000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x0) [ 2474.488274] FAT-fs (loop7): bogus logical sector size 518 [ 2474.489111] FAT-fs (loop7): Can't find a valid FAT filesystem 14:13:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:13:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x3000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:13:48 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x7400000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:13:48 executing program 3: stat(&(0x7f0000000340)='.\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) r1 = fork() ptrace(0x10, r1) syz_mount_image$ext4(0x0, &(0x7f0000000380)='./file1/file0\x00', 0x400000000fffb, 0x0, 0x0, 0x40c19, 0x0) setxattr$security_selinux(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000080)='system_u:object_r:sulogin_exec_t:s0\x00', 0xf, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000240)={&(0x7f0000000140)=""/230, 0xe6}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f00000003c0), 0x6e, &(0x7f0000002580)=[{&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/187, 0xbb}, {&(0x7f0000000280)}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)}, {&(0x7f0000002540)=""/57, 0x39}], 0x6, &(0x7f0000002600)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}, {{&(0x7f0000002700), 0x6e, &(0x7f0000002980)=[{&(0x7f0000002780)=""/209, 0xd1}, {&(0x7f0000002880)=""/231, 0xe7}], 0x2, &(0x7f00000029c0)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}], 0x2, 0x2020, 0x0) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000100)={0x440, 0x4007fe, 0xfffff801, 0x3, 0x1a, "1b0d582d09fe979c13aa0595accdd3f733f9e8"}) 14:13:48 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xf9fdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:13:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x10000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:13:48 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617407020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:13:48 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x0) [ 2488.165112] FAT-fs (loop2): bogus number of reserved sectors [ 2488.166094] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2488.249450] FAT-fs (loop7): bogus logical sector size 519 [ 2488.250313] FAT-fs (loop7): Can't find a valid FAT filesystem 14:13:48 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000a40), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000000)=0x1, 0x4) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x94, 0x0, 0x81, 0x0, 0x0, 0x0, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x2}, 0x10088, 0x0, 0xfffffffe, 0x0, 0x0, 0xffffdffa}, 0x0, 0x0, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x9, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000380)={0x6, 'gre0\x00', {0x7fff}, 0x20}) munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) syz_io_uring_setup(0x29af, &(0x7f0000000040)={0x0, 0x0, 0x20, 0x400001, 0x3df, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0xa0100, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000140), &(0x7f0000000a80)=ANY=[@ANYBLOB="e6023600410008005133fec0cefcedccc159540e87e8604062e849456dc3026fc72706b110464b3d6294265da8c2e2b55681e2d10d69c19cc92a89e0e801002d49bcf41c215ba94446d4e47c5c000af61edf63cc21ce45d5c9c39758cb188602a31173750e60a0ab5fcabf1c15ff49ec57c6f3ee9ceda34cc0e02aeac038b1aa05092e462078889727301f618d83794c58bce24382f44b484e7b1cb9af4601173fad890ea6ceb30d21aeff6054c178bb5dccc7b67bc6278abb52f35ca955b50a0547ea3809a5799087f79099e5fd6da157013d49984d8652da7a02d807a804406e3247e605ad8d9c4c750276e3d4644b1d593138b452c040cf93d322c8fe70515ff96c0445360282b9cbc6c150b86d3917041b12246ed2874436afdbeb6efa3d0f6781e66905f5ec1f00000000000000b49061cfd61110abc04a933fcd0608d957e3444f6caa2e389339f848abc98095a104572ed7b33c31dc555997003f8e899d3b855c177a8917e5dbfecba3953609a84b9b03dbb3f3687d323d25bc68766d475f45d59e870de5309f7089f169b13e9b97d09aa29e55017b9b8af2d2586ecea268e7f9472e6774f18a93f453f91e52169c6f70cf79bacee1617741144e5ce95c0c729b25f358518e00610f10246e529ff1fa1efcce3dd2d880f1657e334c9b7cc7e1d0c7701d8cefda70157f53216a4b2da18b01630f0543187861980e74dd7d35bfd5735a442cda43ff350fb1d73d998fb35d050aebd2186fde819f18c2c00fcd8f34814c509e9b9178ab2e4d04f2608577bb1c2b91e4ef41afa229830381712f33fdcba63cccd1db1a2a2349f2b7dab61e0000005ce4fad2d41e7e74cfaa24d6223b907a53ad3134000000000000000000000000560000000000000000000000000000000011959b4f80ce68f984a31bdc719af87c4caeed17b19235f87fe2d407b1937716effd14016bce5e05b293587796f35c2f7ba434ded1d8f82d92b81e9a690ab5a88f45ba8c9855d1f12a991bdacd39ded3b6468420de46295cb269fe9cb2bd9311c772122b34a068f206e22cb4ad4c12373a319285e863fa85c07fc2a09fcc96"], 0x54, 0x1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000680)={0x2, 0x4, 0x1, 'queue0\x00', 0x5}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x50, r1, 0xec4000) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x180, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xb) move_pages(0x0, 0xa, &(0x7f0000000200)=[&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000280)=[0xd52], &(0x7f0000000300)=[0x0, 0x0], 0x4) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 14:14:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$nfs4(0x0, &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) openat(r0, &(0x7f0000000140)='./mnt\x00', 0x200, 0x100) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x2, 0x81, 0x7, 0xff, 0x0, 0x6, 0x10000, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_bp, 0x15505, 0x9, 0xff, 0xe, 0x1, 0xfffeffff, 0x3, 0x0, 0x9, 0x0, 0x1}, 0xffffffffffffffff, 0x8, r1, 0x2) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f0000000040)='./file0/file0\x00') 14:14:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617408020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x12000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2502.161394] FAT-fs (loop2): bogus number of reserved sectors [ 2502.162186] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x4000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:02 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfcfdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:02 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x7800000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2502.222368] FAT-fs (loop7): bogus logical sector size 520 [ 2502.223133] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:02 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)={0x14, 0x1a, 0x69844ea0a6ddcd11}, 0x14}}, 0x0) readv(r1, &(0x7f0000001080)=[{&(0x7f0000000000)=""/15, 0xf}], 0x1) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x0, 0x80, 0x0, 0x4, 0x0, 0x3b}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x20) set_mempolicy(0x0, &(0x7f00000000c0), 0x7fff) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', 0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, &(0x7f0000000440)=ANY=[@ANYRESOCT], 0x2f) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000000)=@updsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@local}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}, 0xf0}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) wait4(0x0, 0x0, 0x0, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = fork() waitid(0x2, r4, &(0x7f00000001c0), 0x2, 0x0) wait4(0x0, 0x0, 0x8, &(0x7f0000000480)) syz_open_procfs(r4, &(0x7f0000000140)='net/ipv6_route\x00') [ 2502.326253] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.3'. 14:14:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x5000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:02 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfdfdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x21030000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740b020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2502.365592] FAT-fs (loop2): bogus number of reserved sectors [ 2502.366453] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:02 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x7a00000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:02 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 1) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2502.403531] FAULT_INJECTION: forcing a failure. [ 2502.403531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2502.405337] CPU: 0 PID: 14190 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2502.406240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2502.407321] Call Trace: [ 2502.407694] dump_stack+0x107/0x167 [ 2502.408172] should_fail.cold+0x5/0xa [ 2502.408675] _copy_from_user+0x2e/0x1b0 [ 2502.409218] ext4_ioc_getfsmap+0xd0/0x620 [ 2502.409778] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2502.410399] ? find_held_lock+0x2c/0x110 [ 2502.410957] ? avc_has_extended_perms+0x675/0xf40 [ 2502.411636] ? avc_has_extended_perms+0x7f1/0xf40 [ 2502.412270] ? __lock_acquire+0xbb1/0x5b00 [ 2502.412826] ? avc_ss_reset+0x180/0x180 [ 2502.413352] ? lock_downgrade+0x6d0/0x6d0 [ 2502.413896] __ext4_ioctl+0x8ad/0x4190 [ 2502.414414] ? ext4_reset_inode_seed+0x450/0x450 [ 2502.415032] ? perf_trace_lock+0xac/0x490 [ 2502.415592] ? SOFTIRQ_verbose+0x10/0x10 [ 2502.416137] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2502.416884] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2502.417560] ? do_vfs_ioctl+0x283/0x10d0 [ 2502.418090] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2502.418771] ? generic_block_fiemap+0x60/0x60 [ 2502.419355] ? lock_downgrade+0x6d0/0x6d0 [ 2502.419913] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2502.420547] ? wait_for_completion_io+0x270/0x270 [ 2502.421181] ? selinux_file_ioctl+0xb6/0x270 [ 2502.421757] ? __ext4_ioctl+0x4190/0x4190 [ 2502.422299] __x64_sys_ioctl+0x19a/0x210 [ 2502.422829] do_syscall_64+0x33/0x40 [ 2502.423316] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2502.424012] RIP: 0033:0x7f4e27e8db19 [ 2502.424499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.426892] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2502.427897] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2502.428825] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2502.429756] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 14:14:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2502.430681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2502.431623] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2502.444303] FAT-fs (loop7): bogus logical sector size 523 [ 2502.445060] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x7000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2502.500008] FAT-fs (loop2): bogus number of reserved sectors [ 2502.500765] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x3f000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617418020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:02 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfeffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2502.647348] FAT-fs (loop7): bogus logical sector size 536 [ 2502.648142] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:19 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 2) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2518.870622] FAULT_INJECTION: forcing a failure. [ 2518.870622] name failslab, interval 1, probability 0, space 0, times 0 [ 2518.872203] CPU: 1 PID: 14236 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2518.873089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2518.874144] Call Trace: [ 2518.874493] dump_stack+0x107/0x167 [ 2518.874974] should_fail.cold+0x5/0xa [ 2518.875484] ? ext4_getfsmap_datadev+0x6d7/0x25d0 14:14:19 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)={0x14, 0x1a, 0x69844ea0a6ddcd11}, 0x14}}, 0x0) readv(r1, &(0x7f0000001080)=[{&(0x7f0000000000)=""/15, 0xf}], 0x1) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x0, 0x80, 0x0, 0x4, 0x0, 0x3b}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x20) set_mempolicy(0x0, &(0x7f00000000c0), 0x7fff) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', 0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, &(0x7f0000000440)=ANY=[@ANYRESOCT], 0x2f) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000000)=@updsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@local}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}, 0xf0}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) wait4(0x0, 0x0, 0x0, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = fork() waitid(0x2, r4, &(0x7f00000001c0), 0x2, 0x0) wait4(0x0, 0x0, 0x8, &(0x7f0000000480)) syz_open_procfs(r4, &(0x7f0000000140)='net/ipv6_route\x00') 14:14:19 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xff0f000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x8000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:19 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8cffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:19 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x64000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:19 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661741c020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2518.876157] should_failslab+0x5/0x20 [ 2518.876667] kmem_cache_alloc_trace+0x55/0x320 [ 2518.877581] ? ext4_get_group_desc+0x2a0/0x560 [ 2518.878228] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2518.878850] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2518.879543] ? do_swap+0x134/0x210 [ 2518.880015] ? sort_r+0x239/0x360 [ 2518.880844] ? ext4_file_open+0xa50/0xa50 [ 2518.881394] ext4_getfsmap+0x695/0x990 [ 2518.881904] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2518.882600] ? ext4_fsmap_to_internal+0x260/0x260 [ 2518.883225] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2518.883920] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2518.885418] ext4_ioc_getfsmap+0x2b0/0x620 [ 2518.886709] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2518.888107] ? find_held_lock+0x2c/0x110 [ 2518.889366] ? avc_has_extended_perms+0x675/0xf40 [ 2518.890874] ? lock_downgrade+0x6d0/0x6d0 [ 2518.892146] __ext4_ioctl+0x8ad/0x4190 [ 2518.893339] ? ext4_reset_inode_seed+0x450/0x450 [ 2518.894787] ? perf_trace_lock+0xac/0x490 [ 2518.896048] ? SOFTIRQ_verbose+0x10/0x10 [ 2518.897328] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2518.899072] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2518.900714] ? do_vfs_ioctl+0x283/0x10d0 [ 2518.901945] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2518.903536] ? generic_block_fiemap+0x60/0x60 [ 2518.904924] ? lock_downgrade+0x6d0/0x6d0 [ 2518.906188] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2518.907660] ? wait_for_completion_io+0x270/0x270 [ 2518.909117] ? selinux_file_ioctl+0xb6/0x270 [ 2518.910421] ? __ext4_ioctl+0x4190/0x4190 [ 2518.911687] __x64_sys_ioctl+0x19a/0x210 [ 2518.912909] do_syscall_64+0x33/0x40 [ 2518.914024] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2518.915601] RIP: 0033:0x7f4e27e8db19 [ 2518.916755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2518.922311] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2518.924288] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.3'. [ 2518.924619] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2518.924631] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2518.924647] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2518.932428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2518.934591] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2518.984012] FAT-fs (loop2): bogus number of reserved sectors [ 2518.986109] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2518.987133] FAT-fs (loop7): bogus logical sector size 540 [ 2518.987847] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xeffdffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:19 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617466020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:19 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x66a20000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2519.122575] FAT-fs (loop7): bogus logical sector size 614 [ 2519.123775] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:19 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xeb2f000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:19 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfffdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2519.176818] FAT-fs (loop2): bogus number of reserved sectors [ 2519.177720] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfcfdffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:19 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 3) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2519.444558] FAULT_INJECTION: forcing a failure. [ 2519.444558] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.446350] CPU: 0 PID: 14296 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2519.447253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.448388] Call Trace: [ 2519.448743] dump_stack+0x107/0x167 [ 2519.449257] should_fail.cold+0x5/0xa [ 2519.449762] ? create_object.isra.0+0x3a/0xa20 [ 2519.450368] should_failslab+0x5/0x20 [ 2519.450869] kmem_cache_alloc+0x5b/0x310 [ 2519.451404] ? lock_downgrade+0x6d0/0x6d0 [ 2519.451949] create_object.isra.0+0x3a/0xa20 [ 2519.452553] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2519.453227] kmem_cache_alloc_trace+0x151/0x320 [ 2519.453841] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2519.454470] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2519.455172] ? do_swap+0x134/0x210 [ 2519.455639] ? sort_r+0x239/0x360 [ 2519.456111] ? ext4_file_open+0xa50/0xa50 [ 2519.456672] ext4_getfsmap+0x695/0x990 [ 2519.457192] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2519.457895] ? ext4_fsmap_to_internal+0x260/0x260 [ 2519.458529] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2519.459226] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2519.459940] ext4_ioc_getfsmap+0x2b0/0x620 [ 2519.460555] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2519.461183] ? find_held_lock+0x2c/0x110 [ 2519.461720] ? avc_has_extended_perms+0x675/0xf40 [ 2519.462384] ? lock_downgrade+0x6d0/0x6d0 [ 2519.462931] __ext4_ioctl+0x8ad/0x4190 [ 2519.463449] ? ext4_reset_inode_seed+0x450/0x450 [ 2519.468113] ? perf_trace_lock+0xac/0x490 [ 2519.468685] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2519.469484] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2519.470187] ? do_vfs_ioctl+0x283/0x10d0 [ 2519.470714] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2519.471397] ? generic_block_fiemap+0x60/0x60 [ 2519.471979] ? lock_downgrade+0x6d0/0x6d0 [ 2519.472540] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.473217] ? wait_for_completion_io+0x270/0x270 [ 2519.473855] ? selinux_file_ioctl+0xb6/0x270 [ 2519.474462] ? __ext4_ioctl+0x4190/0x4190 [ 2519.475001] __x64_sys_ioctl+0x19a/0x210 [ 2519.475532] do_syscall_64+0x33/0x40 [ 2519.476019] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.476700] RIP: 0033:0x7f4e27e8db19 [ 2519.477226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.479662] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2519.480668] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2519.481649] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2519.482612] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.483540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2519.484485] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:14:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfefdffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x81020000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400030801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffff1f0000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xf0ffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:34 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:14:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2533.924614] FAULT_INJECTION: forcing a failure. [ 2533.924614] name failslab, interval 1, probability 0, space 0, times 0 [ 2533.926373] CPU: 1 PID: 14314 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2533.927235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2533.928273] Call Trace: [ 2533.928636] dump_stack+0x107/0x167 [ 2533.929116] should_fail.cold+0x5/0xa [ 2533.929600] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 2533.930211] should_failslab+0x5/0x20 [ 2533.930691] kmem_cache_alloc_trace+0x55/0x320 [ 2533.931267] ? ext4_bg_num_gdb+0x172/0x250 [ 2533.931801] ext4_getfsmap_datadev+0x86d/0x25d0 [ 2533.932399] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2533.933091] ? do_swap+0x134/0x210 [ 2533.933540] ? sort_r+0x239/0x360 [ 2533.933977] ? ext4_file_open+0xa50/0xa50 [ 2533.934503] ext4_getfsmap+0x695/0x990 [ 2533.934992] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2533.935667] ? ext4_fsmap_to_internal+0x260/0x260 [ 2533.936274] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2533.936968] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2533.937658] ext4_ioc_getfsmap+0x2b0/0x620 [ 2533.938190] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2533.938765] ? find_held_lock+0x2c/0x110 [ 2533.939284] ? avc_has_extended_perms+0x675/0xf40 [ 2533.939925] ? lock_downgrade+0x6d0/0x6d0 [ 2533.940451] __ext4_ioctl+0x8ad/0x4190 [ 2533.940967] ? ext4_reset_inode_seed+0x450/0x450 [ 2533.941565] ? perf_trace_lock+0xac/0x490 [ 2533.942087] ? SOFTIRQ_verbose+0x10/0x10 [ 2533.942610] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2533.943333] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2533.943984] ? do_vfs_ioctl+0x283/0x10d0 [ 2533.944494] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2533.945168] ? generic_block_fiemap+0x60/0x60 [ 2533.945732] ? lock_downgrade+0x6d0/0x6d0 [ 2533.946260] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2533.946867] ? wait_for_completion_io+0x270/0x270 [ 2533.947480] ? selinux_file_ioctl+0xb6/0x270 [ 2533.948035] ? __ext4_ioctl+0x4190/0x4190 [ 2533.948561] __x64_sys_ioctl+0x19a/0x210 [ 2533.949093] do_syscall_64+0x33/0x40 [ 2533.949563] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2533.950206] RIP: 0033:0x7f4e27e8db19 [ 2533.950674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2533.952997] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2533.953953] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2533.954846] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2533.955739] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2533.956632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2533.957543] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2533.969561] FAT-fs (loop7): bogus logical sector size 768 [ 2533.970370] FAT-fs (loop7): Can't find a valid FAT filesystem [ 2533.971811] FAT-fs (loop2): bogus number of reserved sectors [ 2533.972707] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffff7f00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffdef, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400060801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:34 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000000)=0x4aafe7d, 0x4) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x62, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x3, 0x0}, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000000)=@updsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@local}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}, 0xf0}}, 0x0) recvmmsg(r1, &(0x7f0000003040)=[{{&(0x7f00000000c0)=@qipcrtr, 0x80, &(0x7f00000012c0)=[{&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000000180)=""/127, 0x7f}, {&(0x7f0000000200)=""/160, 0xa0}, {&(0x7f00000002c0)=""/4096, 0x1000}], 0x4, &(0x7f0000001300)=""/131, 0x83}, 0x3}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000013c0)=""/234, 0xea}, {&(0x7f00000014c0)=""/186, 0xba}, {&(0x7f0000001580)=""/160, 0xa0}, {&(0x7f0000001640)=""/57, 0x39}], 0x4, &(0x7f00000016c0)=""/122, 0x7a}, 0x1}, {{&(0x7f0000001740)=@nfc, 0x80, &(0x7f0000002cc0)=[{&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f00000027c0)=""/188, 0xbc}, {&(0x7f0000002880)=""/192, 0xc0}, {&(0x7f0000002940)=""/189, 0xbd}, {&(0x7f0000002a00)=""/44, 0x2c}, {&(0x7f0000002a40)=""/3, 0x3}, {&(0x7f0000002a80)=""/101, 0x65}, {&(0x7f0000002b00)=""/156, 0x9c}, {&(0x7f0000002bc0)=""/51, 0x33}, {&(0x7f0000002c00)=""/142, 0x8e}], 0xa}, 0x47}, {{&(0x7f0000002d80)=@sco, 0x80, &(0x7f0000002f00)=[{&(0x7f0000002e00)=""/247, 0xf7}], 0x1, &(0x7f0000002f40)=""/193, 0xc1}}], 0x4, 0x10141, 0x0) [ 2534.065204] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.3'. 