release+0x680/0x680 [ 1157.822546] ? mark_lock+0xf5/0x2df0 [ 1157.823065] ? lock_chain_count+0x20/0x20 [ 1157.823635] ? mark_lock+0xf5/0x2df0 [ 1157.824156] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.824873] ? lock_chain_count+0x20/0x20 [ 1157.825454] ? mark_lock+0xf5/0x2df0 [ 1157.825963] ? vm_area_alloc+0x110/0x110 [ 1157.826518] ? __lock_acquire+0x1657/0x5b00 [ 1157.827129] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.827845] ? vmacache_find+0x55/0x2a0 [ 1157.828387] __split_vma+0xa8/0x4e0 [ 1157.828885] __do_munmap+0x365/0x1260 [ 1157.829414] ? arch_get_unmapped_area+0x450/0x450 [ 1157.830077] ? lock_release+0x680/0x680 [ 1157.830621] mmap_region+0x7c8/0x1500 [ 1157.831151] do_mmap+0xcdb/0x11e0 [ 1157.831631] vm_mmap_pgoff+0x198/0x1f0 [ 1157.832167] ? randomize_page+0xb0/0xb0 [ 1157.832720] ksys_mmap_pgoff+0x41c/0x560 [ 1157.833474] ? find_mergeable_anon_vma+0x250/0x250 [ 1157.834568] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.835728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.836876] do_syscall_64+0x33/0x40 [ 1157.837722] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.838859] RIP: 0033:0x7fa2b71a6b62 [ 1157.839685] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1157.843766] RSP: 002b:00007fa2b471c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1157.845465] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa2b71a6b62 [ 1157.847050] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1157.848630] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1157.850224] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1157.851805] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1157.871536] FAULT_INJECTION: forcing a failure. [ 1157.871536] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.873426] FAULT_INJECTION: forcing a failure. [ 1157.873426] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.874448] CPU: 0 PID: 7224 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1157.878776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.880676] Call Trace: [ 1157.881298] dump_stack+0x107/0x167 [ 1157.882134] should_fail.cold+0x5/0xa [ 1157.883007] ? vm_area_alloc+0x1c/0x110 [ 1157.883916] ? vm_area_alloc+0x1c/0x110 [ 1157.884831] should_failslab+0x5/0x20 [ 1157.885715] kmem_cache_alloc+0x5b/0x310 [ 1157.886649] vm_area_alloc+0x1c/0x110 [ 1157.887517] mmap_region+0x97e/0x1500 [ 1157.888399] do_mmap+0xcdb/0x11e0 [ 1157.889212] vm_mmap_pgoff+0x198/0x1f0 [ 1157.890103] ? randomize_page+0xb0/0xb0 [ 1157.891023] ksys_mmap_pgoff+0x41c/0x560 [ 1157.891952] ? find_mergeable_anon_vma+0x250/0x250 [ 1157.893094] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.894293] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.895471] do_syscall_64+0x33/0x40 [ 1157.896323] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.897503] RIP: 0033:0x7f6039043b62 [ 1157.898353] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1157.902558] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1157.904295] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1157.905928] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1157.907555] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1157.909195] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1157.910825] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:36 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 61) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:36 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:36 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:36 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 64) 21:36:36 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1157.912497] CPU: 1 PID: 7225 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1157.914510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.916381] Call Trace: [ 1157.917046] dump_stack+0x107/0x167 [ 1157.917950] should_fail.cold+0x5/0xa [ 1157.918801] ? create_object.isra.0+0x3a/0xa20 [ 1157.919821] should_failslab+0x5/0x20 [ 1157.920669] kmem_cache_alloc+0x5b/0x310 [ 1157.921590] create_object.isra.0+0x3a/0xa20 [ 1157.922560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1157.923687] kmem_cache_alloc+0x159/0x310 [ 1157.924615] anon_vma_clone+0xdc/0x590 [ 1157.925500] __split_vma+0x17c/0x4e0 [ 1157.926335] __do_munmap+0x365/0x1260 [ 1157.927181] ? arch_get_unmapped_area+0x450/0x450 [ 1157.927207] ? lock_release+0x680/0x680 [ 1157.927231] mmap_region+0x7c8/0x1500 [ 1157.927267] do_mmap+0xcdb/0x11e0 [ 1157.930830] vm_mmap_pgoff+0x198/0x1f0 [ 1157.931703] ? randomize_page+0xb0/0xb0 [ 1157.932605] ksys_mmap_pgoff+0x41c/0x560 [ 1157.933530] ? find_mergeable_anon_vma+0x250/0x250 [ 1157.934624] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.935789] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.936937] do_syscall_64+0x33/0x40 [ 1157.937781] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.938919] RIP: 0033:0x7fe43d50db62 [ 1157.939746] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1157.943791] RSP: 002b:00007fe43aa830f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1157.945482] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1157.947058] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1157.948631] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1157.950215] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1157.951785] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1157.963049] FAULT_INJECTION: forcing a failure. [ 1157.963049] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.965576] CPU: 1 PID: 7227 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1157.967081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.968900] Call Trace: [ 1157.969507] dump_stack+0x107/0x167 [ 1157.970319] should_fail.cold+0x5/0xa [ 1157.971167] ? create_object.isra.0+0x3a/0xa20 [ 1157.972180] should_failslab+0x5/0x20 [ 1157.973024] kmem_cache_alloc+0x5b/0x310 [ 1157.973951] create_object.isra.0+0x3a/0xa20 [ 1157.974922] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1157.976049] kmem_cache_alloc+0x159/0x310 [ 1157.976975] vm_area_dup+0x78/0x290 [ 1157.977804] ? lock_release+0x680/0x680 [ 1157.978690] ? mark_lock+0xf5/0x2df0 [ 1157.979524] ? lock_chain_count+0x20/0x20 [ 1157.980440] ? mark_lock+0xf5/0x2df0 [ 1157.981290] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.982445] ? lock_chain_count+0x20/0x20 [ 1157.983372] ? mark_lock+0xf5/0x2df0 [ 1157.984201] ? vm_area_alloc+0x110/0x110 [ 1157.985123] ? __lock_acquire+0x1657/0x5b00 [ 1157.986103] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.987264] ? vmacache_find+0x55/0x2a0 [ 1157.988169] __split_vma+0xa8/0x4e0 [ 1157.988981] __do_munmap+0x365/0x1260 [ 1157.989846] ? arch_get_unmapped_area+0x450/0x450 [ 1157.990916] ? lock_release+0x680/0x680 [ 1157.991805] mmap_region+0x7c8/0x1500 [ 1157.992669] do_mmap+0xcdb/0x11e0 [ 1157.993469] vm_mmap_pgoff+0x198/0x1f0 [ 1157.994343] ? randomize_page+0xb0/0xb0 [ 1157.995244] ksys_mmap_pgoff+0x41c/0x560 [ 1157.996149] ? find_mergeable_anon_vma+0x250/0x250 [ 1157.997255] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.998418] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.999567] do_syscall_64+0x33/0x40 [ 1158.000399] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.001547] RIP: 0033:0x7fa304026b62 [ 1158.002372] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.006412] RSP: 002b:00007fa30157b0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.008093] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa304026b62 [ 1158.009676] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.011251] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.012830] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.014417] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:37 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 66) [ 1158.092775] FAULT_INJECTION: forcing a failure. [ 1158.092775] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.094324] CPU: 0 PID: 7232 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1158.095212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.096298] Call Trace: [ 1158.096648] dump_stack+0x107/0x167 [ 1158.097128] should_fail.cold+0x5/0xa [ 1158.097636] ? vm_area_alloc+0x1c/0x110 [ 1158.098162] should_failslab+0x5/0x20 [ 1158.098661] kmem_cache_alloc+0x5b/0x310 [ 1158.099193] vm_area_alloc+0x1c/0x110 [ 1158.099691] mmap_region+0x97e/0x1500 [ 1158.100197] do_mmap+0xcdb/0x11e0 [ 1158.100660] vm_mmap_pgoff+0x198/0x1f0 [ 1158.101177] ? randomize_page+0xb0/0xb0 [ 1158.101708] ksys_mmap_pgoff+0x41c/0x560 [ 1158.102235] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.102882] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.103573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.104249] do_syscall_64+0x33/0x40 [ 1158.104733] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.105406] RIP: 0033:0x7f6039043b62 [ 1158.105886] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.108277] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.109266] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1158.110193] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.111112] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.112034] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.112960] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:37 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 62) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 1158.136991] FAULT_INJECTION: forcing a failure. [ 1158.136991] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.138717] CPU: 