14:14:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xf6ffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xf4ffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2534.112174] FAT-fs (loop7): bogus logical sector size 1536 [ 2534.113213] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:34 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) close(r0) r1 = accept4$unix(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x80000) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000140)={0x0, 0x22817bbe, 0x7fff, 0x8}) name_to_handle_at(r0, &(0x7f0000000180)='./file1\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="1400000001000000399b70e17a2d6c07d9194345ffce6639bc88fa60"], &(0x7f0000000200), 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) io_setup(0x5, &(0x7f0000000000)=0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r2, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000340)="d0", 0x1, 0x8000}]) ioctl$HIDIOCGFLAG(r3, 0x8004480e, &(0x7f00000001c0)) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r3}, './file1\x00'}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x4c) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000001) 14:14:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2534.261420] FAT-fs (loop2): bogus number of reserved sectors [ 2534.262260] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffdfc, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:48 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xf9fdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:48 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0xfff, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_io_uring_complete(0x0) unlinkat(r0, &(0x7f0000000500)='./file1\x00', 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={[{@uid={'uid', 0x3d, r2}}]}) r3 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x80, 0x3, &(0x7f0000000400)=[{&(0x7f0000000140)="c79e8cc0c86e4552fa5ade5b9628e861a9f53852d2c660d82cc08e866934853a47cf1be4e06a5e5040fbd6010dd1b158229a44f9a660ea0b8830c3193ca8dc1f21e2b95611123686067d6c75122349c304ed8786ccc55c7a41c0975374c25716544890df2b68bb39e4713b1176ccde241bc45612baec8504b423c270ab8393158b87ca18093361276f3db0736201e487e91dd276c370ec7c797ca14b8a169beff44b949fdaceee8a0f8ba2d797f358f620d3ddb8740f77440c58c871e05d367edc25ef2bb9e731edb675488058af884ca4705ffad1359b8448277aee43866c7e6beece", 0xe3, 0xfffffffffffffffb}, {&(0x7f0000000240)="d571100f1ad67c6f8df72c85b6fb12e228058e0157c4b196aa611f1ff2252748a1ae2f9efb8211037b0c698a3b10740e0a7613660a0fc64ad5d9b31cc55b61446975abf03f7c0cf4ce1b2c3a78b8b5a63ea8cad55b91bb3d87ddab1d8601a64d5d61ba3d7c91e4550d9b0aad1c1bb786ca64894659f1af13410cfa985ac42bc9871bb43c23dfbff18b440f5a4bb58afbb45aa288134050f88949915e0ca4951975187e4dfb85e1ebc35c50b855a98516fa6ba4e254076b6b75599e7054b6b229f2ea2b69e0f4481296f4f740967174466f880a64e7cb684cb7c0f4220d85068efeffbf73e80cbc559100ac7a251b2b193fcc", 0xf2, 0x6}, {&(0x7f0000000380)="2e4315a1f8e053c871ffcb37c9a9c8010f207b5083006849ac4f767f6605c38c825511f5e4275f1245e46acc9d0144967eb83757ea03674fe92814ccb9e289193bbe2423831353f1a1eb1e7628e15b3ff3ef761759f10c79", 0x58, 0x40}], 0x180c09, &(0x7f00000005c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r2, @ANYBLOB="2c696f636861727365743d69736f383835392d392c90d2817763d201757466383d302c73686f72746e616d653d77696e39352c6e6e6f6e756d7461696c3d312c696f636861727365743d63703835352c66736d616769633d3078303030303030303030303030303030362c736d61636b6673726f6f743d2a2f292c00"]) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x4010, r3, 0x1193f000) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.id\x00') 14:14:48 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 5) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:14:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xf5ffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:48 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:48 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400070801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2548.759032] tmpfs: Bad value for 'uid' [ 2548.774940] FAT-fs (loop2): bogus number of reserved sectors [ 2548.775866] tmpfs: Bad value for 'uid' [ 2548.775989] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2548.803631] FAULT_INJECTION: forcing a failure. [ 2548.803631] name failslab, interval 1, probability 0, space 0, times 0 [ 2548.805368] CPU: 1 PID: 14383 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2548.806236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2548.807272] Call Trace: [ 2548.807608] dump_stack+0x107/0x167 [ 2548.808069] should_fail.cold+0x5/0xa [ 2548.808554] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 2548.809166] should_failslab+0x5/0x20 [ 2548.809675] kmem_cache_alloc_trace+0x55/0x320 [ 2548.810250] ? ext4_bg_num_gdb+0x172/0x250 [ 2548.810781] ext4_getfsmap_datadev+0x86d/0x25d0 [ 2548.811379] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2548.812049] ? do_swap+0x134/0x210 [ 2548.812496] ? sort_r+0x239/0x360 [ 2548.812930] ? ext4_file_open+0xa50/0xa50 [ 2548.813474] ext4_getfsmap+0x695/0x990 [ 2548.813961] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2548.814631] ? ext4_fsmap_to_internal+0x260/0x260 [ 2548.815235] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2548.815903] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2548.816588] ext4_ioc_getfsmap+0x2b0/0x620 [ 2548.817116] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2548.817710] ? find_held_lock+0x2c/0x110 [ 2548.818227] ? avc_has_extended_perms+0x675/0xf40 [ 2548.818865] ? lock_downgrade+0x6d0/0x6d0 [ 2548.819389] __ext4_ioctl+0x8ad/0x4190 [ 2548.819884] ? ext4_reset_inode_seed+0x450/0x450 [ 2548.820479] ? perf_trace_lock+0xac/0x490 [ 2548.820997] ? SOFTIRQ_verbose+0x10/0x10 [ 2548.821550] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2548.822271] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2548.822918] ? do_vfs_ioctl+0x283/0x10d0 [ 2548.823426] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2548.824083] ? generic_block_fiemap+0x60/0x60 [ 2548.824645] ? lock_downgrade+0x6d0/0x6d0 14:14:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) clock_gettime(0x0, &(0x7f00000048c0)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f00000046c0)=[{{&(0x7f0000000340)=@abs, 0x6e, &(0x7f0000000a80)=[{&(0x7f00000003c0)=""/94, 0x5e}, {&(0x7f0000000440)=""/158, 0x9e}, {&(0x7f0000000500)=""/88, 0x58}, {&(0x7f0000000580)=""/220, 0xdc}, {&(0x7f0000000680)=""/226, 0xe2}, {&(0x7f0000000780)=""/195, 0xc3}, {&(0x7f0000000880)=""/17, 0x11}, {&(0x7f00000008c0)=""/150, 0x96}, {&(0x7f0000000980)=""/205, 0xcd}], 0x9}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000000cc0)=[{&(0x7f0000000bc0)=""/224, 0xe0}], 0x1, &(0x7f0000000d00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}, {{&(0x7f0000000dc0), 0x6e, &(0x7f0000001240)=[{&(0x7f0000000e40)=""/226, 0xe2}, {&(0x7f0000000f40)=""/206, 0xce}, {&(0x7f0000001040)=""/188, 0xbc}, {&(0x7f0000001100)=""/5, 0x5}, {&(0x7f0000001140)=""/242, 0xf2}], 0x5, &(0x7f00000012c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}}, {{&(0x7f0000001400), 0x6e, &(0x7f0000001840)=[{&(0x7f0000001480)=""/232, 0xe8}, {&(0x7f0000001580)=""/218, 0xda}, {&(0x7f0000001680)=""/135, 0x87}, {&(0x7f0000001740)=""/58, 0x3a}, {&(0x7f0000001780)=""/158, 0x9e}], 0x5, &(0x7f00000018c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}], 0x78}}, {{&(0x7f0000001940), 0x6e, &(0x7f0000002f80)=[{&(0x7f00000019c0)=""/220, 0xdc}, {&(0x7f0000001ac0)=""/244, 0xf4}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001bc0)=""/195, 0xc3}, {&(0x7f0000001cc0)=""/163, 0xa3}, {&(0x7f0000002e00)=""/20, 0x14}, {&(0x7f0000002e40)=""/93, 0x5d}, {&(0x7f0000002ec0)=""/135, 0x87}], 0x8}}, {{&(0x7f0000003000)=@abs, 0x6e, &(0x7f0000003100)=[{&(0x7f0000003080)=""/105, 0x69}], 0x1}}, {{&(0x7f0000003140), 0x6e, &(0x7f00000032c0)=[{&(0x7f00000031c0)=""/242, 0xf2}], 0x1, &(0x7f0000003300)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}}, {{&(0x7f0000003400)=@abs, 0x6e, &(0x7f0000004540)=[{&(0x7f0000003480)=""/189, 0xbd}, {&(0x7f0000003540)=""/4096, 0x1000}], 0x2, &(0x7f0000004580)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x108}}], 0x8, 0x20, &(0x7f0000004900)={r1, r2+60000000}) syz_mount_image$ext4(&(0x7f00000001c0)='ext3\x00', &(0x7f0000000200)='./file0\x00', 0x6, 0x1, &(0x7f0000000300)=[{&(0x7f0000000240)="0219fe61c605a4c6ebae591bc94c5305e7092e06cf85f66fa611d6c58a3aac73ba94373251f660bc2ad96c2242226693bb39a4382300d0db473d2a1794d506393e7dc9bed2e9dae2bcf0310faa1dbeaa8b792ae8868080eb0d84f7d55c967862aa73488893ad00cee53dd98a05", 0x6d}], 0x80, &(0x7f0000004940)={[{@dioread_lock}, {@grpid}, {@nolazytime}, {@noauto_da_alloc}], [{@fowner_lt={'fowner<', r4}}]}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000100)=ANY=[], 0x10) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r6, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) sendfile(0xffffffffffffffff, r3, 0x0, 0x3ff) fallocate(r6, 0x3, 0x4077, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r5, 0x0, 0x100000001) [ 2548.825169] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2548.833638] ? wait_for_completion_io+0x270/0x270 [ 2548.834250] ? selinux_file_ioctl+0xb6/0x270 [ 2548.834802] ? __ext4_ioctl+0x4190/0x4190 [ 2548.835323] __x64_sys_ioctl+0x19a/0x210 [ 2548.835834] do_syscall_64+0x33/0x40 [ 2548.836300] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2548.836942] RIP: 0033:0x7f4e27e8db19 [ 2548.837429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2548.839715] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2548.840664] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2548.841568] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2548.842454] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2548.843342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2548.844231] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2548.892323] FAT-fs (loop7): bogus logical sector size 1792 [ 2548.893127] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:49 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfb2f000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:49 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2548.992818] FAT-fs (loop2): bogus number of reserved sectors [ 2548.993626] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400030801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffdfe, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:14:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfbffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2549.113470] FAT-fs (loop7): bogus logical sector size 768 [ 2549.114264] FAT-fs (loop7): Can't find a valid FAT filesystem 14:14:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400060801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:14:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfeffffff, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:14:49 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:14:49 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfcfdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:49 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x4, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:14:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffe00, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2549.303211] FAT-fs (loop7): bogus logical sector size 1536 [ 2549.303980] FAT-fs (loop7): Can't find a valid FAT filesystem [ 2549.316835] FAULT_INJECTION: forcing a failure. [ 2549.316835] name failslab, interval 1, probability 0, space 0, times 0 [ 2549.318476] CPU: 1 PID: 14429 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2549.319342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2549.320373] Call Trace: [ 2549.320710] dump_stack+0x107/0x167 [ 2549.321169] should_fail.cold+0x5/0xa [ 2549.321669] ? ext4_getfsmap_datadev+0xabb/0x25d0 [ 2549.322284] should_failslab+0x5/0x20 [ 2549.322765] kmem_cache_alloc_trace+0x55/0x320 [ 2549.323337] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2549.323978] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2549.324579] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2549.325253] ? do_swap+0x134/0x210 [ 2549.325722] ? sort_r+0x239/0x360 [ 2549.326161] ? ext4_file_open+0xa50/0xa50 [ 2549.326687] ext4_getfsmap+0x695/0x990 [ 2549.327182] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2549.327855] ? ext4_fsmap_to_internal+0x260/0x260 [ 2549.328462] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2549.329135] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2549.329844] ext4_ioc_getfsmap+0x2b0/0x620 [ 2549.330380] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2549.330954] ? find_held_lock+0x2c/0x110 [ 2549.331471] ? avc_has_extended_perms+0x675/0xf40 [ 2549.332110] ? lock_downgrade+0x6d0/0x6d0 [ 2549.332637] __ext4_ioctl+0x8ad/0x4190 [ 2549.333135] ? ext4_reset_inode_seed+0x450/0x450 [ 2549.333770] ? perf_trace_lock+0xac/0x490 [ 2549.334292] ? SOFTIRQ_verbose+0x10/0x10 [ 2549.334817] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2549.335540] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2549.336190] ? do_vfs_ioctl+0x283/0x10d0 [ 2549.336700] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2549.337399] ? generic_block_fiemap+0x60/0x60 [ 2549.337968] ? lock_downgrade+0x6d0/0x6d0 [ 2549.338497] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2549.339157] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2549.339834] ? trace_hardirqs_on+0x5b/0x180 [ 2549.340376] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2549.341060] ? __ext4_ioctl+0x4190/0x4190 [ 2549.341597] ? __ext4_ioctl+0x4190/0x4190 [ 2549.342128] __x64_sys_ioctl+0x19a/0x210 [ 2549.342640] do_syscall_64+0x33/0x40 [ 2549.343106] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2549.343750] RIP: 0033:0x7f4e27e8db19 [ 2549.344217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2549.346532] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2549.347489] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2549.348384] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2549.349279] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2549.350184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2549.351084] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2549.382508] FAT-fs (loop2): bogus number of reserved sectors [ 2549.383669] FAT-fs (loop2): Can't find a valid FAT filesystem 14:14:49 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfdfdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:14:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400070801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2549.578064] FAT-fs (loop7): bogus logical sector size 1792 [ 2549.579141] FAT-fs (loop7): Can't find a valid FAT filesystem 14:15:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x7ffffffff000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xff010000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:10 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020701000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:10 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x5, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:15:10 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 7) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:15:10 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfeffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:15:10 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) [ 2570.709114] FAT-fs (loop7): bogus sectors per cluster 7 [ 2570.709884] FAT-fs (loop7): Can't find a valid FAT filesystem [ 2570.717263] FAULT_INJECTION: forcing a failure. [ 2570.717263] name failslab, interval 1, probability 0, space 0, times 0 [ 2570.720517] CPU: 0 PID: 14476 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2570.722277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2570.724366] Call Trace: [ 2570.725017] dump_stack+0x107/0x167 [ 2570.725926] should_fail.cold+0x5/0xa [ 2570.727049] ? create_object.isra.0+0x3a/0xa20 [ 2570.728194] should_failslab+0x5/0x20 [ 2570.729141] kmem_cache_alloc+0x5b/0x310 [ 2570.730157] create_object.isra.0+0x3a/0xa20 [ 2570.731460] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2570.732733] kmem_cache_alloc_trace+0x151/0x320 [ 2570.733900] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2570.734687] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2570.735395] ? do_swap+0x134/0x210 [ 2570.735863] ? sort_r+0x239/0x360 [ 2570.736319] ? ext4_file_open+0xa50/0xa50 [ 2570.736871] ext4_getfsmap+0x695/0x990 [ 2570.737382] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2570.738082] ? ext4_fsmap_to_internal+0x260/0x260 [ 2570.739414] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2570.740731] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2570.742083] ext4_ioc_getfsmap+0x2b0/0x620 [ 2570.743347] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2570.744188] FAT-fs (loop2): bogus number of reserved sectors [ 2570.744483] ? find_held_lock+0x2c/0x110 [ 2570.744505] ? avc_has_extended_perms+0x675/0xf40 [ 2570.745419] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2570.746357] ? lock_downgrade+0x6d0/0x6d0 [ 2570.748246] __ext4_ioctl+0x8ad/0x4190 [ 2570.748768] ? ext4_reset_inode_seed+0x450/0x450 [ 2570.749392] ? perf_trace_lock+0xac/0x490 [ 2570.749934] ? SOFTIRQ_verbose+0x10/0x10 [ 2570.750878] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2570.752320] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2570.753609] ? do_vfs_ioctl+0x283/0x10d0 [ 2570.754704] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2570.756034] ? generic_block_fiemap+0x60/0x60 [ 2570.757153] ? lock_downgrade+0x6d0/0x6d0 [ 2570.758196] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2570.759634] ? wait_for_completion_io+0x270/0x270 [ 2570.760842] ? selinux_file_ioctl+0xb6/0x270 [ 2570.761940] ? __ext4_ioctl+0x4190/0x4190 [ 2570.763176] __x64_sys_ioctl+0x19a/0x210 [ 2570.764193] do_syscall_64+0x33/0x40 [ 2570.765119] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2570.766452] RIP: 0033:0x7f4e27e8db19 [ 2570.767380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2570.772465] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2570.774479] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2570.776274] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2570.778067] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2570.780236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2570.782020] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xf0ffffff7f0000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:25 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xffffff7f, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:25 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 8) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:15:25 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xff0f000000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:15:25 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400022901000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:25 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x6, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:15:25 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) [ 2585.129589] FAULT_INJECTION: forcing a failure. [ 2585.129589] name failslab, interval 1, probability 0, space 0, times 0 [ 2585.131736] CPU: 0 PID: 14503 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2585.132633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2585.133750] Call Trace: [ 2585.134132] dump_stack+0x107/0x167 [ 2585.134651] should_fail.cold+0x5/0xa [ 2585.135260] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2585.135942] should_failslab+0x5/0x20 [ 2585.136472] kmem_cache_alloc_trace+0x55/0x320 [ 2585.137074] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2585.137785] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2585.138442] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.139193] ? do_swap+0x134/0x210 [ 2585.139695] ? sort_r+0x239/0x360 [ 2585.140184] ? ext4_file_open+0xa50/0xa50 [ 2585.140772] ext4_getfsmap+0x695/0x990 [ 2585.141322] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.142073] ? ext4_fsmap_to_internal+0x260/0x260 [ 2585.142746] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2585.147528] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.148291] ext4_ioc_getfsmap+0x2b0/0x620 [ 2585.148863] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2585.149444] ? find_held_lock+0x2c/0x110 [ 2585.150009] ? avc_has_extended_perms+0x675/0xf40 [ 2585.150726] ? lock_downgrade+0x6d0/0x6d0 [ 2585.151333] __ext4_ioctl+0x8ad/0x4190 [ 2585.151892] ? ext4_reset_inode_seed+0x450/0x450 [ 2585.152560] ? perf_trace_lock+0xac/0x490 [ 2585.153148] ? SOFTIRQ_verbose+0x10/0x10 [ 2585.153743] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2585.154523] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2585.155231] ? do_vfs_ioctl+0x283/0x10d0 [ 2585.155782] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2585.156520] ? generic_block_fiemap+0x60/0x60 [ 2585.157151] ? lock_downgrade+0x6d0/0x6d0 [ 2585.157741] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2585.158423] ? wait_for_completion_io+0x270/0x270 [ 2585.159139] ? selinux_file_ioctl+0xb6/0x270 [ 2585.159762] ? __ext4_ioctl+0x4190/0x4190 [ 2585.160351] __x64_sys_ioctl+0x19a/0x210 [ 2585.160923] do_syscall_64+0x33/0x40 [ 2585.161415] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2585.162087] RIP: 0033:0x7f4e27e8db19 [ 2585.162575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2585.164986] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2585.165984] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2585.166950] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2585.167899] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2585.168835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2585.169766] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfeffffffffffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:25 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) [ 2585.201110] FAT-fs (loop2): bogus number of reserved sectors [ 2585.202094] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2585.204626] FAT-fs (loop7): bogus sectors per cluster 41 [ 2585.205387] FAT-fs (loop7): Can't find a valid FAT filesystem 14:15:25 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffff4, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:25 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020802000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470", 0x12}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:25 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x7, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:15:25 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020803000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:25 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xfffdffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:15:25 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) 14:15:25 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffff5, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2585.517899] FAT-fs (loop2): invalid media value (0x00) [ 2585.519306] FAT-fs (loop2): Can't find a valid FAT filesystem 14:15:25 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:15:25 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020805000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2585.662396] FAULT_INJECTION: forcing a failure. [ 2585.662396] name failslab, interval 1, probability 0, space 0, times 0 [ 2585.664203] CPU: 1 PID: 14559 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2585.665119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2585.666214] Call Trace: [ 2585.666581] dump_stack+0x107/0x167 [ 2585.667095] should_fail.cold+0x5/0xa [ 2585.667610] ? create_object.isra.0+0x3a/0xa20 [ 2585.668226] should_failslab+0x5/0x20 [ 2585.668739] kmem_cache_alloc+0x5b/0x310 [ 2585.669293] create_object.isra.0+0x3a/0xa20 [ 2585.669883] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2585.670563] kmem_cache_alloc_trace+0x151/0x320 [ 2585.671205] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2585.671841] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.672544] ? do_swap+0x134/0x210 [ 2585.673056] ? sort_r+0x239/0x360 [ 2585.673577] ? ext4_file_open+0xa50/0xa50 [ 2585.674208] ext4_getfsmap+0x695/0x990 [ 2585.674760] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.675623] ? ext4_fsmap_to_internal+0x260/0x260 [ 2585.676369] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2585.677169] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2585.678030] ext4_ioc_getfsmap+0x2b0/0x620 [ 2585.678666] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2585.679417] ? find_held_lock+0x2c/0x110 [ 2585.680074] ? avc_has_extended_perms+0x675/0xf40 [ 2585.680778] ? lock_downgrade+0x6d0/0x6d0 [ 2585.681445] __ext4_ioctl+0x8ad/0x4190 [ 2585.682074] ? ext4_reset_inode_seed+0x450/0x450 [ 2585.682837] ? perf_trace_lock+0xac/0x490 [ 2585.683415] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2585.684189] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2585.684879] ? do_vfs_ioctl+0x283/0x10d0 [ 2585.685425] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2585.686116] ? generic_block_fiemap+0x60/0x60 [ 2585.686700] ? lock_downgrade+0x6d0/0x6d0 [ 2585.687276] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2585.687932] ? wait_for_completion_io+0x270/0x270 [ 2585.688592] ? selinux_file_ioctl+0xb6/0x270 [ 2585.689183] ? __ext4_ioctl+0x4190/0x4190 [ 2585.689709] __x64_sys_ioctl+0x19a/0x210 [ 2585.690164] do_syscall_64+0x33/0x40 [ 2585.690588] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2585.691279] RIP: 0033:0x7f4e27e8db19 [ 2585.691849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2585.694659] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2585.695572] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2585.696369] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2585.697190] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2585.698015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2585.698820] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:40 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x100000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:40 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:15:40 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffb, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:40 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xf, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:15:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470", 0x12}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:40 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x4000) 14:15:40 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020807000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:40 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffff1f0000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2599.932784] FAT-fs (loop2): invalid media value (0x00) [ 2599.933616] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2599.965539] FAULT_INJECTION: forcing a failure. [ 2599.965539] name failslab, interval 1, probability 0, space 0, times 0 14:15:40 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) waitid(0x0, 0x0, 0x0, 0x0, 0x0) [ 2599.967204] CPU: 1 PID: 14592 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2599.972160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2599.973272] Call Trace: [ 2599.973654] dump_stack+0x107/0x167 [ 2599.974149] should_fail.cold+0x5/0xa [ 2599.974648] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2599.975256] should_failslab+0x5/0x20 [ 2599.975758] kmem_cache_alloc_trace+0x55/0x320 [ 2599.976329] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2599.976973] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2599.977569] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2599.978243] ? do_swap+0x134/0x210 [ 2599.978691] ? sort_r+0x239/0x360 [ 2599.979123] ? ext4_file_open+0xa50/0xa50 [ 2599.979858] ext4_getfsmap+0x695/0x990 [ 2599.980352] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2599.981020] ? ext4_fsmap_to_internal+0x260/0x260 [ 2599.981622] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2599.982290] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2599.982973] ext4_ioc_getfsmap+0x2b0/0x620 [ 2599.983516] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2599.984088] ? find_held_lock+0x2c/0x110 [ 2599.984602] ? avc_has_extended_perms+0x675/0xf40 [ 2599.985238] ? lock_downgrade+0x6d0/0x6d0 [ 2599.985758] __ext4_ioctl+0x8ad/0x4190 [ 2599.986252] ? ext4_reset_inode_seed+0x450/0x450 [ 2599.986845] ? perf_trace_lock+0xac/0x490 [ 2599.987368] ? SOFTIRQ_verbose+0x10/0x10 [ 2599.987898] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2599.988615] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2599.989261] ? do_vfs_ioctl+0x283/0x10d0 [ 2599.989768] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2599.990421] ? generic_block_fiemap+0x60/0x60 [ 2599.990981] ? lock_downgrade+0x6d0/0x6d0 [ 2599.991519] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2599.992125] ? wait_for_completion_io+0x270/0x270 [ 2599.992734] ? selinux_file_ioctl+0xb6/0x270 [ 2599.993286] ? __ext4_ioctl+0x4190/0x4190 [ 2599.993804] __x64_sys_ioctl+0x19a/0x210 [ 2599.994313] do_syscall_64+0x33/0x40 [ 2599.994778] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2599.995445] RIP: 0033:0x7f4e27e8db19 [ 2599.995932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2599.998222] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2599.999171] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2600.000104] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2600.000992] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2600.001877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2600.002766] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:40 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x10, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2614.302259] FAT-fs (loop2): invalid media value (0x00) [ 2614.304282] FAT-fs (loop2): Can't find a valid FAT filesystem 14:15:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470", 0x12}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:54 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x14, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:15:54 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x72, 0x1}, 0x1) 14:15:54 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffff7f00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:15:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x200000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:54 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740002080f000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:54 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffe, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2614.332614] FAULT_INJECTION: forcing a failure. [ 2614.332614] name failslab, interval 1, probability 0, space 0, times 0 [ 2614.336051] CPU: 0 PID: 14626 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2614.338354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2614.341135] Call Trace: [ 2614.342027] dump_stack+0x107/0x167 [ 2614.343214] should_fail.cold+0x5/0xa [ 2614.344503] ? create_object.isra.0+0x3a/0xa20 [ 2614.346048] should_failslab+0x5/0x20 [ 2614.347357] kmem_cache_alloc+0x5b/0x310 [ 2614.348759] create_object.isra.0+0x3a/0xa20 [ 2614.350266] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2614.351877] kmem_cache_alloc_trace+0x151/0x320 [ 2614.353277] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2614.354652] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2614.356268] ? do_swap+0x134/0x210 [ 2614.357304] ? sort_r+0x239/0x360 [ 2614.358324] ? ext4_file_open+0xa50/0xa50 [ 2614.359538] ext4_getfsmap+0x695/0x990 [ 2614.360741] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2614.362308] ? ext4_fsmap_to_internal+0x260/0x260 [ 2614.363733] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2614.365308] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2614.366904] ext4_ioc_getfsmap+0x2b0/0x620 [ 2614.368172] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2614.369523] ? find_held_lock+0x2c/0x110 [ 2614.370716] ? avc_has_extended_perms+0x675/0xf40 [ 2614.376118] ? lock_downgrade+0x6d0/0x6d0 [ 2614.376705] __ext4_ioctl+0x8ad/0x4190 [ 2614.377264] ? ext4_reset_inode_seed+0x450/0x450 [ 2614.377923] ? perf_trace_lock+0xac/0x490 [ 2614.378506] ? SOFTIRQ_verbose+0x10/0x10 [ 2614.379095] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 14:15:54 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 11) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2614.379892] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2614.381327] ? do_vfs_ioctl+0x283/0x10d0 [ 2614.382443] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2614.383928] ? generic_block_fiemap+0x60/0x60 [ 2614.385497] ? lock_downgrade+0x6d0/0x6d0 [ 2614.386835] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2614.388379] ? wait_for_completion_io+0x270/0x270 [ 2614.390163] ? selinux_file_ioctl+0xb6/0x270 [ 2614.391564] ? __ext4_ioctl+0x4190/0x4190 [ 2614.392936] __x64_sys_ioctl+0x19a/0x210 [ 2614.394231] do_syscall_64+0x33/0x40 [ 2614.395336] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2614.396885] RIP: 0033:0x7f4e27e8db19 [ 2614.397986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2614.403610] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2614.406112] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2614.408342] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2614.410456] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2614.412647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2614.414834] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:54 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) 14:15:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000", 0x15}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:15:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x300000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:15:54 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 12) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:15:54 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740002081b000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:15:54 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2e, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2614.625448] FAULT_INJECTION: forcing a failure. [ 2614.625448] name failslab, interval 1, probability 0, space 0, times 0 [ 2614.627369] CPU: 0 PID: 14648 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2614.628353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2614.629501] Call Trace: [ 2614.629885] dump_stack+0x107/0x167 [ 2614.630398] should_fail.cold+0x5/0xa [ 2614.630945] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 2614.631628] should_failslab+0x5/0x20 [ 2614.632191] kmem_cache_alloc_trace+0x55/0x320 [ 2614.632835] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2614.633556] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2614.634233] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2614.634987] ? do_swap+0x134/0x210 [ 2614.635493] ? sort_r+0x239/0x360 [ 2614.635989] ? ext4_file_open+0xa50/0xa50 [ 2614.636584] ext4_getfsmap+0x695/0x990 [ 2614.637138] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2614.637849] ? ext4_fsmap_to_internal+0x260/0x260 [ 2614.638521] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2614.639268] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 14:15:54 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020827000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2614.640042] ext4_ioc_getfsmap+0x2b0/0x620 [ 2614.640637] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2614.641276] ? find_held_lock+0x2c/0x110 [ 2614.641853] ? avc_has_extended_perms+0x675/0xf40 [ 2614.648121] ? lock_downgrade+0x6d0/0x6d0 [ 2614.648724] __ext4_ioctl+0x8ad/0x4190 [ 2614.649297] ? ext4_reset_inode_seed+0x450/0x450 [ 2614.649991] ? perf_trace_lock+0xac/0x490 [ 2614.650600] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2614.651435] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2614.652212] ? do_vfs_ioctl+0x283/0x10d0 [ 2614.652795] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2614.653550] ? generic_block_fiemap+0x60/0x60 [ 2614.654210] ? lock_downgrade+0x6d0/0x6d0 [ 2614.654803] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2614.655518] ? wait_for_completion_io+0x270/0x270 [ 2614.656238] ? selinux_file_ioctl+0xb6/0x270 [ 2614.656880] ? __ext4_ioctl+0x4190/0x4190 [ 2614.657495] __x64_sys_ioctl+0x19a/0x210 [ 2614.658074] do_syscall_64+0x33/0x40 [ 2614.658609] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2614.659335] RIP: 0033:0x7f4e27e8db19 [ 2614.659875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2614.662464] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2614.663532] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2614.664570] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2614.665568] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2614.666566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2614.667562] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:15:54 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffffff00000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:16:08 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 13) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:16:08 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3b6, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:16:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000", 0x15}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:08 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020800030470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:08 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) 14:16:08 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x8000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x400000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:08 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2628.780831] FAULT_INJECTION: forcing a failure. [ 2628.780831] name failslab, interval 1, probability 0, space 0, times 0 [ 2628.781379] FAT-fs (loop2): invalid media value (0x00) [ 2628.782642] CPU: 0 PID: 14682 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2628.783052] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2628.783928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2628.783933] Call Trace: [ 2628.783955] dump_stack+0x107/0x167 [ 2628.783970] should_fail.cold+0x5/0xa [ 2628.787101] ? create_object.isra.0+0x3a/0xa20 [ 2628.787703] should_failslab+0x5/0x20 [ 2628.788205] kmem_cache_alloc+0x5b/0x310 [ 2628.788767] create_object.isra.0+0x3a/0xa20 [ 2628.789349] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2628.790017] kmem_cache_alloc_trace+0x151/0x320 [ 2628.790630] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2628.791250] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2628.791946] ? do_swap+0x134/0x210 [ 2628.792412] ? sort_r+0x239/0x360 [ 2628.792886] ? ext4_file_open+0xa50/0xa50 [ 2628.793435] ext4_getfsmap+0x695/0x990 [ 2628.793943] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2628.794639] ? ext4_fsmap_to_internal+0x260/0x260 [ 2628.795268] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2628.795963] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2628.796688] ext4_ioc_getfsmap+0x2b0/0x620 [ 2628.797244] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2628.797836] ? find_held_lock+0x2c/0x110 [ 2628.798371] ? avc_has_extended_perms+0x675/0xf40 [ 2628.799033] ? lock_downgrade+0x6d0/0x6d0 [ 2628.799575] __ext4_ioctl+0x8ad/0x4190 [ 2628.800090] ? ext4_reset_inode_seed+0x450/0x450 [ 2628.800719] ? perf_trace_lock+0xac/0x490 [ 2628.801266] ? SOFTIRQ_verbose+0x10/0x10 [ 2628.801808] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2628.802556] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2628.803232] ? do_vfs_ioctl+0x283/0x10d0 [ 2628.803759] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2628.804442] ? generic_block_fiemap+0x60/0x60 [ 2628.805061] ? lock_downgrade+0x6d0/0x6d0 [ 2628.805604] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2628.806237] ? wait_for_completion_io+0x270/0x270 [ 2628.806872] ? selinux_file_ioctl+0xb6/0x270 [ 2628.807448] ? __ext4_ioctl+0x4190/0x4190 [ 2628.807989] __x64_sys_ioctl+0x19a/0x210 [ 2628.808528] do_syscall_64+0x33/0x40 [ 2628.809033] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2628.809700] RIP: 0033:0x7f4e27e8db19 [ 2628.810186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2628.812610] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2628.813614] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2628.814547] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2628.815474] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2628.816404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2628.817355] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:16:09 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0) 14:16:09 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000370008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x80000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:09 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 14:16:09 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:09 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xff0f, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:16:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000", 0x15}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:09 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2629.053098] FAT-fs (loop2): invalid media value (0x00) [ 2629.053856] FAT-fs (loop2): Can't find a valid FAT filesystem 14:16:09 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 14) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:16:09 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:09 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801020470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2629.132550] FAULT_INJECTION: forcing a failure. [ 2629.132550] name failslab, interval 1, probability 0, space 0, times 0 [ 2629.135853] CPU: 0 PID: 14726 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2629.136773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2629.137859] Call Trace: [ 2629.138212] dump_stack+0x107/0x167 [ 2629.138696] should_fail.cold+0x5/0xa [ 2629.139203] ? ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2629.139839] should_failslab+0x5/0x20 [ 2629.140347] kmem_cache_alloc_trace+0x55/0x320 [ 2629.140982] ? ext4_get_group_desc+0x2a0/0x560 [ 2629.141590] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2629.142221] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2629.142938] ? do_swap+0x134/0x210 [ 2629.143415] ? sort_r+0x239/0x360 [ 2629.143880] ? ext4_file_open+0xa50/0xa50 [ 2629.144441] ext4_getfsmap+0x695/0x990 [ 2629.144982] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2629.145689] ? ext4_fsmap_to_internal+0x260/0x260 [ 2629.146325] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2629.147027] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2629.147742] ext4_ioc_getfsmap+0x2b0/0x620 [ 2629.148301] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2629.148922] ? find_held_lock+0x2c/0x110 [ 2629.149470] ? avc_has_extended_perms+0x675/0xf40 [ 2629.150145] ? lock_downgrade+0x6d0/0x6d0 [ 2629.150700] __ext4_ioctl+0x8ad/0x4190 [ 2629.151223] ? ext4_reset_inode_seed+0x450/0x450 [ 2629.151846] ? perf_trace_lock+0xac/0x490 [ 2629.152391] ? SOFTIRQ_verbose+0x10/0x10 [ 2629.152961] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2629.153720] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2629.154410] ? do_vfs_ioctl+0x283/0x10d0 [ 2629.154953] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2629.155645] ? generic_block_fiemap+0x60/0x60 [ 2629.156241] ? lock_downgrade+0x6d0/0x6d0 [ 2629.156811] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2629.157448] ? wait_for_completion_io+0x270/0x270 [ 2629.158102] ? selinux_file_ioctl+0xb6/0x270 [ 2629.158691] ? __ext4_ioctl+0x4190/0x4190 [ 2629.159244] __x64_sys_ioctl+0x19a/0x210 [ 2629.159794] do_syscall_64+0x33/0x40 [ 2629.160295] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2629.160988] RIP: 0033:0x7f4e27e8db19 [ 2629.161497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2629.163904] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2629.164921] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2629.165871] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2629.166816] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2629.167758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2629.168715] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:16:09 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x700000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:23 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:23 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801030470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:23 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000a, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:16:23 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 15) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:16:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f8", 0x16}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:23 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x4, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:16:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x800000000000000, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:23 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:23 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) [ 2643.383342] FAT-fs (loop2): bogus number of FAT sectors [ 2643.384186] FAT-fs (loop2): Can't find a valid FAT filesystem [ 2643.384779] FAULT_INJECTION: forcing a failure. [ 2643.384779] name failslab, interval 1, probability 0, space 0, times 0 [ 2643.386892] CPU: 1 PID: 14748 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2643.387758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2643.388801] Call Trace: [ 2643.389147] dump_stack+0x107/0x167 [ 2643.389610] should_fail.cold+0x5/0xa [ 2643.390092] ? create_object.isra.0+0x3a/0xa20 [ 2643.390673] should_failslab+0x5/0x20 [ 2643.391151] kmem_cache_alloc+0x5b/0x310 [ 2643.391660] ? lock_downgrade+0x6d0/0x6d0 [ 2643.392185] create_object.isra.0+0x3a/0xa20 [ 2643.392731] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2643.393389] kmem_cache_alloc_trace+0x151/0x320 [ 2643.393979] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2643.394575] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2643.395245] ? do_swap+0x134/0x210 [ 2643.395693] ? sort_r+0x239/0x360 [ 2643.396128] ? ext4_file_open+0xa50/0xa50 [ 2643.396653] ext4_getfsmap+0x695/0x990 [ 2643.397145] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2643.397818] ? ext4_fsmap_to_internal+0x260/0x260 [ 2643.398423] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2643.399090] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2643.399775] ext4_ioc_getfsmap+0x2b0/0x620 [ 2643.400303] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2643.400871] ? find_held_lock+0x2c/0x110 [ 2643.401398] ? avc_has_extended_perms+0x675/0xf40 [ 2643.402035] ? lock_downgrade+0x6d0/0x6d0 [ 2643.402560] __ext4_ioctl+0x8ad/0x4190 [ 2643.403054] ? ext4_reset_inode_seed+0x450/0x450 [ 2643.403645] ? perf_trace_lock+0xac/0x490 [ 2643.404163] ? SOFTIRQ_verbose+0x10/0x10 [ 2643.404685] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2643.405419] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2643.406063] ? do_vfs_ioctl+0x283/0x10d0 [ 2643.406571] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2643.407227] ? generic_block_fiemap+0x60/0x60 [ 2643.407785] ? lock_downgrade+0x6d0/0x6d0 [ 2643.408305] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2643.408912] ? wait_for_completion_io+0x270/0x270 [ 2643.409534] ? selinux_file_ioctl+0xb6/0x270 [ 2643.410087] ? __ext4_ioctl+0x4190/0x4190 [ 2643.410606] __x64_sys_ioctl+0x19a/0x210 [ 2643.411116] do_syscall_64+0x33/0x40 [ 2643.411582] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2643.412224] RIP: 0033:0x7f4e27e8db19 [ 2643.412690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2643.414997] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2643.415947] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2643.416838] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2643.417742] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2643.418633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2643.419523] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:16:23 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801040470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f8", 0x16}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:23 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x5, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:16:23 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) tkill(0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:23 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801050470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:23 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x180000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2643.624021] FAT-fs (loop2): bogus number of FAT sectors [ 2643.624793] FAT-fs (loop2): Can't find a valid FAT filesystem 14:16:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xeffdffffffffffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f8", 0x16}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:38 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x200000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:38 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 16) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:16:38 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2dc00, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2658.063348] FAT-fs (loop2): bogus number of FAT sectors [ 2658.064110] FAT-fs (loop2): Can't find a valid FAT filesystem 14:16:38 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801060470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:38 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x6, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:16:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfcfdffffffffffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:38 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:38 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801070470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfefdffffffffffff, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2658.197204] FAULT_INJECTION: forcing a failure. [ 2658.197204] name failslab, interval 1, probability 0, space 0, times 0 [ 2658.198860] CPU: 0 PID: 14826 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2658.199760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2658.200851] Call Trace: [ 2658.201206] dump_stack+0x107/0x167 [ 2658.201687] should_fail.cold+0x5/0xa [ 2658.202212] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 2658.202848] should_failslab+0x5/0x20 [ 2658.203352] kmem_cache_alloc_trace+0x55/0x320 [ 2658.203956] ? ext4_bg_num_gdb+0x172/0x250 [ 2658.204517] ext4_getfsmap_datadev+0x86d/0x25d0 [ 2658.205143] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2658.205863] ? do_swap+0x134/0x210 [ 2658.206333] ? sort_r+0x239/0x360 [ 2658.206789] ? ext4_file_open+0xa50/0xa50 [ 2658.207340] ext4_getfsmap+0x695/0x990 [ 2658.207852] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2658.208559] ? ext4_fsmap_to_internal+0x260/0x260 [ 2658.209201] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2658.213933] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2658.214653] ext4_ioc_getfsmap+0x2b0/0x620 [ 2658.215207] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2658.215805] ? find_held_lock+0x2c/0x110 [ 2658.216347] ? avc_has_extended_perms+0x675/0xf40 [ 2658.217011] ? lock_downgrade+0x6d0/0x6d0 [ 2658.217560] __ext4_ioctl+0x8ad/0x4190 [ 2658.218096] ? ext4_reset_inode_seed+0x450/0x450 [ 2658.218719] ? perf_trace_lock+0xac/0x490 [ 2658.219266] ? SOFTIRQ_verbose+0x10/0x10 [ 2658.219813] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2658.220571] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2658.221248] ? do_vfs_ioctl+0x283/0x10d0 [ 2658.221818] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2658.222506] ? generic_block_fiemap+0x60/0x60 [ 2658.223094] ? lock_downgrade+0x6d0/0x6d0 [ 2658.223641] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2658.224277] ? wait_for_completion_io+0x270/0x270 [ 2658.224918] ? selinux_file_ioctl+0xb6/0x270 [ 2658.225497] ? __ext4_ioctl+0x4190/0x4190 [ 2658.226052] __x64_sys_ioctl+0x19a/0x210 [ 2658.226587] do_syscall_64+0x33/0x40 [ 2658.227077] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2658.227755] RIP: 0033:0x7f4e27e8db19 [ 2658.228245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2658.230658] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2658.231661] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2658.232596] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2658.233532] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2658.238490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2658.239425] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:16:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x201000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:38 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffffffffdef, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:52 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:16:52 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 17) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:16:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffffffffdfc, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:16:52 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801080470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:52 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:52 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x300000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:52 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x7, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2672.717158] FAULT_INJECTION: forcing a failure. [ 2672.717158] name failslab, interval 1, probability 0, space 0, times 0 [ 2672.718894] CPU: 1 PID: 14875 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2672.719753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2672.720782] Call Trace: [ 2672.721120] dump_stack+0x107/0x167 [ 2672.721585] should_fail.cold+0x5/0xa [ 2672.722068] ? create_object.isra.0+0x3a/0xa20 [ 2672.722669] should_failslab+0x5/0x20 [ 2672.723147] kmem_cache_alloc+0x5b/0x310 [ 2672.723657] create_object.isra.0+0x3a/0xa20 [ 2672.724202] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2672.724842] kmem_cache_alloc_trace+0x151/0x320 [ 2672.725426] ext4_getfsmap_datadev+0x86d/0x25d0 [ 2672.726020] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2672.726706] ? do_swap+0x134/0x210 [ 2672.727172] ? sort_r+0x239/0x360 [ 2672.727626] ? ext4_file_open+0xa50/0xa50 [ 2672.728175] ext4_getfsmap+0x695/0x990 [ 2672.728683] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2672.729364] ? ext4_fsmap_to_internal+0x260/0x260 [ 2672.729968] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2672.730652] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2672.731338] ext4_ioc_getfsmap+0x2b0/0x620 [ 2672.731865] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2672.732436] ? find_held_lock+0x2c/0x110 [ 2672.732953] ? avc_has_extended_perms+0x675/0xf40 [ 2672.733590] ? lock_downgrade+0x6d0/0x6d0 [ 2672.734111] __ext4_ioctl+0x8ad/0x4190 [ 2672.734620] ? ext4_reset_inode_seed+0x450/0x450 [ 2672.735213] ? perf_trace_lock+0xac/0x490 [ 2672.735732] ? SOFTIRQ_verbose+0x10/0x10 [ 2672.736254] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2672.736971] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2672.737621] ? do_vfs_ioctl+0x283/0x10d0 [ 2672.738128] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2672.738803] ? generic_block_fiemap+0x60/0x60 [ 2672.739362] ? lock_downgrade+0x6d0/0x6d0 [ 2672.739883] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2672.740492] ? wait_for_completion_io+0x270/0x270 [ 2672.741100] ? selinux_file_ioctl+0xb6/0x270 [ 2672.741649] ? __ext4_ioctl+0x4190/0x4190 [ 2672.742169] __x64_sys_ioctl+0x19a/0x210 [ 2672.742691] do_syscall_64+0x33/0x40 [ 2672.743157] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2672.743796] RIP: 0033:0x7f4e27e8db19 [ 2672.744263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2672.746566] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2672.747513] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2672.748400] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2672.749287] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2672.750175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2672.751073] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:16:52 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:53 executing program 3: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:16:53 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e666174000208010b0470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:16:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:16:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:07 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xf, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:07 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906c6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:07 