0 PID: 7234 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1158.139638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.140757] Call Trace: [ 1158.141121] dump_stack+0x107/0x167 [ 1158.141612] should_fail.cold+0x5/0xa [ 1158.142125] ? create_object.isra.0+0x3a/0xa20 [ 1158.142739] should_failslab+0x5/0x20 [ 1158.143247] kmem_cache_alloc+0x5b/0x310 [ 1158.143792] create_object.isra.0+0x3a/0xa20 [ 1158.144383] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 21:36:37 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 63) [ 1158.145063] kmem_cache_alloc+0x159/0x310 [ 1158.145764] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1158.146474] vm_area_dup+0x78/0x290 [ 1158.146966] ? mark_lock+0xf5/0x2df0 [ 1158.147473] ? lock_chain_count+0x20/0x20 [ 1158.148032] ? mark_lock+0xf5/0x2df0 [ 1158.148534] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1158.149245] ? lock_chain_count+0x20/0x20 [ 1158.149799] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1158.150396] ? _raw_spin_unlock_irq+0x27/0x30 [ 1158.151006] ? mark_lock+0xf5/0x2df0 [ 1158.151507] ? vm_area_alloc+0x110/0x110 [ 1158.152054] ? lock_chain_count+0x20/0x20 [ 1158.152619] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1158.153312] ? vmacache_find+0x55/0x2a0 [ 1158.153828] __split_vma+0xa8/0x4e0 [ 1158.154301] __do_munmap+0x365/0x1260 [ 1158.154799] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.155449] ? trace_hardirqs_on+0x5b/0x180 [ 1158.156006] mmap_region+0x7c8/0x1500 [ 1158.156505] do_mmap+0xcdb/0x11e0 [ 1158.156956] vm_mmap_pgoff+0x198/0x1f0 [ 1158.157469] ? randomize_page+0xb0/0xb0 [ 1158.157992] ksys_mmap_pgoff+0x41c/0x560 [ 1158.158524] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.159161] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.159814] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.160493] do_syscall_64+0x33/0x40 [ 1158.160989] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.161663] RIP: 0033:0x7fa2b71a6b62 [ 1158.162127] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.164505] RSP: 002b:00007fa2b471c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.165496] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa2b71a6b62 [ 1158.166423] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.167306] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.168184] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.169062] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1158.172893] FAULT_INJECTION: forcing a failure. [ 1158.172893] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.174794] CPU: 1 PID: 7236 Comm: syz-executor.7 Not tainted 5.10.233 #1 [ 1158.175736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.176862] Call Trace: [ 1158.177263] dump_stack+0x107/0x167 [ 1158.177771] should_fail.cold+0x5/0xa [ 1158.178312] ? anon_vma_clone+0xdc/0x590 [ 1158.178874] should_failslab+0x5/0x20 [ 1158.179399] kmem_cache_alloc+0x5b/0x310 [ 1158.179960] anon_vma_clone+0xdc/0x590 [ 1158.180511] __split_vma+0x17c/0x4e0 [ 1158.181025] __do_munmap+0x365/0x1260 [ 1158.181578] ? arch_get_unmapped_area+0x450/0x450 [ 1158.182244] ? lock_release+0x680/0x680 [ 1158.182796] mmap_region+0x7c8/0x1500 [ 1158.183348] do_mmap+0xcdb/0x11e0 [ 1158.183836] vm_mmap_pgoff+0x198/0x1f0 [ 1158.184387] ? randomize_page+0xb0/0xb0 [ 1158.184946] ksys_mmap_pgoff+0x41c/0x560 [ 1158.185521] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.186213] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.186951] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.187663] do_syscall_64+0x33/0x40 [ 1158.188186] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.188903] RIP: 0033:0x7fa304026b62 [ 1158.189422] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.191968] RSP: 002b:00007fa30159c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.193013] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa304026b62 [ 1158.194000] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.194990] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.195994] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.197023] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:37 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 65) [ 1158.223777] FAULT_INJECTION: forcing a failure. [ 1158.223777] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.225289] CPU: 0 PID: 7238 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1158.226160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.227209] Call Trace: [ 1158.227547] dump_stack+0x107/0x167 [ 1158.228014] should_fail.cold+0x5/0xa [ 1158.228500] ? vm_area_alloc+0x1c/0x110 [ 1158.229004] should_failslab+0x5/0x20 [ 1158.229497] kmem_cache_alloc+0x5b/0x310 [ 1158.230015] vm_area_alloc+0x1c/0x110 [ 1158.230501] mmap_region+0x97e/0x1500 [ 1158.230996] do_mmap+0xcdb/0x11e0 [ 1158.231445] vm_mmap_pgoff+0x198/0x1f0 [ 1158.231939] ? randomize_page+0xb0/0xb0 [ 1158.232451] ksys_mmap_pgoff+0x41c/0x560 [ 1158.232964] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.233598] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.234264] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.234917] do_syscall_64+0x33/0x40 [ 1158.235391] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.236038] RIP: 0033:0x7fe43d50db62 [ 1158.236509] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.238850] RSP: 002b:00007fe43aa830f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.239809] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1158.240712] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.241621] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.242527] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.243427] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:37 executing program 1: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 67) 21:36:37 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x4ac1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) (fail_nth: 63) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r0, r1, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) 21:36:37 executing program 5: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 66) [ 1158.313776] FAULT_INJECTION: forcing a failure. [ 1158.313776] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1158.315278] CPU: 0 PID: 7241 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1158.316137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.317198] Call Trace: [ 1158.317533] dump_stack+0x107/0x167 [ 1158.317983] should_fail.cold+0x5/0xa [ 1158.318461] __alloc_pages_nodemask+0x182/0x600 [ 1158.319044] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1158.319803] ? walk_mem_res+0x170/0x170 [ 1158.320313] alloc_pages_current+0x187/0x280 [ 1158.320862] pte_alloc_one+0x16/0x1a0 [ 1158.321347] __pte_alloc+0x1d/0x330 [ 1158.321802] remap_pfn_range_internal+0x9a3/0xf60 [ 1158.322418] ? lookup_memtype+0x5b/0x200 [ 1158.322931] ? apply_to_existing_page_range+0x40/0x40 [ 1158.323594] remap_pfn_range+0xcd/0x160 [ 1158.324089] ? remap_pfn_range_notrack+0x70/0x70 [ 1158.324681] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1158.325329] io_uring_mmap+0x398/0x530 [ 1158.325819] mmap_file+0x5e/0xe0 [ 1158.326243] mmap_region+0xc49/0x1500 [ 1158.326725] do_mmap+0xcdb/0x11e0 [ 1158.327160] vm_mmap_pgoff+0x198/0x1f0 [ 1158.327643] ? randomize_page+0xb0/0xb0 [ 1158.328154] ksys_mmap_pgoff+0x41c/0x560 [ 1158.328637] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.329265] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.329915] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.330561] do_syscall_64+0x33/0x40 [ 1158.331023] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.331654] RIP: 0033:0x7f6039043b62 [ 1158.332117] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.334404] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.335342] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1158.336238] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.337141] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.338038] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 21:36:37 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 21:36:37 executing program 7: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (fail_nth: 64) [ 1158.338752] FAULT_INJECTION: forcing a failure. [ 1158.338752] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.338921] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1158.343553] CPU: 1 PID: 7242 Comm: syz-executor.6 Not tainted 5.10.233 #1 [ 1158.344987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.346735] Call Trace: [ 1158.347296] dump_stack+0x107/0x167 [ 1158.348065] should_fail.cold+0x5/0xa [ 1158.348871] ? anon_vma_clone+0xdc/0x590 [ 1158.349744] should_failslab+0x5/0x20 [ 1158.350544] kmem_cache_alloc+0x5b/0x310 [ 1158.351403] anon_vma_clone+0xdc/0x590 [ 1158.352229] __split_vma+0x17c/0x4e0 [ 1158.353021] __do_munmap+0x365/0x1260 [ 1158.353774] FAULT_INJECTION: forcing a failure. [ 1158.353774] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.353833] ? arch_get_unmapped_area+0x450/0x450 [ 1158.356141] ? lock_release+0x680/0x680 [ 1158.356983] mmap_region+0x7c8/0x1500 [ 1158.357833] do_mmap+0xcdb/0x11e0 [ 1158.358581] vm_mmap_pgoff+0x198/0x1f0 [ 1158.359419] ? randomize_page+0xb0/0xb0 [ 1158.360275] ksys_mmap_pgoff+0x41c/0x560 [ 1158.361155] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.362206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.363303] do_syscall_64+0x33/0x40 [ 1158.364100] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.365209] RIP: 