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:07 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(0x0) io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:07 executing program 3: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffffffffdfe, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:07 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 18) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:17:07 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801180470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:07 executing program 3: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:07 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(0x0) io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2687.433306] FAULT_INJECTION: forcing a failure. [ 2687.433306] name failslab, interval 1, probability 0, space 0, times 0 [ 2687.434817] CPU: 1 PID: 14917 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2687.435705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2687.436748] Call Trace: [ 2687.437086] dump_stack+0x107/0x167 [ 2687.437546] should_fail.cold+0x5/0xa [ 2687.438030] ? ext4_getfsmap_datadev+0xabb/0x25d0 [ 2687.438637] should_failslab+0x5/0x20 [ 2687.439133] kmem_cache_alloc_trace+0x55/0x320 [ 2687.439704] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2687.440345] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2687.440943] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.441614] ? do_swap+0x134/0x210 [ 2687.442063] ? sort_r+0x239/0x360 [ 2687.442504] ? ext4_file_open+0xa50/0xa50 [ 2687.443045] ext4_getfsmap+0x695/0x990 [ 2687.443534] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.444206] ? ext4_fsmap_to_internal+0x260/0x260 [ 2687.444810] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2687.445482] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.446169] ext4_ioc_getfsmap+0x2b0/0x620 [ 2687.446704] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2687.447294] ? find_held_lock+0x2c/0x110 [ 2687.447811] ? avc_has_extended_perms+0x675/0xf40 [ 2687.448452] ? lock_downgrade+0x6d0/0x6d0 [ 2687.448977] __ext4_ioctl+0x8ad/0x4190 [ 2687.449474] ? ext4_reset_inode_seed+0x450/0x450 [ 2687.450068] ? perf_trace_lock+0xac/0x490 [ 2687.450585] ? SOFTIRQ_verbose+0x10/0x10 [ 2687.451130] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2687.451851] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2687.452501] ? do_vfs_ioctl+0x283/0x10d0 [ 2687.453009] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2687.453666] ? generic_block_fiemap+0x60/0x60 [ 2687.454227] ? lock_downgrade+0x6d0/0x6d0 [ 2687.454749] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2687.455368] ? wait_for_completion_io+0x270/0x270 [ 2687.455982] ? selinux_file_ioctl+0xb6/0x270 [ 2687.456534] ? __ext4_ioctl+0x4190/0x4190 [ 2687.457054] __x64_sys_ioctl+0x19a/0x210 [ 2687.457565] do_syscall_64+0x33/0x40 [ 2687.458033] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2687.458674] RIP: 0033:0x7f4e27e8db19 [ 2687.459161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2687.461459] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2687.462413] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2687.463316] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2687.464207] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2687.465097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2687.465989] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:07 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x600000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfffffffffffffe00, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:07 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e666174000208011c0470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:07 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x10, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:07 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:07 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:07 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906e6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:07 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801660470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:07 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 19) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2687.757873] FAULT_INJECTION: forcing a failure. [ 2687.757873] name failslab, interval 1, probability 0, space 0, times 0 [ 2687.761477] CPU: 1 PID: 14966 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2687.763204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2687.765239] Call Trace: [ 2687.765874] dump_stack+0x107/0x167 [ 2687.766760] should_fail.cold+0x5/0xa [ 2687.767886] ? create_object.isra.0+0x3a/0xa20 [ 2687.769012] should_failslab+0x5/0x20 [ 2687.769936] kmem_cache_alloc+0x5b/0x310 [ 2687.770923] create_object.isra.0+0x3a/0xa20 [ 2687.771517] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2687.772161] kmem_cache_alloc_trace+0x151/0x320 [ 2687.772748] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2687.773342] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.774009] ? do_swap+0x134/0x210 [ 2687.774453] ? sort_r+0x239/0x360 [ 2687.774903] ? ext4_file_open+0xa50/0xa50 [ 2687.775446] ext4_getfsmap+0x695/0x990 [ 2687.775932] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.776597] ? ext4_fsmap_to_internal+0x260/0x260 [ 2687.777200] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2687.777866] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2687.778549] ext4_ioc_getfsmap+0x2b0/0x620 [ 2687.779121] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2687.779692] ? find_held_lock+0x2c/0x110 [ 2687.780205] ? avc_has_extended_perms+0x675/0xf40 [ 2687.780840] ? lock_downgrade+0x6d0/0x6d0 [ 2687.781361] __ext4_ioctl+0x8ad/0x4190 [ 2687.781854] ? ext4_reset_inode_seed+0x450/0x450 [ 2687.782444] ? perf_trace_lock+0xac/0x490 [ 2687.782988] ? SOFTIRQ_verbose+0x10/0x10 [ 2687.783511] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2687.784226] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2687.784868] ? do_vfs_ioctl+0x283/0x10d0 [ 2687.785373] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2687.786025] ? generic_block_fiemap+0x60/0x60 [ 2687.786581] ? lock_downgrade+0x6d0/0x6d0 [ 2687.787134] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2687.787740] ? wait_for_completion_io+0x270/0x270 [ 2687.788346] ? selinux_file_ioctl+0xb6/0x270 [ 2687.788896] ? __ext4_ioctl+0x4190/0x4190 [ 2687.789414] __x64_sys_ioctl+0x19a/0x210 [ 2687.789922] do_syscall_64+0x33/0x40 [ 2687.790386] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2687.791054] RIP: 0033:0x7f4e27e8db19 [ 2687.791521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2687.793803] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2687.794832] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2687.795738] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2687.796626] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2687.797513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2687.798442] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:22 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x700000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:22 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(0x0) io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:22 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 20) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:17:22 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6a66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:22 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x14, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:22 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:22 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000570008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2701.980574] FAULT_INJECTION: forcing a failure. [ 2701.980574] name failslab, interval 1, probability 0, space 0, times 0 [ 2701.982092] CPU: 0 PID: 14979 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2701.982990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2701.984085] Call Trace: [ 2701.984436] dump_stack+0x107/0x167 [ 2701.984916] should_fail.cold+0x5/0xa [ 2701.985427] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2701.986065] should_failslab+0x5/0x20 [ 2701.986574] kmem_cache_alloc_trace+0x55/0x320 [ 2701.987176] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2701.987863] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2701.988491] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2701.989195] ? do_swap+0x134/0x210 [ 2701.989666] ? sort_r+0x239/0x360 [ 2701.990122] ? ext4_file_open+0xa50/0xa50 [ 2701.990676] ext4_getfsmap+0x695/0x990 [ 2701.991192] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2701.991923] ? ext4_fsmap_to_internal+0x260/0x260 [ 2701.992561] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2701.993264] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2701.993983] ext4_ioc_getfsmap+0x2b0/0x620 [ 2701.994535] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2701.995136] ? find_held_lock+0x2c/0x110 [ 2701.995691] ? avc_has_extended_perms+0x675/0xf40 [ 2701.996360] ? lock_downgrade+0x6d0/0x6d0 [ 2701.996907] __ext4_ioctl+0x8ad/0x4190 [ 2701.997428] ? ext4_reset_inode_seed+0x450/0x450 [ 2701.998049] ? perf_trace_lock+0xac/0x490 [ 2701.998597] ? SOFTIRQ_verbose+0x10/0x10 [ 2701.999143] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2701.999911] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2702.000589] ? do_vfs_ioctl+0x283/0x10d0 [ 2702.001120] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2702.001807] ? generic_block_fiemap+0x60/0x60 [ 2702.002392] ? lock_downgrade+0x6d0/0x6d0 [ 2702.002937] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2702.003588] ? wait_for_completion_io+0x270/0x270 [ 2702.004229] ? selinux_file_ioctl+0xb6/0x270 [ 2702.004808] ? __ext4_ioctl+0x4190/0x4190 [ 2702.005353] __x64_sys_ioctl+0x19a/0x210 [ 2702.005888] do_syscall_64+0x33/0x40 [ 2702.006376] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2702.007048] RIP: 0033:0x7f4e27e8db19 [ 2702.007561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2702.009957] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2702.010953] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2702.011905] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2702.012841] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2702.013771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:17:22 executing program 3: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) [ 2702.014702] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:36 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 21) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:17:36 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801002070008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x0, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2e, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:36 executing program 3: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x800000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6c66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2716.055891] FAULT_INJECTION: forcing a failure. [ 2716.055891] name failslab, interval 1, probability 0, space 0, times 0 [ 2716.061728] CPU: 0 PID: 15028 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2716.062632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2716.063709] Call Trace: [ 2716.064079] dump_stack+0x107/0x167 [ 2716.064564] should_fail.cold+0x5/0xa [ 2716.065073] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2716.065711] should_failslab+0x5/0x20 [ 2716.066216] kmem_cache_alloc_trace+0x55/0x320 [ 2716.066816] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2716.067488] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2716.068332] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.069951] ? do_swap+0x134/0x210 [ 2716.071009] ? sort_r+0x239/0x360 [ 2716.076038] ? ext4_file_open+0xa50/0xa50 [ 2716.076598] ext4_getfsmap+0x695/0x990 [ 2716.077110] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.077811] ? ext4_fsmap_to_internal+0x260/0x260 [ 2716.078446] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2716.079146] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.079862] ext4_ioc_getfsmap+0x2b0/0x620 [ 2716.080432] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2716.081032] ? find_held_lock+0x2c/0x110 [ 2716.081573] ? avc_has_extended_perms+0x675/0xf40 [ 2716.082240] ? lock_downgrade+0x6d0/0x6d0 [ 2716.082789] __ext4_ioctl+0x8ad/0x4190 [ 2716.083308] ? ext4_reset_inode_seed+0x450/0x450 [ 2716.083929] ? perf_trace_lock+0xac/0x490 [ 2716.084488] ? SOFTIRQ_verbose+0x10/0x10 [ 2716.085036] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2716.085789] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2716.086472] ? do_vfs_ioctl+0x283/0x10d0 [ 2716.087005] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2716.087691] ? generic_block_fiemap+0x60/0x60 [ 2716.088290] ? lock_downgrade+0x6d0/0x6d0 [ 2716.088838] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2716.089478] ? wait_for_completion_io+0x270/0x270 [ 2716.090118] ? selinux_file_ioctl+0xb6/0x270 [ 2716.090694] ? __ext4_ioctl+0x4190/0x4190 [ 2716.091239] __x64_sys_ioctl+0x19a/0x210 [ 2716.091773] do_syscall_64+0x33/0x40 [ 2716.096290] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2716.096964] RIP: 0033:0x7f4e27e8db19 [ 2716.097451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2716.099858] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2716.100871] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2716.101811] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2716.102742] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2716.103675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2716.104624] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:36 executing program 3: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x900000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x0, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801004070008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:36 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b22732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:36 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xff0f, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:36 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:36 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000370008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:36 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 22) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:17:36 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:36 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2c732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x0, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2716.543795] FAULT_INJECTION: forcing a failure. [ 2716.543795] name failslab, interval 1, probability 0, space 0, times 0 [ 2716.545591] CPU: 1 PID: 15077 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2716.546452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2716.547485] Call Trace: [ 2716.547821] dump_stack+0x107/0x167 [ 2716.548298] should_fail.cold+0x5/0xa [ 2716.548779] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2716.549386] should_failslab+0x5/0x20 [ 2716.549871] kmem_cache_alloc_trace+0x55/0x320 [ 2716.550445] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2716.551092] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2716.551695] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.552390] ? do_swap+0x134/0x210 [ 2716.552844] ? sort_r+0x239/0x360 [ 2716.553281] ? ext4_file_open+0xa50/0xa50 [ 2716.553807] ext4_getfsmap+0x695/0x990 [ 2716.554294] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.554964] ? ext4_fsmap_to_internal+0x260/0x260 [ 2716.555577] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2716.556259] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2716.556946] ext4_ioc_getfsmap+0x2b0/0x620 [ 2716.557481] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2716.558065] ? find_held_lock+0x2c/0x110 [ 2716.558589] ? avc_has_extended_perms+0x675/0xf40 [ 2716.559242] ? lock_downgrade+0x6d0/0x6d0 [ 2716.559769] __ext4_ioctl+0x8ad/0x4190 [ 2716.560305] ? ext4_reset_inode_seed+0x450/0x450 [ 2716.560905] ? perf_trace_lock+0xac/0x490 [ 2716.561425] ? SOFTIRQ_verbose+0x10/0x10 [ 2716.561957] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2716.562678] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2716.563328] ? do_vfs_ioctl+0x283/0x10d0 [ 2716.563834] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2716.564511] ? generic_block_fiemap+0x60/0x60 [ 2716.565088] ? lock_downgrade+0x6d0/0x6d0 [ 2716.565607] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2716.566214] ? wait_for_completion_io+0x270/0x270 [ 2716.566840] ? selinux_file_ioctl+0xb6/0x270 [ 2716.567409] ? __ext4_ioctl+0x4190/0x4190 [ 2716.567962] __x64_sys_ioctl+0x19a/0x210 [ 2716.568503] do_syscall_64+0x33/0x40 [ 2716.568975] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2716.569623] RIP: 0033:0x7f4e27e8db19 [ 2716.570097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2716.572410] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2716.573385] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2716.574303] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2716.575208] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2716.576142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2716.577043] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:36 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:36 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000570008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xc00000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:36 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2e732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:37 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x5, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:37 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:51 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2f732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:17:51 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000a, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:17:51 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 23) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:17:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:17:51 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:17:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x7, 0x0, 0x0, 0x0, r1, 0x0}]) 14:17:51 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470028400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:17:51 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x1000000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2731.059733] FAULT_INJECTION: forcing a failure. [ 2731.059733] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.061364] CPU: 0 PID: 15123 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2731.063112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2731.065337] Call Trace: [ 2731.066006] dump_stack+0x107/0x167 [ 2731.066917] should_fail.cold+0x5/0xa [ 2731.067870] ? create_object.isra.0+0x3a/0xa20 [ 2731.068835] should_failslab+0x5/0x20 [ 2731.069335] kmem_cache_alloc+0x5b/0x310 [ 2731.069870] create_object.isra.0+0x3a/0xa20 [ 2731.070443] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2731.071111] kmem_cache_alloc_trace+0x151/0x320 [ 2731.071728] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2731.072357] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2731.073073] ? do_swap+0x134/0x210 [ 2731.073541] ? sort_r+0x239/0x360 [ 2731.073998] ? ext4_file_open+0xa50/0xa50 [ 2731.074545] ext4_getfsmap+0x695/0x990 [ 2731.075055] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2731.075756] ? ext4_fsmap_to_internal+0x260/0x260 [ 2731.076388] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2731.077109] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2731.077825] ext4_ioc_getfsmap+0x2b0/0x620 [ 2731.078377] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2731.078976] ? find_held_lock+0x2c/0x110 [ 2731.079513] ? avc_has_extended_perms+0x675/0xf40 [ 2731.080179] ? lock_downgrade+0x6d0/0x6d0 [ 2731.080751] __ext4_ioctl+0x8ad/0x4190 [ 2731.081275] ? ext4_reset_inode_seed+0x450/0x450 [ 2731.081894] ? perf_trace_lock+0xac/0x490 [ 2731.082437] ? SOFTIRQ_verbose+0x10/0x10 [ 2731.082982] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2731.083731] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2731.084407] ? do_vfs_ioctl+0x283/0x10d0 [ 2731.084954] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2731.085635] ? generic_block_fiemap+0x60/0x60 [ 2731.086221] ? lock_downgrade+0x6d0/0x6d0 [ 2731.086766] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2731.087401] ? wait_for_completion_io+0x270/0x270 [ 2731.088040] ? selinux_file_ioctl+0xb6/0x270 [ 2731.088625] ? __ext4_ioctl+0x4190/0x4190 [ 2731.089173] __x64_sys_ioctl+0x19a/0x210 [ 2731.089706] do_syscall_64+0x33/0x40 [ 2731.090195] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2731.090866] RIP: 0033:0x7f4e27e8db19 [ 2731.091354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2731.093763] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2731.094756] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2731.095686] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2731.096632] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2731.097564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2731.098493] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:17:51 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:05 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2d800, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:18:05 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 24) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:18:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:05 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470038400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x8, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:05 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x1200000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:05 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b67732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:05 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) [ 2745.272285] FAULT_INJECTION: forcing a failure. [ 2745.272285] name failslab, interval 1, probability 0, space 0, times 0 [ 2745.274126] CPU: 0 PID: 15170 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2745.275096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2745.276251] Call Trace: [ 2745.276636] dump_stack+0x107/0x167 [ 2745.277169] should_fail.cold+0x5/0xa [ 2745.277714] ? create_object.isra.0+0x3a/0xa20 [ 2745.278362] should_failslab+0x5/0x20 [ 2745.278901] kmem_cache_alloc+0x5b/0x310 [ 2745.279478] create_object.isra.0+0x3a/0xa20 [ 2745.280101] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2745.280827] kmem_cache_alloc_trace+0x151/0x320 [ 2745.281515] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2745.282192] ? trace_hardirqs_on+0x5b/0x180 [ 2745.282808] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2745.283563] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2745.284336] ? do_swap+0x134/0x210 [ 2745.284847] ? sort_r+0x239/0x360 [ 2745.285361] ? ext4_file_open+0xa50/0xa50 [ 2745.285958] ext4_getfsmap+0x695/0x990 [ 2745.286514] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2745.287276] ? ext4_fsmap_to_internal+0x260/0x260 [ 2745.287964] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2745.288707] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2745.289491] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2745.290278] ext4_ioc_getfsmap+0x2b0/0x620 [ 2745.290879] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2745.291530] ? find_held_lock+0x2c/0x110 [ 2745.292117] ? avc_has_extended_perms+0x675/0xf40 [ 2745.292815] ? avc_has_extended_perms+0x135/0xf40 [ 2745.293546] ? __ext4_ioctl+0x124/0x4190 [ 2745.294131] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2745.294864] __ext4_ioctl+0x8ad/0x4190 [ 2745.295424] ? __switch_to_asm+0x34/0x60 [ 2745.296010] ? __schedule+0x82c/0x1ea0 [ 2745.296570] ? ext4_reset_inode_seed+0x450/0x450 [ 2745.297265] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2745.298018] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2745.298780] ? trace_hardirqs_on+0x5b/0x180 [ 2745.299397] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2745.300170] ? do_vfs_ioctl+0xba3/0x10d0 [ 2745.300728] ? kcov_remote_stop+0x310/0x310 [ 2745.301319] ? do_vfs_ioctl+0x283/0x10d0 [ 2745.301904] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2745.302637] ? generic_block_fiemap+0x60/0x60 [ 2745.303274] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2745.304013] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2745.304764] ? trace_hardirqs_on+0x5b/0x180 [ 2745.305395] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2745.306166] ? security_file_ioctl+0x89/0xb0 [ 2745.306782] ? security_file_ioctl+0x8c/0xb0 [ 2745.307400] ? __ext4_ioctl+0x4190/0x4190 [ 2745.307988] __x64_sys_ioctl+0x19a/0x210 [ 2745.308561] do_syscall_64+0x33/0x40 [ 2745.309087] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2745.309824] RIP: 0033:0x7f4e27e8db19 [ 2745.310354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2745.312914] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2745.313996] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2745.314999] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2745.316004] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2745.317005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2745.318024] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:18:20 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66222e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:20 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:18:20 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 25) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:18:20 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfe, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:20 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470048400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:20 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:20 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x2103000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2759.978765] FAULT_INJECTION: forcing a failure. [ 2759.978765] name failslab, interval 1, probability 0, space 0, times 0 [ 2759.982344] CPU: 1 PID: 15207 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2759.984395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2759.986899] Call Trace: [ 2759.987675] dump_stack+0x107/0x167 [ 2759.988734] should_fail.cold+0x5/0xa [ 2759.989844] ? create_object.isra.0+0x3a/0xa20 [ 2759.991177] should_failslab+0x5/0x20 [ 2759.992304] kmem_cache_alloc+0x5b/0x310 [ 2759.993521] create_object.isra.0+0x3a/0xa20 [ 2759.994830] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2759.996355] kmem_cache_alloc_trace+0x151/0x320 14:18:20 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2759.997729] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2760.006342] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2760.007014] ? do_swap+0x134/0x210 [ 2760.007459] ? sort_r+0x239/0x360 [ 2760.007893] ? ext4_file_open+0xa50/0xa50 [ 2760.008417] ext4_getfsmap+0x695/0x990 [ 2760.008904] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2760.009571] ? ext4_fsmap_to_internal+0x260/0x260 [ 2760.010923] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2760.012431] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2760.014008] ext4_ioc_getfsmap+0x2b0/0x620 [ 2760.015217] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2760.016552] ? find_held_lock+0x2c/0x110 [ 2760.017727] ? avc_has_extended_perms+0x675/0xf40 [ 2760.019169] ? lock_downgrade+0x6d0/0x6d0 [ 2760.020357] __ext4_ioctl+0x8ad/0x4190 [ 2760.021487] ? ext4_reset_inode_seed+0x450/0x450 [ 2760.022850] ? perf_trace_lock+0xac/0x490 [ 2760.024046] ? SOFTIRQ_verbose+0x10/0x10 [ 2760.025218] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2760.026892] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2760.028371] ? do_vfs_ioctl+0x283/0x10d0 [ 2760.029543] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2760.031064] ? generic_block_fiemap+0x60/0x60 [ 2760.032394] ? lock_downgrade+0x6d0/0x6d0 [ 2760.033604] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2760.035007] ? wait_for_completion_io+0x270/0x270 [ 2760.036396] ? selinux_file_ioctl+0xb6/0x270 [ 2760.037667] ? __ext4_ioctl+0x4190/0x4190 [ 2760.038864] __x64_sys_ioctl+0x19a/0x210 [ 2760.040039] do_syscall_64+0x33/0x40 [ 2760.041102] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2760.042627] RIP: 0033:0x7f4e27e8db19 [ 2760.043689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2760.049152] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2760.051376] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2760.053517] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2760.055584] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2760.057661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2760.059729] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:18:20 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x300, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:20 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x3f00000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:20 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470058400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:20 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470068400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:20 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b662c2e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:20 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470078400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b22732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:18:34 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 26) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:18:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x6400000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x500, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) [ 2774.703278] FAULT_INJECTION: forcing a failure. [ 2774.703278] name failslab, interval 1, probability 0, space 0, times 0 [ 2774.706299] CPU: 1 PID: 15269 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2774.707330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2774.708968] Call Trace: [ 2774.709658] dump_stack+0x107/0x167 [ 2774.710677] should_fail.cold+0x5/0xa [ 2774.711676] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2774.712986] should_failslab+0x5/0x20 [ 2774.714023] kmem_cache_alloc_trace+0x55/0x320 [ 2774.715437] ? ext4_bg_num_gdb+0x172/0x250 [ 2774.716531] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2774.717743] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2774.718762] ? do_swap+0x134/0x210 [ 2774.719249] ? sort_r+0x239/0x360 [ 2774.719713] ? ext4_file_open+0xa50/0xa50 [ 2774.720536] ext4_getfsmap+0x695/0x990 [ 2774.721546] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2774.723029] ? ext4_fsmap_to_internal+0x260/0x260 [ 2774.724293] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2774.725705] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2774.726784] ext4_ioc_getfsmap+0x2b0/0x620 [ 2774.727362] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2774.727979] ? find_held_lock+0x2c/0x110 [ 2774.728550] ? avc_has_extended_perms+0x675/0xf40 [ 2774.729242] ? lock_downgrade+0x6d0/0x6d0 [ 2774.729809] __ext4_ioctl+0x8ad/0x4190 [ 2774.730391] ? ext4_reset_inode_seed+0x450/0x450 [ 2774.731916] ? perf_trace_lock+0xac/0x490 [ 2774.733000] ? SOFTIRQ_verbose+0x10/0x10 [ 2774.734093] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2774.735878] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2774.737301] ? do_vfs_ioctl+0x283/0x10d0 [ 2774.738436] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2774.739825] ? generic_block_fiemap+0x60/0x60 [ 2774.741024] ? lock_downgrade+0x6d0/0x6d0 [ 2774.742147] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2774.743676] ? wait_for_completion_io+0x270/0x270 [ 2774.744970] ? selinux_file_ioctl+0xb6/0x270 [ 2774.746138] ? __ext4_ioctl+0x4190/0x4190 [ 2774.747437] __x64_sys_ioctl+0x19a/0x210 [ 2774.748502] do_syscall_64+0x33/0x40 [ 2774.749459] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2774.750955] RIP: 0033:0x7f4e27e8db19 [ 2774.751979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2774.755624] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2774.756645] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2774.757603] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2774.758930] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 14:18:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2774.760828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2774.762539] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:18:35 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470088400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:35 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x700, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:35 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x66a2000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:35 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2c732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:18:35 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:35 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 27) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:18:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2775.164493] FAULT_INJECTION: forcing a failure. [ 2775.164493] name failslab, interval 1, probability 0, space 0, times 0 [ 2775.166170] CPU: 1 PID: 15309 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2775.167055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2775.168078] Call Trace: [ 2775.168410] dump_stack+0x107/0x167 [ 2775.168863] should_fail.cold+0x5/0xa [ 2775.169338] ? create_object.isra.0+0x3a/0xa20 [ 2775.169905] should_failslab+0x5/0x20 [ 2775.170408] kmem_cache_alloc+0x5b/0x310 [ 2775.170918] ? lock_downgrade+0x6d0/0x6d0 [ 2775.171438] create_object.isra.0+0x3a/0xa20 [ 2775.171984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2775.172618] kmem_cache_alloc_trace+0x151/0x320 [ 2775.173203] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2775.173792] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2775.176231] ? do_swap+0x134/0x210 [ 2775.176678] ? sort_r+0x239/0x360 [ 2775.177244] ? ext4_file_open+0xa50/0xa50 [ 2775.177766] ext4_getfsmap+0x695/0x990 [ 2775.178381] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2775.179108] ? ext4_fsmap_to_internal+0x260/0x260 [ 2775.179805] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2775.180612] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2775.181352] ext4_ioc_getfsmap+0x2b0/0x620 [ 2775.182011] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2775.182702] ? find_held_lock+0x2c/0x110 [ 2775.183275] ? avc_has_extended_perms+0x675/0xf40 [ 2775.184041] ? lock_downgrade+0x6d0/0x6d0 [ 2775.184562] __ext4_ioctl+0x8ad/0x4190 [ 2775.185213] ? ext4_reset_inode_seed+0x450/0x450 [ 2775.185908] ? perf_trace_lock+0xac/0x490 [ 2775.186479] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2775.187290] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2775.188092] ? do_vfs_ioctl+0x283/0x10d0 [ 2775.188601] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2775.189393] ? generic_block_fiemap+0x60/0x60 [ 2775.190009] ? lock_downgrade+0x6d0/0x6d0 [ 2775.190638] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2775.191376] ? wait_for_completion_io+0x270/0x270 [ 2775.192056] ? selinux_file_ioctl+0xb6/0x270 [ 2775.192693] ? __ext4_ioctl+0x4190/0x4190 [ 2775.193278] __x64_sys_ioctl+0x19a/0x210 [ 2775.193915] do_syscall_64+0x33/0x40 [ 2775.194416] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2775.195188] RIP: 0033:0x7f4e27e8db19 [ 2775.195739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2775.198355] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2775.199408] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2775.200447] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2775.201472] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2775.202517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2775.203535] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:18:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xeffd, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:50 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 28) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:18:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:50 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x8102000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:50 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:50 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e666174000208010004700b8400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:18:50 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:50 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2e732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2789.894720] FAULT_INJECTION: forcing a failure. [ 2789.894720] name failslab, interval 1, probability 0, space 0, times 0 [ 2789.896405] CPU: 1 PID: 15323 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2789.897270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2789.898313] Call Trace: [ 2789.898652] dump_stack+0x107/0x167 [ 2789.899128] should_fail.cold+0x5/0xa [ 2789.899614] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2789.900225] should_failslab+0x5/0x20 [ 2789.900705] kmem_cache_alloc_trace+0x55/0x320 [ 2789.901281] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2789.901925] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2789.902530] ? __lockdep_reset_lock+0x180/0x180 [ 2789.903130] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2789.903805] ? do_swap+0x134/0x210 [ 2789.904253] ? sort_r+0x239/0x360 [ 2789.904690] ? ext4_file_open+0xa50/0xa50 [ 2789.905215] ext4_getfsmap+0x695/0x990 [ 2789.905705] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2789.906379] ? ext4_fsmap_to_internal+0x260/0x260 [ 2789.907011] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2789.907684] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2789.908375] ext4_ioc_getfsmap+0x2b0/0x620 [ 2789.908906] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2789.909479] ? find_held_lock+0x2c/0x110 [ 2789.909996] ? avc_has_extended_perms+0x675/0xf40 [ 2789.910637] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2789.911307] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2789.911871] ? trace_hardirqs_on+0x5b/0x180 [ 2789.912416] __ext4_ioctl+0x8ad/0x4190 [ 2789.912906] ? __switch_to_asm+0x34/0x60 [ 2789.913422] ? __schedule+0x82c/0x1ea0 [ 2789.913914] ? ext4_reset_inode_seed+0x450/0x450 [ 2789.914510] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2789.915190] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2789.915868] ? trace_hardirqs_on+0x5b/0x180 [ 2789.916412] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2789.917102] ? do_vfs_ioctl+0xb46/0x10d0 [ 2789.917613] ? do_vfs_ioctl+0xb6f/0x10d0 [ 2789.918132] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2789.918781] ? do_vfs_ioctl+0x283/0x10d0 [ 2789.919309] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2789.919968] ? generic_block_fiemap+0x60/0x60 [ 2789.920531] ? lock_downgrade+0x6d0/0x6d0 [ 2789.921060] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2789.921670] ? wait_for_completion_io+0x270/0x270 [ 2789.922283] ? selinux_file_ioctl+0xb6/0x270 [ 2789.922837] ? __ext4_ioctl+0x4190/0x4190 [ 2789.923371] __x64_sys_ioctl+0x19a/0x210 [ 2789.923886] do_syscall_64+0x33/0x40 [ 2789.924355] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2789.925003] RIP: 0033:0x7f4e27e8db19 [ 2789.925472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2789.927799] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2789.928756] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2789.929652] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2789.930547] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2789.931464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2789.932722] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:18:50 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfcfd, 0x0, 0x0, 0x0, r1, 0x0}]) 14:18:50 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xf4ffffff00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:50 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b2f732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:18:50 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:18:50 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:18:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:18:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfdef, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xf5ffffff00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:04 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66222e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfdfc, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:04 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470188400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:04 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)) 14:19:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, 0x0) 14:19:04 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:04 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 29) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2804.367644] FAULT_INJECTION: forcing a failure. [ 2804.367644] name failslab, interval 1, probability 0, space 0, times 0 [ 2804.369369] CPU: 0 PID: 15385 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2804.370278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2804.371363] Call Trace: [ 2804.371733] dump_stack+0x107/0x167 [ 2804.372217] should_fail.cold+0x5/0xa [ 2804.372725] ? create_object.isra.0+0x3a/0xa20 [ 2804.373329] should_failslab+0x5/0x20 [ 2804.373841] kmem_cache_alloc+0x5b/0x310 [ 2804.374380] create_object.isra.0+0x3a/0xa20 [ 2804.374960] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2804.375655] kmem_cache_alloc_trace+0x151/0x320 [ 2804.376338] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2804.377035] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.377812] ? do_swap+0x134/0x210 [ 2804.378330] ? sort_r+0x239/0x360 [ 2804.378830] ? ext4_file_open+0xa50/0xa50 [ 2804.379437] ext4_getfsmap+0x695/0x990 [ 2804.384028] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.384807] ? ext4_fsmap_to_internal+0x260/0x260 [ 2804.385454] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2804.386159] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.386877] ext4_ioc_getfsmap+0x2b0/0x620 [ 2804.387432] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2804.388044] ? find_held_lock+0x2c/0x110 [ 2804.388582] ? avc_has_extended_perms+0x675/0xf40 [ 2804.389254] __ext4_ioctl+0x8ad/0x4190 [ 2804.389772] ? ext4_reset_inode_seed+0x450/0x450 [ 2804.390388] ? perf_trace_lock+0xac/0x490 [ 2804.390928] ? SOFTIRQ_verbose+0x10/0x10 [ 2804.391515] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2804.392277] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2804.392959] ? do_vfs_ioctl+0x283/0x10d0 [ 2804.393491] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2804.394180] ? generic_block_fiemap+0x60/0x60 [ 2804.394771] ? lock_downgrade+0x6d0/0x6d0 [ 2804.395318] ? clockevents_program_event+0x131/0x360 [ 2804.396004] ? selinux_file_ioctl+0xb6/0x270 [ 2804.396586] ? __ext4_ioctl+0x4190/0x4190 [ 2804.397132] __x64_sys_ioctl+0x19a/0x210 [ 2804.397671] do_syscall_64+0x33/0x40 [ 2804.398161] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2804.398834] RIP: 0033:0x7f4e27e8db19 [ 2804.399327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2804.405772] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2804.406770] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2804.407718] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2804.408653] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2804.409587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2804.410524] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:04 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)) 14:19:04 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b662c2e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfdfe, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, 0x0) 14:19:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfbffffff00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:04 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:04 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)) 14:19:04 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 30) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2804.667632] FAULT_INJECTION: forcing a failure. [ 2804.667632] name failslab, interval 1, probability 0, space 0, times 0 [ 2804.669189] CPU: 0 PID: 15429 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2804.670086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 14:19:04 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), 0x0) [ 2804.671187] Call Trace: [ 2804.679594] dump_stack+0x107/0x167 [ 2804.680075] should_fail.cold+0x5/0xa [ 2804.680583] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 2804.681216] should_failslab+0x5/0x20 [ 2804.681715] kmem_cache_alloc_trace+0x55/0x320 [ 2804.682308] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2804.682973] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2804.683615] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.684314] ? do_swap+0x134/0x210 [ 2804.684783] ? sort_r+0x239/0x360 [ 2804.685236] ? ext4_file_open+0xa50/0xa50 [ 2804.685781] ext4_getfsmap+0x695/0x990 [ 2804.686289] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.686989] ? ext4_fsmap_to_internal+0x260/0x260 [ 2804.687634] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2804.688331] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2804.689046] ext4_ioc_getfsmap+0x2b0/0x620 [ 2804.689597] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2804.690196] ? find_held_lock+0x2c/0x110 [ 2804.690733] ? avc_has_extended_perms+0x675/0xf40 [ 2804.691397] ? lock_downgrade+0x6d0/0x6d0 [ 2804.691954] __ext4_ioctl+0x8ad/0x4190 [ 2804.692470] ? ext4_reset_inode_seed+0x450/0x450 [ 2804.693089] ? perf_trace_lock+0xac/0x490 [ 2804.693629] ? SOFTIRQ_verbose+0x10/0x10 [ 2804.694174] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2804.694925] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2804.695610] ? do_vfs_ioctl+0x283/0x10d0 [ 2804.696141] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2804.696826] ? generic_block_fiemap+0x60/0x60 [ 2804.697409] ? lock_downgrade+0x6d0/0x6d0 [ 2804.697954] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2804.698587] ? wait_for_completion_io+0x270/0x270 [ 2804.699224] ? selinux_file_ioctl+0xb6/0x270 [ 2804.703831] ? __ext4_ioctl+0x4190/0x4190 [ 2804.704374] __x64_sys_ioctl+0x19a/0x210 [ 2804.704907] do_syscall_64+0x33/0x40 [ 2804.705398] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2804.706064] RIP: 0033:0x7f4e27e8db19 [ 2804.706549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2804.708952] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2804.709940] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2804.710866] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2804.711807] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2804.712733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2804.713660] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:04 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xfeffffff00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:18 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfe00, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:18 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e666174000208010004701c8400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:18 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 31) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:19:18 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xff01000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:18 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, 0x0) 14:19:18 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:18 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:18 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), 0x0) [ 2818.543787] FAULT_INJECTION: forcing a failure. [ 2818.543787] name failslab, interval 1, probability 0, space 0, times 0 [ 2818.545520] CPU: 1 PID: 15454 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2818.546382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2818.547412] Call Trace: [ 2818.547748] dump_stack+0x107/0x167 [ 2818.548228] should_fail.cold+0x5/0xa [ 2818.548710] ? create_object.isra.0+0x3a/0xa20 [ 2818.549281] should_failslab+0x5/0x20 [ 2818.549756] kmem_cache_alloc+0x5b/0x310 [ 2818.550264] create_object.isra.0+0x3a/0xa20 [ 2818.550810] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2818.551445] kmem_cache_alloc_trace+0x151/0x320 [ 2818.552038] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2818.552631] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2818.553295] ? do_swap+0x134/0x210 [ 2818.553741] ? sort_r+0x239/0x360 [ 2818.554171] ? ext4_file_open+0xa50/0xa50 [ 2818.554692] ext4_getfsmap+0x695/0x990 [ 2818.555175] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2818.555838] ? ext4_fsmap_to_internal+0x260/0x260 [ 2818.556448] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2818.557111] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2818.557790] ext4_ioc_getfsmap+0x2b0/0x620 [ 2818.558313] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2818.558879] ? find_held_lock+0x2c/0x110 [ 2818.559389] ? avc_has_extended_perms+0x675/0xf40 [ 2818.560032] ? lock_downgrade+0x6d0/0x6d0 [ 2818.560558] __ext4_ioctl+0x8ad/0x4190 [ 2818.561048] ? ext4_reset_inode_seed+0x450/0x450 [ 2818.561633] ? perf_trace_lock+0xac/0x490 [ 2818.562145] ? SOFTIRQ_verbose+0x10/0x10 [ 2818.562661] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2818.563373] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2818.564033] ? do_vfs_ioctl+0x283/0x10d0 [ 2818.564544] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2818.565193] ? generic_block_fiemap+0x60/0x60 [ 2818.565748] ? lock_downgrade+0x6d0/0x6d0 [ 2818.566266] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2818.566870] ? wait_for_completion_io+0x270/0x270 [ 2818.567477] ? selinux_file_ioctl+0xb6/0x270 [ 2818.572051] ? __ext4_ioctl+0x4190/0x4190 [ 2818.572570] __x64_sys_ioctl+0x19a/0x210 [ 2818.573079] do_syscall_64+0x33/0x40 [ 2818.573543] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2818.574181] RIP: 0033:0x7f4e27e8db19 [ 2818.574645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2818.576932] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2818.577875] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2818.578762] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2818.579648] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2818.580548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2818.581434] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:18 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, &(0x7f0000000800)) 14:19:18 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfefd, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:32 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), 0x0) 14:19:32 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470668400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfeffff, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:32 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:32 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:32 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, &(0x7f0000000800)) 14:19:32 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 32) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2832.562276] FAULT_INJECTION: forcing a failure. [ 2832.562276] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.564171] CPU: 1 PID: 15508 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2832.565104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.566180] Call Trace: [ 2832.566524] dump_stack+0x107/0x167 [ 2832.567002] should_fail.cold+0x5/0xa [ 2832.567507] ? ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2832.568167] should_failslab+0x5/0x20 [ 2832.568704] kmem_cache_alloc_trace+0x55/0x320 [ 2832.576316] ? ext4_get_group_desc+0x2a0/0x560 [ 2832.576970] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2832.577618] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.584845] ? do_swap+0x134/0x210 [ 2832.585339] ? sort_r+0x239/0x360 [ 2832.585825] ? ext4_file_open+0xa50/0xa50 [ 2832.586410] ext4_getfsmap+0x695/0x990 [ 2832.586949] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.587679] ? ext4_fsmap_to_internal+0x260/0x260 [ 2832.588355] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2832.589107] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.589865] ext4_ioc_getfsmap+0x2b0/0x620 [ 2832.590454] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2832.591083] ? find_held_lock+0x2c/0x110 [ 2832.591667] ? avc_has_extended_perms+0x675/0xf40 [ 2832.592376] ? lock_downgrade+0x6d0/0x6d0 [ 2832.592979] __ext4_ioctl+0x8ad/0x4190 [ 2832.593534] ? ext4_reset_inode_seed+0x450/0x450 [ 2832.594190] ? perf_trace_lock+0xac/0x490 [ 2832.594765] ? SOFTIRQ_verbose+0x10/0x10 [ 2832.595347] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2832.596152] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2832.596878] ? do_vfs_ioctl+0x283/0x10d0 [ 2832.597442] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2832.598161] ? generic_block_fiemap+0x60/0x60 [ 2832.598772] ? lock_downgrade+0x6d0/0x6d0 [ 2832.599363] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2832.600042] ? wait_for_completion_io+0x270/0x270 [ 2832.600740] ? selinux_file_ioctl+0xb6/0x270 [ 2832.601363] ? __ext4_ioctl+0x4190/0x4190 [ 2832.601935] __x64_sys_ioctl+0x19a/0x210 [ 2832.602479] do_syscall_64+0x33/0x40 [ 2832.602981] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2832.603662] RIP: 0033:0x7f4e27e8db19 [ 2832.604160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.606634] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2832.607667] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2832.608666] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2832.609790] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.610975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.612074] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xff01000000000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x0, &(0x7f0000000800)) 14:19:33 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[0x0]) 14:19:33 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:33 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0xffffffff00000000, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x1000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:33 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 33) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2832.936668] FAULT_INJECTION: forcing a failure. [ 2832.936668] name failslab, interval 1, probability 0, space 0, times 0 [ 2832.938522] CPU: 0 PID: 15542 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2832.939496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2832.940644] Call Trace: [ 2832.941023] dump_stack+0x107/0x167 [ 2832.941537] should_fail.cold+0x5/0xa [ 2832.942084] ? create_object.isra.0+0x3a/0xa20 [ 2832.942732] should_failslab+0x5/0x20 [ 2832.943264] kmem_cache_alloc+0x5b/0x310 [ 2832.943829] ? lock_downgrade+0x6d0/0x6d0 [ 2832.944413] create_object.isra.0+0x3a/0xa20 [ 2832.945059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2832.945776] kmem_cache_alloc_trace+0x151/0x320 [ 2832.946436] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2832.947109] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.947867] ? do_swap+0x134/0x210 [ 2832.948375] ? sort_r+0x239/0x360 [ 2832.948886] ? ext4_file_open+0xa50/0xa50 [ 2832.949472] ext4_getfsmap+0x695/0x990 [ 2832.950023] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.950782] ? ext4_fsmap_to_internal+0x260/0x260 [ 2832.951463] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2832.952216] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2832.953022] ext4_ioc_getfsmap+0x2b0/0x620 [ 2832.953624] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2832.954269] ? find_held_lock+0x2c/0x110 [ 2832.954847] ? avc_has_extended_perms+0x675/0xf40 [ 2832.955575] ? lock_downgrade+0x6d0/0x6d0 [ 2832.956166] __ext4_ioctl+0x8ad/0x4190 [ 2832.956748] ? ext4_reset_inode_seed+0x450/0x450 [ 2832.957419] ? perf_trace_lock+0xac/0x490 [ 2832.958022] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2832.958833] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2832.959560] ? do_vfs_ioctl+0x283/0x10d0 [ 2832.960144] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2832.960919] ? generic_block_fiemap+0x60/0x60 [ 2832.961546] ? lock_downgrade+0x6d0/0x6d0 [ 2832.962147] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2832.962827] ? wait_for_completion_io+0x270/0x270 [ 2832.963532] ? selinux_file_ioctl+0xb6/0x270 [ 2832.964179] ? __ext4_ioctl+0x4190/0x4190 [ 2832.965014] __x64_sys_ioctl+0x19a/0x210 [ 2832.966470] do_syscall_64+0x33/0x40 [ 2832.967751] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2832.969570] RIP: 0033:0x7f4e27e8db19 [ 2832.970826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2832.977295] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2832.979937] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2832.981345] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2832.982355] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2832.983360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2832.984362] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008402f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:47 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 34) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:19:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[0x0]) 14:19:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:47 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2847.004845] FAULT_INJECTION: forcing a failure. [ 2847.004845] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.011107] CPU: 0 PID: 15559 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2847.012007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2847.013085] Call Trace: [ 2847.013472] dump_stack+0x107/0x167 [ 2847.013972] should_fail.cold+0x5/0xa [ 2847.014502] ? create_object.isra.0+0x3a/0xa20 [ 2847.015120] should_failslab+0x5/0x20 [ 2847.015620] kmem_cache_alloc+0x5b/0x310 [ 2847.016153] ? lock_downgrade+0x6d0/0x6d0 [ 2847.016698] create_object.isra.0+0x3a/0xa20 [ 2847.017287] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2847.017954] kmem_cache_alloc_trace+0x151/0x320 [ 2847.018568] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 2847.019189] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.019896] ? do_swap+0x134/0x210 [ 2847.020359] ? sort_r+0x239/0x360 [ 2847.020813] ? ext4_file_open+0xa50/0xa50 [ 2847.021393] ext4_getfsmap+0x695/0x990 [ 2847.021922] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.022653] ? ext4_fsmap_to_internal+0x260/0x260 [ 2847.023288] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2847.023986] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.024698] ext4_ioc_getfsmap+0x2b0/0x620 [ 2847.025264] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2847.025860] ? find_held_lock+0x2c/0x110 [ 2847.026398] ? avc_has_extended_perms+0x675/0xf40 [ 2847.027059] ? lock_downgrade+0x6d0/0x6d0 [ 2847.027606] __ext4_ioctl+0x8ad/0x4190 [ 2847.028121] ? ext4_reset_inode_seed+0x450/0x450 [ 2847.028741] ? perf_trace_lock+0xac/0x490 [ 2847.033331] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2847.034083] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2847.034759] ? do_vfs_ioctl+0x283/0x10d0 [ 2847.035291] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2847.035974] ? generic_block_fiemap+0x60/0x60 [ 2847.036558] ? lock_downgrade+0x6d0/0x6d0 [ 2847.037120] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2847.037795] ? wait_for_completion_io+0x270/0x270 [ 2847.038463] ? selinux_file_ioctl+0xb6/0x270 [ 2847.039055] ? __ext4_ioctl+0x4190/0x4190 [ 2847.039601] __x64_sys_ioctl+0x19a/0x210 [ 2847.040135] do_syscall_64+0x33/0x40 [ 2847.040621] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2847.041308] RIP: 0033:0x7f4e27e8db19 [ 2847.041795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2847.044196] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2847.045222] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2847.046185] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2847.047134] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2847.048072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2847.049003] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:47 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) 14:19:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008403f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[0x0]) 14:19:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 35) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:19:47 executing program 3: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x10, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:47 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008404f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:47 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2847.353847] FAULT_INJECTION: forcing a failure. [ 2847.353847] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.355525] CPU: 0 PID: 15602 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2847.356423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2847.357535] Call Trace: [ 2847.357893] dump_stack+0x107/0x167 [ 2847.358372] should_fail.cold+0x5/0xa [ 2847.358877] ? create_object.isra.0+0x3a/0xa20 [ 2847.359479] should_failslab+0x5/0x20 [ 2847.359983] kmem_cache_alloc+0x5b/0x310 [ 2847.360519] create_object.isra.0+0x3a/0xa20 [ 2847.361098] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2847.361794] kmem_cache_alloc_trace+0x151/0x320 [ 2847.362413] ext4_getfsmap_datadev+0x86d/0x25d0 [ 2847.363038] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.363747] ? do_swap+0x134/0x210 [ 2847.364215] ? sort_r+0x239/0x360 [ 2847.364671] ? ext4_file_open+0xa50/0xa50 [ 2847.365229] ext4_getfsmap+0x695/0x990 [ 2847.366539] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.368175] ? ext4_fsmap_to_internal+0x260/0x260 [ 2847.369372] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2847.370073] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2847.370796] ext4_ioc_getfsmap+0x2b0/0x620 [ 2847.371353] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2847.371956] ? find_held_lock+0x2c/0x110 [ 2847.372497] ? avc_has_extended_perms+0x675/0xf40 [ 2847.373209] ? lock_downgrade+0x6d0/0x6d0 [ 2847.374488] __ext4_ioctl+0x8ad/0x4190 [ 2847.375674] ? ext4_reset_inode_seed+0x450/0x450 [ 2847.377091] ? perf_trace_lock+0xac/0x490 [ 2847.378395] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2847.380143] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2847.381738] ? do_vfs_ioctl+0x283/0x10d0 [ 2847.382966] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2847.384553] ? generic_block_fiemap+0x60/0x60 [ 2847.385926] ? lock_downgrade+0x6d0/0x6d0 [ 2847.387190] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2847.388668] ? wait_for_completion_io+0x270/0x270 [ 2847.390145] ? selinux_file_ioctl+0xb6/0x270 [ 2847.391482] ? __ext4_ioctl+0x4190/0x4190 [ 2847.392752] __x64_sys_ioctl+0x19a/0x210 [ 2847.393519] do_syscall_64+0x33/0x40 [ 2847.394012] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2847.394684] RIP: 0033:0x7f4e27e8db19 [ 2847.395174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2847.397670] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2847.398671] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2847.399603] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2847.400546] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2847.401551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2847.402488] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:19:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 1) 14:19:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x4000000, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2847.484741] FAULT_INJECTION: forcing a failure. [ 2847.484741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2847.488098] CPU: 1 PID: 15621 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2847.489902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2847.492021] Call Trace: [ 2847.492675] dump_stack+0x107/0x167 [ 2847.493643] should_fail.cold+0x5/0xa [ 2847.494621] _copy_from_user+0x2e/0x1b0 [ 2847.495635] io_uring_setup+0x9b/0x2980 [ 2847.496636] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2847.497887] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2847.499171] ? wait_for_completion_io+0x270/0x270 [ 2847.500400] ? rcu_read_lock_any_held+0x75/0xa0 [ 2847.501603] ? vfs_write+0x354/0xb10 [ 2847.502549] ? fput_many+0x2f/0x1a0 [ 2847.503473] ? ksys_write+0x1a9/0x260 [ 2847.504437] ? __ia32_sys_read+0xb0/0xb0 [ 2847.505335] do_syscall_64+0x33/0x40 [ 2847.505807] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2847.506455] RIP: 0033:0x7f214574ab19 [ 2847.506933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2847.509436] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2847.511292] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2847.513034] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2847.514823] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2847.516547] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2847.518591] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:19:47 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 2) 14:19:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008405f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:19:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:19:47 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:19:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x5000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:19:47 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:19:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x5, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2847.690504] FAULT_INJECTION: forcing a failure. [ 2847.690504] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.692053] CPU: 1 PID: 15638 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2847.692966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2847.694062] Call Trace: [ 2847.694430] dump_stack+0x107/0x167 [ 2847.694891] should_fail.cold+0x5/0xa [ 2847.695372] ? io_uring_setup+0x258/0x2980 [ 2847.695904] should_failslab+0x5/0x20 [ 2847.696382] kmem_cache_alloc_trace+0x55/0x320 [ 2847.696961] io_uring_setup+0x258/0x2980 [ 2847.697516] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2847.698127] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2847.698760] ? wait_for_completion_io+0x270/0x270 [ 2847.699410] do_syscall_64+0x33/0x40 [ 2847.699879] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2847.700520] RIP: 0033:0x7f214574ab19 [ 2847.700988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2847.703305] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2847.704259] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2847.705178] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2847.706084] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2847.706978] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2847.707868] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:02 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 36) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:20:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:02 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730f66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:20:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x7000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:20:02 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 3) 14:20:02 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x6, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008406f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2862.219844] FAULT_INJECTION: forcing a failure. [ 2862.219844] name failslab, interval 1, probability 0, space 0, times 0 [ 2862.221670] CPU: 0 PID: 15671 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2862.222640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2862.222783] FAULT_INJECTION: forcing a failure. [ 2862.222783] name failslab, interval 1, probability 0, space 0, times 0 [ 2862.223730] Call Trace: [ 2862.223753] dump_stack+0x107/0x167 [ 2862.223771] should_fail.cold+0x5/0xa [ 2862.223790] ? ext4_getfsmap_datadev+0xabb/0x25d0 [ 2862.223810] should_failslab+0x5/0x20 [ 2862.227575] kmem_cache_alloc_trace+0x55/0x320 [ 2862.228178] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2862.228848] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2862.229479] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2862.230198] ? do_swap+0x134/0x210 [ 2862.230667] ? sort_r+0x239/0x360 [ 2862.231124] ? ext4_file_open+0xa50/0xa50 [ 2862.231672] ext4_getfsmap+0x695/0x990 [ 2862.232186] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2862.232892] ? ext4_fsmap_to_internal+0x260/0x260 [ 2862.233527] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2862.234246] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2862.234966] ext4_ioc_getfsmap+0x2b0/0x620 [ 2862.235526] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2862.236128] ? find_held_lock+0x2c/0x110 [ 2862.236670] ? avc_has_extended_perms+0x675/0xf40 [ 2862.237340] ? lock_downgrade+0x6d0/0x6d0 [ 2862.237909] __ext4_ioctl+0x8ad/0x4190 [ 2862.238430] ? ext4_reset_inode_seed+0x450/0x450 [ 2862.239054] ? perf_trace_lock+0xac/0x490 [ 2862.239617] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2862.240371] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2862.241052] ? do_vfs_ioctl+0x283/0x10d0 [ 2862.241585] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2862.242295] ? generic_block_fiemap+0x60/0x60 [ 2862.242885] ? lock_downgrade+0x6d0/0x6d0 [ 2862.243432] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2862.244068] ? wait_for_completion_io+0x270/0x270 [ 2862.244751] ? selinux_file_ioctl+0xb6/0x270 [ 2862.245331] ? __ext4_ioctl+0x4190/0x4190 [ 2862.245894] __x64_sys_ioctl+0x19a/0x210 [ 2862.246429] do_syscall_64+0x33/0x40 [ 2862.246919] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2862.247591] RIP: 0033:0x7f4e27e8db19 [ 2862.248082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2862.250502] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2862.251502] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2862.252436] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2862.253371] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2862.254323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2862.255260] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2862.256217] CPU: 1 PID: 15674 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2862.257148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2862.258236] Call Trace: [ 2862.258596] dump_stack+0x107/0x167 [ 2862.259095] should_fail.cold+0x5/0xa [ 2862.259613] ? create_object.isra.0+0x3a/0xa20 [ 2862.260234] should_failslab+0x5/0x20 [ 2862.260748] kmem_cache_alloc+0x5b/0x310 [ 2862.261311] create_object.isra.0+0x3a/0xa20 [ 2862.261920] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2862.262615] kmem_cache_alloc_trace+0x151/0x320 [ 2862.263253] io_uring_setup+0x258/0x2980 [ 2862.263776] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2862.264388] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2862.265019] ? wait_for_completion_io+0x270/0x270 [ 2862.265666] do_syscall_64+0x33/0x40 [ 2862.266152] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2862.266787] RIP: 0033:0x7f214574ab19 [ 2862.267254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2862.269507] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2862.270468] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2862.271352] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2862.272236] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2862.273126] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2862.274024] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x8000000, 0x0, 0x0, 0x0, r1, 0x0}]) 14:20:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008407f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:02 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 4) 14:20:02 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:02 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731066617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2862.508452] FAULT_INJECTION: forcing a failure. [ 2862.508452] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2862.510081] CPU: 1 PID: 15696 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2862.510949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2862.511981] Call Trace: [ 2862.512319] dump_stack+0x107/0x167 [ 2862.512782] should_fail.cold+0x5/0xa [ 2862.513271] __alloc_pages_nodemask+0x182/0x600 [ 2862.513876] ? lock_release+0x680/0x680 [ 2862.514377] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2862.515138] ? lock_downgrade+0x6d0/0x6d0 [ 2862.515673] alloc_pages_current+0x187/0x280 [ 2862.516238] kmalloc_order+0x35/0x160 [ 2862.516728] kmalloc_order_trace+0x14/0xa0 [ 2862.517268] io_uring_setup+0x33c/0x2980 [ 2862.517799] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2862.518417] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2862.519058] ? wait_for_completion_io+0x270/0x270 [ 2862.519710] do_syscall_64+0x33/0x40 [ 2862.520182] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2862.520835] RIP: 0033:0x7f214574ab19 [ 2862.521307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2862.523633] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2862.524593] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2862.525489] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2862.526402] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2862.527303] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2862.528197] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x7, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:02 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008408f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:17 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 37) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:20:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:17 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:17 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731166617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:20:17 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 5) 14:20:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xeffdffff, 0x0, 0x0, 0x0, r1, 0x0}]) 14:20:17 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x8, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:17 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740002080100047000840bf801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2877.339829] FAULT_INJECTION: forcing a failure. [ 2877.339829] name failslab, interval 1, probability 0, space 0, times 0 [ 2877.341404] CPU: 0 PID: 15739 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2877.342314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2877.343544] Call Trace: [ 2877.343937] dump_stack+0x107/0x167 [ 2877.344480] should_fail.cold+0x5/0xa [ 2877.345051] ? create_object.isra.0+0x3a/0xa20 [ 2877.345731] should_failslab+0x5/0x20 [ 2877.346308] kmem_cache_alloc+0x5b/0x310 [ 2877.346846] create_object.isra.0+0x3a/0xa20 [ 2877.347421] ? kasan_unpoison_shadow+0x33/0x50 [ 2877.348023] kmalloc_order+0xfe/0x160 [ 2877.348527] kmalloc_order_trace+0x14/0xa0 [ 2877.349086] io_uring_setup+0x33c/0x2980 [ 2877.349624] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2877.350258] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2877.350942] ? wait_for_completion_io+0x270/0x270 [ 2877.351593] do_syscall_64+0x33/0x40 [ 2877.352080] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2877.352750] RIP: 0033:0x7f214574ab19 [ 2877.353238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2877.359667] RSP: 002b:00007f2142c9f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2877.360661] RAX: ffffffffffffffda RBX: 00007f214585e020 RCX: 00007f214574ab19 [ 2877.361593] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2877.362545] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2877.363477] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2877.364407] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:17 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008418f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:17 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 6) [ 2877.433224] FAULT_INJECTION: forcing a failure. [ 2877.433224] name failslab, interval 1, probability 0, space 0, times 0 [ 2877.435065] CPU: 0 PID: 15746 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2877.435974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2877.437065] Call Trace: [ 2877.437416] dump_stack+0x107/0x167 [ 2877.437894] should_fail.cold+0x5/0xa [ 2877.438413] ? create_object.isra.0+0x3a/0xa20 [ 2877.439014] should_failslab+0x5/0x20 [ 2877.439514] kmem_cache_alloc+0x5b/0x310 [ 2877.440050] create_object.isra.0+0x3a/0xa20 [ 2877.440624] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2877.441294] kmem_cache_alloc_trace+0x151/0x320 [ 2877.441911] ext4_getfsmap_datadev+0xabb/0x25d0 [ 2877.442547] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2877.443248] ? do_swap+0x134/0x210 [ 2877.443719] ? sort_r+0x239/0x360 [ 2877.444180] ? ext4_file_open+0xa50/0xa50 [ 2877.444729] ext4_getfsmap+0x695/0x990 [ 2877.445241] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2877.445946] ? ext4_fsmap_to_internal+0x260/0x260 [ 2877.446593] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2877.447291] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2877.448007] ext4_ioc_getfsmap+0x2b0/0x620 [ 2877.448563] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2877.449164] ? find_held_lock+0x2c/0x110 [ 2877.449704] ? avc_has_extended_perms+0x675/0xf40 [ 2877.450395] ? __ext4_ioctl+0x124/0x4190 [ 2877.450929] __ext4_ioctl+0x8ad/0x4190 [ 2877.451450] ? ext4_reset_inode_seed+0x450/0x450 [ 2877.452072] ? perf_trace_lock+0xac/0x490 [ 2877.452630] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2877.453385] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2877.454061] ? do_vfs_ioctl+0x283/0x10d0 [ 2877.455201] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2877.456843] ? generic_block_fiemap+0x60/0x60 [ 2877.458179] ? lock_downgrade+0x6d0/0x6d0 [ 2877.459320] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2877.460578] ? wait_for_completion_io+0x270/0x270 [ 2877.461825] ? selinux_file_ioctl+0xb6/0x270 [ 2877.462994] ? __ext4_ioctl+0x4190/0x4190 [ 2877.464075] __x64_sys_ioctl+0x19a/0x210 [ 2877.465131] do_syscall_64+0x33/0x40 [ 2877.466074] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2877.467444] RIP: 0033:0x7f4e27e8db19 [ 2877.468406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2877.473273] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2877.475267] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2877.477127] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2877.479006] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2877.480869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2877.482756] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:20:17 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:17 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2877.575475] FAULT_INJECTION: forcing a failure. [ 2877.575475] name failslab, interval 1, probability 0, space 0, times 0 [ 2877.577147] CPU: 0 PID: 15760 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2877.578095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2877.583203] Call Trace: [ 2877.583559] dump_stack+0x107/0x167 [ 2877.584043] should_fail.cold+0x5/0xa [ 2877.584549] ? io_uring_setup+0x40b/0x2980 [ 2877.585110] should_failslab+0x5/0x20 [ 2877.585613] kmem_cache_alloc_trace+0x55/0x320 [ 2877.586224] io_uring_setup+0x40b/0x2980 [ 2877.586799] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2877.587454] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2877.588119] ? wait_for_completion_io+0x270/0x270 [ 2877.588795] do_syscall_64+0x33/0x40 [ 2877.589286] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2877.589976] RIP: 0033:0x7f214574ab19 [ 2877.590493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2877.592916] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 14:20:17 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x9, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 2877.594197] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2877.595151] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2877.596092] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2877.597027] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2877.597968] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:17 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740002080100047000841cf801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:17 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 7) [ 2877.718759] FAULT_INJECTION: forcing a failure. [ 2877.718759] name failslab, interval 1, probability 0, space 0, times 0 [ 2877.720484] CPU: 0 PID: 15779 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2877.721485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2877.722793] Call Trace: [ 2877.723148] dump_stack+0x107/0x167 [ 2877.723671] should_fail.cold+0x5/0xa [ 2877.724178] ? create_object.isra.0+0x3a/0xa20 [ 2877.724782] should_failslab+0x5/0x20 [ 2877.725288] kmem_cache_alloc+0x5b/0x310 [ 2877.725828] ? asm_sysvec_call_function_single+0x12/0x20 [ 2877.730087] ? trace_hardirqs_on+0x5b/0x180 [ 2877.730731] create_object.isra.0+0x3a/0xa20 [ 2877.731305] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2877.732023] kmem_cache_alloc_trace+0x151/0x320 [ 2877.732637] ? io_uring_setup+0x39a/0x2980 [ 2877.733209] io_uring_setup+0x40b/0x2980 [ 2877.733755] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2877.734595] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2877.735261] ? wait_for_completion_io+0x270/0x270 [ 2877.735947] do_syscall_64+0x33/0x40 [ 2877.736441] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2877.737116] RIP: 0033:0x7f214574ab19 [ 2877.737607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2877.740249] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2877.741247] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2877.742192] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2877.746683] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2877.747631] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2877.748569] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2892.176932] FAULT_INJECTION: forcing a failure. [ 2892.176932] name failslab, interval 1, probability 0, space 0, times 0 14:20:32 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 38) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:20:32 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) 14:20:32 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfcfdffff, 0x0, 0x0, 0x0, r1, 0x0}]) 14:20:32 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:20:32 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xc, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:32 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008466f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2892.178366] CPU: 1 PID: 15791 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2892.183264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2892.184293] Call Trace: [ 2892.184632] dump_stack+0x107/0x167 [ 2892.185093] should_fail.cold+0x5/0xa [ 2892.185576] ? create_object.isra.0+0x3a/0xa20 [ 2892.186151] should_failslab+0x5/0x20 [ 2892.186628] kmem_cache_alloc+0x5b/0x310 [ 2892.187168] create_object.isra.0+0x3a/0xa20 [ 2892.187733] kmemleak_alloc_percpu+0xa0/0x100 [ 2892.188304] pcpu_alloc+0x4e2/0x1240 [ 2892.188798] ? io_tctx_exit_cb+0xf0/0xf0 [ 2892.189311] percpu_ref_init+0x31/0x3d0 [ 2892.189822] io_uring_setup+0x47a/0x2980 [ 2892.190339] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2892.190968] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2892.191610] ? wait_for_completion_io+0x270/0x270 [ 2892.192263] do_syscall_64+0x33/0x40 [ 2892.192734] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2892.193379] RIP: 0033:0x7f214574ab19 [ 2892.193851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2892.196172] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2892.197130] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2892.198021] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2892.198926] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2892.199824] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2892.200717] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2892.222817] FAULT_INJECTION: forcing a failure. [ 2892.222817] name failslab, interval 1, probability 0, space 0, times 0 [ 2892.224507] CPU: 0 PID: 15793 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2892.225407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2892.226493] Call Trace: [ 2892.226856] dump_stack+0x107/0x167 [ 2892.227373] should_fail.cold+0x5/0xa [ 2892.227883] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2892.228519] should_failslab+0x5/0x20 [ 2892.229024] kmem_cache_alloc_trace+0x55/0x320 [ 2892.229622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2892.230294] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2892.230944] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2892.231650] ? do_swap+0x134/0x210 [ 2892.232117] ? sort_r+0x239/0x360 [ 2892.232569] ? ext4_file_open+0xa50/0xa50 [ 2892.233115] ext4_getfsmap+0x695/0x990 [ 2892.233626] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2892.234323] ? ext4_fsmap_to_internal+0x260/0x260 [ 2892.234972] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2892.235671] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2892.236387] ext4_ioc_getfsmap+0x2b0/0x620 [ 2892.236938] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2892.237538] ? find_held_lock+0x2c/0x110 [ 2892.238076] ? avc_has_extended_perms+0x675/0xf40 [ 2892.238745] ? lock_downgrade+0x6d0/0x6d0 [ 2892.239304] __ext4_ioctl+0x8ad/0x4190 [ 2892.239824] ? ext4_reset_inode_seed+0x450/0x450 [ 2892.240443] ? perf_trace_lock+0xac/0x490 [ 2892.240984] ? SOFTIRQ_verbose+0x10/0x10 [ 2892.241529] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2892.242280] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2892.242968] ? do_vfs_ioctl+0x283/0x10d0 [ 2892.243497] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2892.244181] ? generic_block_fiemap+0x60/0x60 [ 2892.244766] ? lock_downgrade+0x6d0/0x6d0 [ 2892.245312] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2892.245945] ? wait_for_completion_io+0x270/0x270 [ 2892.246617] ? selinux_file_ioctl+0xb6/0x270 [ 2892.247229] ? __ext4_ioctl+0x4190/0x4190 [ 2892.247776] __x64_sys_ioctl+0x19a/0x210 [ 2892.248338] do_syscall_64+0x33/0x40 [ 2892.248872] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2892.249610] RIP: 0033:0x7f4e27e8db19 [ 2892.250143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2892.252832] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2892.253955] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2892.255014] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2892.256067] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2892.257124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2892.258182] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:20:32 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:32 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) 14:20:32 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x10, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x8000}]) 14:20:32 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:20:32 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f802", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfefdffff, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2892.451252] FAULT_INJECTION: forcing a failure. [ 2892.451252] name failslab, interval 1, probability 0, space 0, times 0 [ 2892.452811] CPU: 0 PID: 15831 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2892.453713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2892.454792] Call Trace: [ 2892.455477] dump_stack+0x107/0x167 [ 2892.456370] should_fail.cold+0x5/0xa [ 2892.457306] ? create_object.isra.0+0x3a/0xa20 [ 2892.458515] should_failslab+0x5/0x20 [ 2892.459519] kmem_cache_alloc+0x5b/0x310 [ 2892.460587] create_object.isra.0+0x3a/0xa20 [ 2892.461730] kmemleak_alloc_percpu+0xa0/0x100 [ 2892.462882] pcpu_alloc+0x4e2/0x1240 [ 2892.463906] ? io_tctx_exit_cb+0xf0/0xf0 [ 2892.464964] percpu_ref_init+0x31/0x3d0 [ 2892.465998] io_uring_setup+0x47a/0x2980 [ 2892.467070] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2892.468292] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2892.469560] ? wait_for_completion_io+0x270/0x270 [ 2892.470818] do_syscall_64+0x33/0x40 [ 2892.471372] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2892.472049] RIP: 0033:0x7f214574ab19 [ 2892.472541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2892.475158] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2892.477140] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2892.479005] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2892.480757] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2892.482508] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2892.484507] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:32 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) [ 2892.572683] FAULT_INJECTION: forcing a failure. [ 2892.572683] name failslab, interval 1, probability 0, space 0, times 0 [ 2892.574177] CPU: 1 PID: 15843 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2892.575082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2892.576106] Call Trace: [ 2892.576443] dump_stack+0x107/0x167 [ 2892.576903] should_fail.cold+0x5/0xa [ 2892.577383] ? percpu_ref_init+0xd8/0x3d0 [ 2892.577906] should_failslab+0x5/0x20 [ 2892.578381] kmem_cache_alloc_trace+0x55/0x320 [ 2892.578979] ? io_tctx_exit_cb+0xf0/0xf0 [ 2892.579492] percpu_ref_init+0xd8/0x3d0 [ 2892.580000] io_uring_setup+0x47a/0x2980 [ 2892.580518] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2892.581129] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2892.581763] ? wait_for_completion_io+0x270/0x270 [ 2892.582417] do_syscall_64+0x33/0x40 [ 2892.582894] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2892.583557] RIP: 0033:0x7f214574ab19 [ 2892.584026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2892.586325] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2892.587313] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2892.588204] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2892.589097] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2892.589989] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2892.590897] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:47 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:20:47 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 39) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:20:47 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:20:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x8000}]) 14:20:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x12, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f803", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:20:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfffffdef, 0x0, 0x0, 0x0, r1, 0x0}]) 14:20:47 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) [ 2907.231643] FAULT_INJECTION: forcing a failure. [ 2907.231643] name failslab, interval 1, probability 0, space 0, times 0 [ 2907.233183] CPU: 1 PID: 15857 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2907.234088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2907.235117] Call Trace: [ 2907.251497] dump_stack+0x107/0x167 [ 2907.251968] should_fail.cold+0x5/0xa [ 2907.252464] ? create_object.isra.0+0x3a/0xa20 [ 2907.253055] should_failslab+0x5/0x20 [ 2907.253553] kmem_cache_alloc+0x5b/0x310 [ 2907.254096] create_object.isra.0+0x3a/0xa20 [ 2907.254669] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2907.255331] kmem_cache_alloc_trace+0x151/0x320 [ 2907.255987] ? io_tctx_exit_cb+0xf0/0xf0 [ 2907.256515] percpu_ref_init+0xd8/0x3d0 [ 2907.257046] io_uring_setup+0x47a/0x2980 [ 2907.257585] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2907.258223] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2907.258883] ? wait_for_completion_io+0x270/0x270 [ 2907.259547] do_syscall_64+0x33/0x40 [ 2907.260017] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2907.260660] RIP: 0033:0x7f214574ab19 [ 2907.261135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2907.263450] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2907.264451] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2907.265374] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2907.266296] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2907.267191] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2907.268098] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x8000}]) [ 2907.298835] FAULT_INJECTION: forcing a failure. [ 2907.298835] name failslab, interval 1, probability 0, space 0, times 0 [ 2907.300684] CPU: 0 PID: 15850 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2907.301586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2907.302673] Call Trace: [ 2907.303028] dump_stack+0x107/0x167 [ 2907.303526] should_fail.cold+0x5/0xa [ 2907.304030] ? create_object.isra.0+0x3a/0xa20 [ 2907.304634] should_failslab+0x5/0x20 [ 2907.305139] kmem_cache_alloc+0x5b/0x310 [ 2907.305676] create_object.isra.0+0x3a/0xa20 [ 2907.306249] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2907.306920] kmem_cache_alloc_trace+0x151/0x320 [ 2907.307614] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2907.308240] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2907.308943] ? do_swap+0x134/0x210 [ 2907.309413] ? sort_r+0x239/0x360 [ 2907.309869] ? ext4_file_open+0xa50/0xa50 [ 2907.310416] ext4_getfsmap+0x695/0x990 [ 2907.310928] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2907.311940] ? ext4_fsmap_to_internal+0x260/0x260 [ 2907.313250] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2907.314793] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2907.316401] ext4_ioc_getfsmap+0x2b0/0x620 [ 2907.317647] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2907.318977] ? find_held_lock+0x2c/0x110 [ 2907.320210] ? avc_has_extended_perms+0x675/0xf40 [ 2907.321654] ? lock_downgrade+0x6d0/0x6d0 [ 2907.322875] __ext4_ioctl+0x8ad/0x4190 [ 2907.324028] ? ext4_reset_inode_seed+0x450/0x450 [ 2907.325420] ? perf_trace_lock+0xac/0x490 [ 2907.326620] ? SOFTIRQ_verbose+0x10/0x10 [ 2907.327834] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2907.329514] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2907.331032] ? do_vfs_ioctl+0x283/0x10d0 [ 2907.332223] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2907.333761] ? generic_block_fiemap+0x60/0x60 [ 2907.335065] ? lock_downgrade+0x6d0/0x6d0 [ 2907.336297] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2907.337707] ? wait_for_completion_io+0x270/0x270 [ 2907.339130] ? selinux_file_ioctl+0xb6/0x270 [ 2907.340444] ? __ext4_ioctl+0x4190/0x4190 [ 2907.341663] __x64_sys_ioctl+0x19a/0x210 [ 2907.342843] do_syscall_64+0x33/0x40 [ 2907.343946] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2907.345452] RIP: 0033:0x7f4e27e8db19 [ 2907.346544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2907.352086] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2907.354327] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2907.356431] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2907.371528] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 14:20:47 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) [ 2907.372481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2907.373438] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2907.432057] FAULT_INJECTION: forcing a failure. [ 2907.432057] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2907.434005] CPU: 0 PID: 15884 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2907.435091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2907.436415] Call Trace: [ 2907.436844] dump_stack+0x107/0x167 [ 2907.437431] should_fail.cold+0x5/0xa [ 2907.438052] __alloc_pages_nodemask+0x182/0x600 [ 2907.438803] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2907.439758] ? cap_capable+0x1cd/0x230 [ 2907.440378] alloc_pages_current+0x187/0x280 [ 2907.441063] __get_free_pages+0xc/0xa0 [ 2907.441666] io_uring_setup+0xe27/0x2980 [ 2907.442307] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2907.443087] ? wait_for_completion_io+0x270/0x270 [ 2907.443892] do_syscall_64+0x33/0x40 [ 2907.444471] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2907.445288] RIP: 0033:0x7f214574ab19 [ 2907.445883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2907.448600] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2907.449618] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2907.450594] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2907.451586] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2907.452568] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2907.453538] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:20:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x64, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:20:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340), 0x0, 0x8000}]) 14:20:47 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f805", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:01 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:01 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66730f66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:01 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x102, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340), 0x0, 0x8000}]) 14:21:01 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 40) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:21:01 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f807", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:01 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) 14:21:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfffffdfc, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2921.591631] FAULT_INJECTION: forcing a failure. [ 2921.591631] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2921.593214] CPU: 1 PID: 15914 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2921.594126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2921.595201] Call Trace: [ 2921.595615] dump_stack+0x107/0x167 [ 2921.596088] should_fail.cold+0x5/0xa [ 2921.596658] __alloc_pages_nodemask+0x182/0x600 [ 2921.597248] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2921.598075] ? cap_capable+0x1cd/0x230 [ 2921.598630] alloc_pages_current+0x187/0x280 [ 2921.599195] __get_free_pages+0xc/0xa0 [ 2921.599761] io_uring_setup+0xf9a/0x2980 [ 2921.600301] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2921.601050] ? wait_for_completion_io+0x270/0x270 [ 2921.602226] do_syscall_64+0x33/0x40 [ 2921.602763] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2921.603475] RIP: 0033:0x7f214574ab19 [ 2921.603955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2921.606479] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2921.607501] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2921.608312] FAULT_INJECTION: forcing a failure. [ 2921.608312] name failslab, interval 1, probability 0, space 0, times 0 [ 2921.608475] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2921.608491] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2921.611852] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2921.612827] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2921.613819] CPU: 0 PID: 15916 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2921.614743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2921.615830] Call Trace: [ 2921.616220] dump_stack+0x107/0x167 [ 2921.616706] should_fail.cold+0x5/0xa [ 2921.617215] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2921.617856] should_failslab+0x5/0x20 [ 2921.618358] kmem_cache_alloc_trace+0x55/0x320 [ 2921.618955] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2921.619621] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2921.620269] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2921.620969] ? do_swap+0x134/0x210 [ 2921.621438] ? sort_r+0x239/0x360 [ 2921.621893] ? ext4_file_open+0xa50/0xa50 [ 2921.622442] ext4_getfsmap+0x695/0x990 [ 2921.622952] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2921.623660] ? ext4_fsmap_to_internal+0x260/0x260 [ 2921.624317] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2921.625017] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2921.625735] ext4_ioc_getfsmap+0x2b0/0x620 [ 2921.626288] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2921.626892] ? find_held_lock+0x2c/0x110 [ 2921.627434] ? avc_has_extended_perms+0x675/0xf40 [ 2921.628121] ? lock_downgrade+0x6d0/0x6d0 [ 2921.628671] __ext4_ioctl+0x8ad/0x4190 [ 2921.629188] ? ext4_reset_inode_seed+0x450/0x450 [ 2921.629811] ? perf_trace_lock+0xac/0x490 [ 2921.630353] ? SOFTIRQ_verbose+0x10/0x10 [ 2921.630898] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2921.631651] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2921.632363] ? do_vfs_ioctl+0x283/0x10d0 [ 2921.632899] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2921.633590] ? generic_block_fiemap+0x60/0x60 [ 2921.634174] ? lock_downgrade+0x6d0/0x6d0 [ 2921.634721] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2921.635355] ? wait_for_completion_io+0x270/0x270 [ 2921.636015] ? selinux_file_ioctl+0xb6/0x270 [ 2921.636597] ? __ext4_ioctl+0x4190/0x4190 [ 2921.637142] __x64_sys_ioctl+0x19a/0x210 [ 2921.637676] do_syscall_64+0x33/0x40 [ 2921.638165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2921.638837] RIP: 0033:0x7f4e27e8db19 [ 2921.639326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2921.641745] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2921.642743] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2921.643675] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2921.644638] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2921.645572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2921.646505] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:21:01 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) [ 2921.746450] FAULT_INJECTION: forcing a failure. [ 2921.746450] name failslab, interval 1, probability 0, space 0, times 0 [ 2921.748097] CPU: 0 PID: 15928 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2921.749012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2921.750100] Call Trace: [ 2921.750458] dump_stack+0x107/0x167 [ 2921.750945] should_fail.cold+0x5/0xa [ 2921.751457] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 2921.752213] should_failslab+0x5/0x20 [ 2921.752723] kmem_cache_alloc_trace+0x55/0x320 [ 2921.753357] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 2921.754109] io_uring_setup+0x14f6/0x2980 [ 2921.754722] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2921.755407] ? wait_for_completion_io+0x270/0x270 [ 2921.756147] do_syscall_64+0x33/0x40 [ 2921.756668] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2921.757362] RIP: 0033:0x7f214574ab19 [ 2921.757867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2921.764335] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2921.765350] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2921.766315] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2921.767270] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2921.768238] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2921.769200] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:21:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340), 0x0, 0x8000}]) 14:21:15 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 41) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:21:15 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) [ 2935.759752] FAULT_INJECTION: forcing a failure. [ 2935.759752] name failslab, interval 1, probability 0, space 0, times 0 [ 2935.761324] CPU: 0 PID: 15943 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2935.762233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2935.763311] Call Trace: [ 2935.763670] dump_stack+0x107/0x167 [ 2935.764154] should_fail.cold+0x5/0xa [ 2935.776739] ? create_object.isra.0+0x3a/0xa20 [ 2935.777360] should_failslab+0x5/0x20 [ 2935.777874] kmem_cache_alloc+0x5b/0x310 [ 2935.778422] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2935.779241] create_object.isra.0+0x3a/0xa20 [ 2935.779833] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2935.784526] kmem_cache_alloc_trace+0x151/0x320 [ 2935.785172] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 2935.785916] io_uring_setup+0x14f6/0x2980 [ 2935.786508] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2935.787205] ? wait_for_completion_io+0x270/0x270 [ 2935.787917] do_syscall_64+0x33/0x40 [ 2935.788412] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2935.789099] RIP: 0033:0x7f214574ab19 [ 2935.789591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2935.792010] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2935.797055] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2935.798016] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f 14:21:15 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:15 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f80f", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfffffdfe, 0x0, 0x0, 0x0, r1, 0x0}]) 14:21:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x180, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:15 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731066617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2935.798961] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2935.799905] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2935.800858] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2935.848184] FAULT_INJECTION: forcing a failure. [ 2935.848184] name failslab, interval 1, probability 0, space 0, times 0 [ 2935.849827] CPU: 0 PID: 15941 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2935.850728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2935.851816] Call Trace: [ 2935.852166] dump_stack+0x107/0x167 [ 2935.852668] should_fail.cold+0x5/0xa [ 2935.853173] ? create_object.isra.0+0x3a/0xa20 [ 2935.853782] should_failslab+0x5/0x20 [ 2935.854283] kmem_cache_alloc+0x5b/0x310 [ 2935.854825] create_object.isra.0+0x3a/0xa20 [ 2935.855400] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2935.856070] kmem_cache_alloc_trace+0x151/0x320 [ 2935.856711] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2935.857335] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2935.858033] ? do_swap+0x134/0x210 [ 2935.858500] ? sort_r+0x239/0x360 [ 2935.858951] ? ext4_file_open+0xa50/0xa50 [ 2935.859494] ext4_getfsmap+0x695/0x990 [ 2935.860001] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2935.860716] ? ext4_fsmap_to_internal+0x260/0x260 [ 2935.861352] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2935.862050] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2935.862765] ext4_ioc_getfsmap+0x2b0/0x620 [ 2935.863316] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2935.863912] ? find_held_lock+0x2c/0x110 [ 2935.864448] ? avc_has_extended_perms+0x675/0xf40 [ 2935.865133] ? lock_downgrade+0x6d0/0x6d0 [ 2935.865679] __ext4_ioctl+0x8ad/0x4190 [ 2935.866196] ? ext4_reset_inode_seed+0x450/0x450 [ 2935.866815] ? perf_trace_lock+0xac/0x490 [ 2935.867352] ? SOFTIRQ_verbose+0x10/0x10 [ 2935.867897] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2935.868671] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2935.869347] ? do_vfs_ioctl+0x283/0x10d0 [ 2935.869881] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2935.870564] ? generic_block_fiemap+0x60/0x60 [ 2935.871153] ? lock_downgrade+0x6d0/0x6d0 [ 2935.871698] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2935.872330] ? wait_for_completion_io+0x270/0x270 [ 2935.872994] ? selinux_file_ioctl+0xb6/0x270 [ 2935.873579] ? __ext4_ioctl+0x4190/0x4190 [ 2935.874122] __x64_sys_ioctl+0x19a/0x210 [ 2935.874654] do_syscall_64+0x33/0x40 [ 2935.875139] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2935.875809] RIP: 0033:0x7f4e27e8db19 [ 