0033:0x7fa2b71a6b62 [ 1158.366008] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.369922] RSP: 002b:00007fa2b471c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.371538] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa2b71a6b62 [ 1158.373058] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.374590] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.376106] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.377630] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1158.379170] CPU: 0 PID: 7245 Comm: syz-executor.5 Not tainted 5.10.233 #1 [ 1158.380029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.381049] Call Trace: [ 1158.381382] dump_stack+0x107/0x167 [ 1158.381824] should_fail.cold+0x5/0xa [ 1158.382287] ? create_object.isra.0+0x3a/0xa20 [ 1158.382859] should_failslab+0x5/0x20 [ 1158.383324] kmem_cache_alloc+0x5b/0x310 [ 1158.383824] create_object.isra.0+0x3a/0xa20 [ 1158.384356] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1158.384993] kmem_cache_alloc+0x159/0x310 [ 1158.385487] vm_area_alloc+0x1c/0x110 [ 1158.385948] mmap_region+0x97e/0x1500 [ 1158.386424] do_mmap+0xcdb/0x11e0 [ 1158.386851] vm_mmap_pgoff+0x198/0x1f0 [ 1158.387348] ? randomize_page+0xb0/0xb0 [ 1158.387868] ksys_mmap_pgoff+0x41c/0x560 [ 1158.388363] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.388967] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.389572] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.390194] do_syscall_64+0x33/0x40 [ 1158.390625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.391243] RIP: 0033:0x7fe43d50db62 [ 1158.391677] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.393937] RSP: 002b:00007fe43aa830f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.394872] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fe43d50db62 [ 1158.395749] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.396604] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.396611] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.396618] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1158.412360] ------------[ cut here ]------------ [ 1158.412962] WARNING: CPU: 0 PID: 7241 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270 [ 1158.414089] Modules linked in: [ 1158.414478] CPU: 0 PID: 7241 Comm: syz-executor.1 Not tainted 5.10.233 #1 [ 1158.415287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.416259] RIP: 0010:get_pat_info+0x216/0x270 [ 1158.416781] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 81 81 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 6a 81 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 f5 78 5a 00 e9 [ 1158.418920] RSP: 0018:ffff888050a67898 EFLAGS: 00010212 [ 1158.419549] RAX: 0000000000012f9e RBX: ffff88804f1c6500 RCX: ffffc900011ec000 [ 1158.420389] RDX: 0000000000040000 RSI: ffffffff81123696 RDI: 0000000000000007 [ 1158.421228] RBP: ffff888050a67950 R08: 0000000000000000 R09: ffff888050a67820 [ 1158.422042] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028 [ 1158.422879] R13: 1ffff1100a14cf13 R14: 0000000000000000 R15: ffff88804f1c6550 [ 1158.423723] FS: 00007f60365b9700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1158.427895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1158.430768] CR2: 000055d5d1a4f020 CR3: 0000000051bb0000 CR4: 0000000000350ef0 [ 1158.431672] Call Trace: [ 1158.431996] ? __warn+0xe2/0x1f0 [ 1158.432435] ? get_pat_info+0x216/0x270 [ 1158.432930] ? report_bug+0x1c1/0x210 [ 1158.433430] ? handle_bug+0x41/0x90 [ 1158.433872] ? exc_invalid_op+0x14/0x50 [ 1158.434383] ? asm_exc_invalid_op+0x12/0x20 [ 1158.434908] ? get_pat_info+0x216/0x270 [ 1158.435441] ? get_pat_info+0x216/0x270 [ 1158.435931] ? get_pat_info+0x216/0x270 [ 1158.436440] ? pgprot_writethrough+0xc0/0xc0 [ 1158.436977] ? finish_task_switch+0x126/0x5d0 [ 1158.437705] untrack_pfn+0xdc/0x240 [ 1158.438309] ? track_pfn_insert+0x150/0x150 [ 1158.439066] ? lock_downgrade+0x6d0/0x6d0 [ 1158.439699] ? uprobe_munmap+0x1c/0x560 [ 1158.440318] unmap_single_vma+0x1bc/0x300 [ 1158.440927] zap_page_range_single+0x2ce/0x450 [ 1158.441574] ? unmap_single_vma+0x300/0x300 [ 1158.442124] ? remap_pfn_range_internal+0xc56/0xf60 [ 1158.442782] ? lookup_memtype+0x5b/0x200 [ 1158.443322] ? apply_to_existing_page_range+0x40/0x40 [ 1158.443975] remap_pfn_range+0x139/0x160 [ 1158.444526] ? remap_pfn_range_notrack+0x70/0x70 [ 1158.445150] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1158.445815] io_uring_mmap+0x398/0x530 [ 1158.446336] mmap_file+0x5e/0xe0 [ 1158.446767] mmap_region+0xc49/0x1500 [ 1158.447276] do_mmap+0xcdb/0x11e0 [ 1158.447720] vm_mmap_pgoff+0x198/0x1f0 [ 1158.448234] ? randomize_page+0xb0/0xb0 [ 1158.448738] ksys_mmap_pgoff+0x41c/0x560 [ 1158.449284] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.449892] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.450573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.451239] do_syscall_64+0x33/0x40 [ 1158.451708] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.452376] RIP: 0033:0x7f6039043b62 [ 1158.452843] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.455170] RSP: 002b:00007f60365b90f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.456139] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f6039043b62 [ 1158.457031] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.457950] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.458859] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.459765] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 [ 1158.460684] irq event stamp: 1293 [ 1158.461145] hardirqs last enabled at (1303): [] console_unlock+0x92d/0xb40 [ 1158.462229] hardirqs last disabled at (1312): [] console_unlock+0x839/0xb40 [ 1158.463305] softirqs last enabled at (942): [] asm_call_irq_on_stack+0x12/0x20 [ 1158.464423] softirqs last disabled at (931): [] asm_call_irq_on_stack+0x12/0x20 [ 1158.465544] ---[ end trace 91a6a2547d3f5e6a ]--- [ 1158.494258] FAULT_INJECTION: forcing a failure. [ 1158.494258] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.496702] CPU: 1 PID: 7249 Comm: syz-executor.7 Tainted: G W 5.10.233 #1 [ 1158.498422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1158.500147] Call Trace: [ 1158.500711] dump_stack+0x107/0x167 [ 1158.501499] should_fail.cold+0x5/0xa [ 1158.502301] ? create_object.isra.0+0x3a/0xa20 [ 1158.503258] should_failslab+0x5/0x20 [ 1158.504066] kmem_cache_alloc+0x5b/0x310 [ 1158.504941] create_object.isra.0+0x3a/0xa20 [ 1158.505868] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1158.506944] kmem_cache_alloc+0x159/0x310 [ 1158.507829] anon_vma_clone+0xdc/0x590 [ 1158.508662] __split_vma+0x17c/0x4e0 [ 1158.509454] __do_munmap+0x365/0x1260 [ 1158.510257] ? arch_get_unmapped_area+0x450/0x450 [ 1158.511281] ? lock_release+0x680/0x680 [ 1158.512133] mmap_region+0x7c8/0x1500 [ 1158.512942] do_mmap+0xcdb/0x11e0 [ 1158.513691] vm_mmap_pgoff+0x198/0x1f0 [ 1158.514511] ? randomize_page+0xb0/0xb0 [ 1158.515367] ksys_mmap_pgoff+0x41c/0x560 [ 1158.516227] ? find_mergeable_anon_vma+0x250/0x250 [ 1158.517272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1158.518369] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1158.519453] do_syscall_64+0x33/0x40 [ 1158.520239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1158.521318] RIP: 0033:0x7fa304026b62 [ 1158.522109] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1158.526036] RSP: 002b:00007fa30159c0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1158.527655] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fa304026b62 [ 1158.529205] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffb000 [ 1158.530742] RBP: 0000000020ffb000 R08: 0000000000000005 R09: 0000000000000000 [ 1158.532276] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1158.533812] R13: 0000000020ffc000 R14: 0000000020000100 R15: 0000000020ffb000 21:36:37 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid}, {@version_9p2000}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000340)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}, 0x40010002) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f00000004c0)) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0x401054d6, 0x0) r3 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000000140)={{r3}, {@void, @max}}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) VM DIAGNOSIS: 21:36:37 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822ddc7c RDI=ffffffff879f1140 RBP=ffffffff879f1100 RSP=ffff888050a67248 R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000001 R12=0000000000000020 R13=fffffbfff0f3e275 R14=fffffbfff0f3e22a R15=dffffc0000000000 RIP=ffffffff822ddcd0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f60365b9700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055d5d1a4f020 CR3=0000000051bb0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000ff0000 XMM01=6a6e695f31313230385f7a7973006273 XMM02=000000000000000000ffffffff000000 XMM03=00007f603912a7c800007f603912a7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ae551e7f7e44cb96 RCX=ffff8880467ef548 RDX=1ffff11009445aff RSI=0000000000000000 RDI=ffff88804a22d7f8 RBP=1ffff11008cfdea1 RSP=ffff8880467ef4f8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000001 R13=0000000000000002 R14=ffff88804a22d800 R15=ffff88804a22cec0 RIP=ffffffff812749c7 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555bec6400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa3040a6547 CR3=0000000050cdc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000