2935.876295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2935.878721] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2935.879714] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2935.880681] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2935.881622] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2935.882563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2935.883506] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:21:16 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) 14:21:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1}]) [ 2935.941308] FAULT_INJECTION: forcing a failure. [ 2935.941308] name failslab, interval 1, probability 0, space 0, times 0 [ 2935.942985] CPU: 0 PID: 15967 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2935.943888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2935.944985] Call Trace: [ 2935.945341] dump_stack+0x107/0x167 [ 2935.945825] should_fail.cold+0x5/0xa [ 2935.946332] ? create_object.isra.0+0x3a/0xa20 [ 2935.946936] should_failslab+0x5/0x20 [ 2935.947441] kmem_cache_alloc+0x5b/0x310 [ 2935.947987] create_object.isra.0+0x3a/0xa20 [ 2935.948588] kmemleak_alloc_percpu+0xa0/0x100 [ 2935.949196] pcpu_alloc+0x4e2/0x1240 [ 2935.949716] ? io_async_queue_proc+0x80/0x80 [ 2935.950299] percpu_ref_init+0x31/0x3d0 [ 2935.950834] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 2935.951552] io_uring_setup+0x14f6/0x2980 [ 2935.952111] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2935.952801] ? wait_for_completion_io+0x270/0x270 [ 2935.953483] do_syscall_64+0x33/0x40 [ 2935.953977] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2935.954655] RIP: 0033:0x7f214574ab19 [ 2935.955148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2935.957587] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2935.958589] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2935.959522] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2935.960456] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2935.961408] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2935.962343] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:21:16 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:16 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f81b", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:16 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x201, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:16 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfffffe00, 0x0, 0x0, 0x0, r1, 0x0}]) 14:21:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1}]) 14:21:16 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731166617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:16 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x281, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:30 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:30 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) 14:21:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x300, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:30 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 42) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:21:30 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f827", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:30 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1}]) 14:21:30 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:30 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xffffffff, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2950.239282] FAULT_INJECTION: forcing a failure. [ 2950.239282] name failslab, interval 1, probability 0, space 0, times 0 [ 2950.240855] CPU: 1 PID: 16001 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2950.241799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2950.242901] Call Trace: [ 2950.243276] dump_stack+0x107/0x167 [ 2950.243773] should_fail.cold+0x5/0xa [ 2950.244295] ? create_object.isra.0+0x3a/0xa20 [ 2950.244924] should_failslab+0x5/0x20 [ 2950.245459] kmem_cache_alloc+0x5b/0x310 [ 2950.246028] create_object.isra.0+0x3a/0xa20 [ 2950.246644] kmemleak_alloc_percpu+0xa0/0x100 [ 2950.247264] pcpu_alloc+0x4e2/0x1240 [ 2950.247810] ? io_async_queue_proc+0x80/0x80 [ 2950.248417] percpu_ref_init+0x31/0x3d0 [ 2950.248980] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 2950.249738] io_uring_setup+0x14f6/0x2980 [ 2950.250325] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2950.251021] ? wait_for_completion_io+0x270/0x270 [ 2950.251733] do_syscall_64+0x33/0x40 [ 2950.252256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2950.252949] RIP: 0033:0x7f214574ab19 [ 2950.253949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2950.258028] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2950.259076] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2950.260030] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2950.260978] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2950.261957] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2950.262922] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2950.283680] FAULT_INJECTION: forcing a failure. [ 2950.283680] name failslab, interval 1, probability 0, space 0, times 0 [ 2950.285570] CPU: 1 PID: 16006 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2950.286523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2950.287657] Call Trace: [ 2950.288023] dump_stack+0x107/0x167 [ 2950.288535] should_fail.cold+0x5/0xa [ 2950.289086] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 2950.289772] should_failslab+0x5/0x20 [ 2950.290302] kmem_cache_alloc_trace+0x55/0x320 [ 2950.290941] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2950.291654] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2950.292311] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2950.293058] ? do_swap+0x134/0x210 [ 2950.293583] ? sort_r+0x239/0x360 [ 2950.294067] ? ext4_file_open+0xa50/0xa50 [ 2950.294654] ext4_getfsmap+0x695/0x990 [ 2950.295198] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2950.295945] ? ext4_fsmap_to_internal+0x260/0x260 [ 2950.296622] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2950.297399] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2950.298162] ext4_ioc_getfsmap+0x2b0/0x620 [ 2950.298753] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2950.299398] ? find_held_lock+0x2c/0x110 [ 2950.299965] ? avc_has_extended_perms+0x675/0xf40 [ 2950.300685] ? lock_downgrade+0x6d0/0x6d0 [ 2950.301268] __ext4_ioctl+0x8ad/0x4190 [ 2950.301766] ? ext4_reset_inode_seed+0x450/0x450 [ 2950.302358] ? perf_trace_lock+0xac/0x490 [ 2950.302873] ? SOFTIRQ_verbose+0x10/0x10 [ 2950.303401] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2950.304120] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2950.304765] ? do_vfs_ioctl+0x283/0x10d0 [ 2950.305327] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2950.306027] ? generic_block_fiemap+0x60/0x60 [ 2950.306648] ? lock_downgrade+0x6d0/0x6d0 [ 2950.307212] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2950.307882] ? wait_for_completion_io+0x270/0x270 [ 2950.308554] ? selinux_file_ioctl+0xb6/0x270 [ 2950.309179] ? __ext4_ioctl+0x4190/0x4190 [ 2950.309761] __x64_sys_ioctl+0x19a/0x210 [ 2950.310312] do_syscall_64+0x33/0x40 [ 2950.310836] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2950.311526] RIP: 0033:0x7f4e27e8db19 [ 2950.312041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2950.314467] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2950.315475] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2950.316428] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2950.317412] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2950.318361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2950.319312] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:21:30 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x321, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:30 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) 14:21:30 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f800", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2950.604053] FAULT_INJECTION: forcing a failure. [ 2950.604053] name failslab, interval 1, probability 0, space 0, times 0 [ 2950.606538] CPU: 0 PID: 16041 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2950.608489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2950.610909] Call Trace: [ 2950.611646] dump_stack+0x107/0x167 [ 2950.612673] should_fail.cold+0x5/0xa [ 2950.613836] ? percpu_ref_init+0xd8/0x3d0 [ 2950.614900] should_failslab+0x5/0x20 [ 2950.615407] kmem_cache_alloc_trace+0x55/0x320 [ 2950.616020] ? io_async_queue_proc+0x80/0x80 [ 2950.616596] percpu_ref_init+0xd8/0x3d0 [ 2950.617147] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 2950.617863] io_uring_setup+0x14f6/0x2980 [ 2950.618422] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2950.619090] ? wait_for_completion_io+0x270/0x270 [ 2950.619764] do_syscall_64+0x33/0x40 [ 2950.620255] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2950.620926] RIP: 0033:0x7f214574ab19 [ 2950.621454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2950.623896] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2950.624913] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2950.625889] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2950.626827] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2950.627769] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 14:21:30 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:30 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2950.628712] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2950.680157] FAT-fs (loop7): bogus number of FAT sectors [ 2950.681951] FAT-fs (loop7): Can't find a valid FAT filesystem 14:21:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x500, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:44 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) 14:21:44 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:44 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f813", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:44 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 43) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2964.776700] FAULT_INJECTION: forcing a failure. [ 2964.776700] name failslab, interval 1, probability 0, space 0, times 0 [ 2964.778160] CPU: 1 PID: 16059 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2964.779022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2964.780054] Call Trace: [ 2964.780394] dump_stack+0x107/0x167 [ 2964.780857] should_fail.cold+0x5/0xa [ 2964.781342] ? create_object.isra.0+0x3a/0xa20 [ 2964.793959] should_failslab+0x5/0x20 [ 2964.794442] kmem_cache_alloc+0x5b/0x310 [ 2964.794962] create_object.isra.0+0x3a/0xa20 [ 2964.795513] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2964.796157] kmem_cache_alloc_trace+0x151/0x320 [ 2964.796746] ? io_async_queue_proc+0x80/0x80 [ 2964.797300] percpu_ref_init+0xd8/0x3d0 [ 2964.797843] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 2964.798529] io_uring_setup+0x14f6/0x2980 [ 2964.799062] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2964.799700] ? wait_for_completion_io+0x270/0x270 [ 2964.800350] do_syscall_64+0x33/0x40 [ 2964.800820] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2964.801464] RIP: 0033:0x7f214574ab19 [ 2964.801949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2964.804245] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2964.805201] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2964.806106] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2964.807000] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2964.807891] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2964.808782] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2964.817530] FAULT_INJECTION: forcing a failure. [ 2964.817530] name failslab, interval 1, probability 0, space 0, times 0 [ 2964.819239] CPU: 0 PID: 16070 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2964.820143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2964.821229] Call Trace: [ 2964.821575] dump_stack+0x107/0x167 [ 2964.822069] should_fail.cold+0x5/0xa [ 2964.822570] ? create_object.isra.0+0x3a/0xa20 [ 2964.823174] should_failslab+0x5/0x20 [ 2964.823679] kmem_cache_alloc+0x5b/0x310 [ 2964.824220] create_object.isra.0+0x3a/0xa20 [ 2964.824795] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2964.825463] kmem_cache_alloc_trace+0x151/0x320 [ 2964.826100] ext4_getfsmap_datadev+0xf42/0x25d0 [ 2964.826732] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2964.827434] ? do_swap+0x134/0x210 [ 2964.827903] ? sort_r+0x239/0x360 14:21:45 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x2, 0x0, 0x0, r1, 0x0}]) 14:21:45 executing program 2: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731166617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2964.828358] ? ext4_file_open+0xa50/0xa50 [ 2964.833975] ext4_getfsmap+0x695/0x990 [ 2964.834493] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2964.835196] ? ext4_fsmap_to_internal+0x260/0x260 [ 2964.835827] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2964.836525] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2964.837241] ext4_ioc_getfsmap+0x2b0/0x620 [ 2964.837807] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2964.838406] ? find_held_lock+0x2c/0x110 [ 2964.838944] ? avc_has_extended_perms+0x675/0xf40 [ 2964.839608] ? lock_downgrade+0x6d0/0x6d0 [ 2964.840152] __ext4_ioctl+0x8ad/0x4190 [ 2964.840671] ? ext4_reset_inode_seed+0x450/0x450 [ 2964.841289] ? perf_trace_lock+0xac/0x490 [ 2964.841866] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2964.842624] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2964.843302] ? do_vfs_ioctl+0x283/0x10d0 [ 2964.843832] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2964.844515] ? generic_block_fiemap+0x60/0x60 [ 2964.845098] ? lock_downgrade+0x6d0/0x6d0 [ 2964.845652] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2964.846291] ? wait_for_completion_io+0x270/0x270 [ 2964.846927] ? selinux_file_ioctl+0xb6/0x270 [ 2964.847502] ? __ext4_ioctl+0x4190/0x4190 [ 2964.848046] __x64_sys_ioctl+0x19a/0x210 [ 2964.848577] do_syscall_64+0x33/0x40 [ 2964.849064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2964.849752] RIP: 0033:0x7f4e27e8db19 [ 2964.850243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2964.852644] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2964.853644] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2964.854585] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2964.855518] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2964.856450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2964.857383] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:21:45 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) [ 2964.892032] FAULT_INJECTION: forcing a failure. [ 2964.892032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2964.893632] CPU: 0 PID: 16081 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2964.894543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2964.895622] Call Trace: [ 2964.895977] dump_stack+0x107/0x167 [ 2964.896460] should_fail.cold+0x5/0xa [ 2964.896972] _copy_to_user+0x2e/0x180 [ 2964.897480] io_uring_setup+0x11b5/0x2980 [ 2964.898066] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2964.898741] ? wait_for_completion_io+0x270/0x270 [ 2964.899423] do_syscall_64+0x33/0x40 [ 2964.899915] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2964.900589] RIP: 0033:0x7f214574ab19 [ 2964.901081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2964.903506] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2964.904507] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2964.905445] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2964.906412] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2964.907349] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2964.908281] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:21:45 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) 14:21:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x600, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x3, 0x0, 0x0, r1, 0x0}]) 14:21:45 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 44) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:21:45 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f8ff", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:45 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:45 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 1) [ 2965.067734] FAULT_INJECTION: forcing a failure. [ 2965.067734] name failslab, interval 1, probability 0, space 0, times 0 [ 2965.069249] CPU: 1 PID: 16095 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2965.070136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2965.071165] Call Trace: [ 2965.071504] dump_stack+0x107/0x167 [ 2965.071966] should_fail.cold+0x5/0xa [ 2965.072450] ? __d_alloc+0x2a/0x990 [ 2965.072913] should_failslab+0x5/0x20 [ 2965.073399] kmem_cache_alloc+0x5b/0x310 [ 2965.073941] __d_alloc+0x2a/0x990 [ 2965.074382] ? find_held_lock+0x2c/0x110 [ 2965.074902] d_alloc_pseudo+0x19/0x70 [ 2965.075377] FAULT_INJECTION: forcing a failure. [ 2965.075377] name failslab, interval 1, probability 0, space 0, times 0 [ 2965.076760] alloc_file_pseudo+0xce/0x250 [ 2965.077284] ? trace_hardirqs_on+0x5b/0x180 [ 2965.077847] ? alloc_file+0x5a0/0x5a0 [ 2965.078356] anon_inode_getfile+0xc8/0x1f0 [ 2965.078900] io_uring_setup+0x138b/0x2980 [ 2965.079441] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2965.080082] ? wait_for_completion_io+0x270/0x270 [ 2965.080733] do_syscall_64+0x33/0x40 [ 2965.081206] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2965.081868] RIP: 0033:0x7f214574ab19 [ 2965.082343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2965.084641] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2965.085603] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2965.086515] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2965.087412] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2965.088309] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2965.089206] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2965.090153] CPU: 0 PID: 16096 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2965.091073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2965.092159] Call Trace: [ 2965.092511] dump_stack+0x107/0x167 [ 2965.092992] should_fail.cold+0x5/0xa [ 2965.093496] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2965.094159] should_failslab+0x5/0x20 [ 2965.094664] kmem_cache_alloc_trace+0x55/0x320 [ 2965.095267] ? ext4_bg_num_gdb+0x172/0x250 [ 2965.095826] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2965.096450] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2965.097153] ? do_swap+0x134/0x210 [ 2965.097621] ? sort_r+0x239/0x360 [ 2965.098094] ? ext4_file_open+0xa50/0xa50 [ 2965.098644] ext4_getfsmap+0x695/0x990 [ 2965.099157] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2965.099860] ? ext4_fsmap_to_internal+0x260/0x260 [ 2965.100494] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2965.101193] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2965.101932] ext4_ioc_getfsmap+0x2b0/0x620 [ 2965.102490] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2965.103096] ? find_held_lock+0x2c/0x110 [ 2965.103638] ? avc_has_extended_perms+0x675/0xf40 [ 2965.104303] ? lock_downgrade+0x6d0/0x6d0 [ 2965.104850] __ext4_ioctl+0x8ad/0x4190 [ 2965.105369] ? ext4_reset_inode_seed+0x450/0x450 [ 2965.106005] ? perf_trace_lock+0xac/0x490 [ 2965.106564] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2965.107317] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2965.107992] ? do_vfs_ioctl+0x283/0x10d0 [ 2965.108525] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2965.109209] ? generic_block_fiemap+0x60/0x60 [ 2965.109807] ? lock_downgrade+0x6d0/0x6d0 [ 2965.110352] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2965.110984] ? wait_for_completion_io+0x270/0x270 [ 2965.111617] ? selinux_file_ioctl+0xb6/0x270 [ 2965.112190] ? __ext4_ioctl+0x4190/0x4190 [ 2965.112730] __x64_sys_ioctl+0x19a/0x210 [ 2965.113259] do_syscall_64+0x33/0x40 [ 2965.113758] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2965.114429] RIP: 0033:0x7f4e27e8db19 [ 2965.114912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2965.117290] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2965.118299] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2965.119228] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2965.120151] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2965.121080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2965.122019] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:21:45 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) [ 2965.187252] FAULT_INJECTION: forcing a failure. [ 2965.187252] name failslab, interval 1, probability 0, space 0, times 0 [ 2965.188753] CPU: 1 PID: 16107 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2965.189614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2965.190669] Call Trace: [ 2965.191010] dump_stack+0x107/0x167 [ 2965.191473] should_fail.cold+0x5/0xa [ 2965.191959] ? create_object.isra.0+0x3a/0xa20 [ 2965.192538] should_failslab+0x5/0x20 [ 2965.193021] kmem_cache_alloc+0x5b/0x310 [ 2965.193542] create_object.isra.0+0x3a/0xa20 [ 2965.194113] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2965.194761] kmem_cache_alloc+0x159/0x310 [ 2965.195297] __d_alloc+0x2a/0x990 [ 2965.195735] ? find_held_lock+0x2c/0x110 [ 2965.196256] d_alloc_pseudo+0x19/0x70 [ 2965.196737] alloc_file_pseudo+0xce/0x250 [ 2965.197259] ? trace_hardirqs_on+0x5b/0x180 [ 2965.197819] ? alloc_file+0x5a0/0x5a0 [ 2965.198326] anon_inode_getfile+0xc8/0x1f0 [ 2965.198871] io_uring_setup+0x138b/0x2980 [ 2965.199408] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2965.200054] ? wait_for_completion_io+0x270/0x270 [ 2965.200704] do_syscall_64+0x33/0x40 [ 2965.201176] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2965.201838] RIP: 0033:0x7f214574ab19 [ 2965.202309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2965.204614] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2965.205572] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2965.206484] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2965.207381] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2965.208279] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2965.209175] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:21:45 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0xfdef}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 2965.231027] FAULT_INJECTION: forcing a failure. [ 2965.231027] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2965.237979] CPU: 0 PID: 16108 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 2965.238880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2965.239952] Call Trace: [ 2965.240300] dump_stack+0x107/0x167 [ 2965.240775] should_fail.cold+0x5/0xa [ 2965.241275] _copy_from_user+0x2e/0x1b0 [ 2965.241814] io_submit_one+0x8f/0x1b80 [ 2965.242327] ? lock_acquire+0x197/0x470 [ 2965.242843] ? find_held_lock+0x2c/0x110 [ 2965.243371] ? __do_sys_io_pgetevents+0x410/0x410 [ 2965.244000] ? __might_fault+0xd3/0x180 [ 2965.244515] ? lock_downgrade+0x6d0/0x6d0 [ 2965.245067] __x64_sys_io_submit+0x18d/0x2f0 [ 2965.245651] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 2965.247153] ? fput_many+0x2f/0x1a0 [ 2965.248095] ? ksys_write+0x1a9/0x260 [ 2965.249041] ? __ia32_sys_read+0xb0/0xb0 [ 2965.250162] do_syscall_64+0x33/0x40 [ 2965.251128] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2965.252468] RIP: 0033:0x7f67ad288b19 [ 2965.253432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2965.258922] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 2965.260828] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 2965.262826] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 2965.264614] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2965.266068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2965.267002] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 2979.442027] FAULT_INJECTION: forcing a failure. [ 2979.442027] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.443543] CPU: 1 PID: 16139 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2979.444406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.445440] Call Trace: 14:21:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x4, 0x0, 0x0, r1, 0x0}]) 14:21:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 2) 14:21:59 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:59 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x2001400}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:21:59 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x700, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:59 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 45) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:21:59 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:59 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) [ 2979.445780] dump_stack+0x107/0x167 [ 2979.446354] should_fail.cold+0x5/0xa [ 2979.446861] ? __alloc_file+0x21/0x320 [ 2979.447362] should_failslab+0x5/0x20 [ 2979.447846] kmem_cache_alloc+0x5b/0x310 [ 2979.448371] __alloc_file+0x21/0x320 [ 2979.448846] alloc_empty_file+0x6d/0x170 [ 2979.449364] alloc_file+0x5e/0x5a0 [ 2979.449826] alloc_file_pseudo+0x16a/0x250 [ 2979.450684] ? alloc_file+0x5a0/0x5a0 [ 2979.451630] anon_inode_getfile+0xc8/0x1f0 [ 2979.452655] io_uring_setup+0x138b/0x2980 [ 2979.453662] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2979.454580] ? wait_for_completion_io+0x270/0x270 [ 2979.455236] do_syscall_64+0x33/0x40 [ 2979.455713] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.456363] RIP: 0033:0x7f214574ab19 [ 2979.456836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.459211] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2979.460175] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2979.461074] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2979.461973] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2979.463862] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2979.465959] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2979.476443] FAULT_INJECTION: forcing a failure. [ 2979.476443] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.480048] CPU: 1 PID: 16142 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2979.480925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.481968] Call Trace: [ 2979.482313] dump_stack+0x107/0x167 [ 2979.482774] should_fail.cold+0x5/0xa [ 2979.483257] ? create_object.isra.0+0x3a/0xa20 [ 2979.483832] should_failslab+0x5/0x20 [ 2979.484311] kmem_cache_alloc+0x5b/0x310 [ 2979.484821] ? lock_downgrade+0x6d0/0x6d0 [ 2979.485344] create_object.isra.0+0x3a/0xa20 [ 2979.485894] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2979.486552] kmem_cache_alloc_trace+0x151/0x320 [ 2979.487143] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 2979.487741] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.488411] ? do_swap+0x134/0x210 [ 2979.488859] ? sort_r+0x239/0x360 [ 2979.489295] ? ext4_file_open+0xa50/0xa50 [ 2979.489819] ext4_getfsmap+0x695/0x990 [ 2979.490326] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.490996] ? ext4_fsmap_to_internal+0x260/0x260 [ 2979.491601] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2979.492273] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.492961] ext4_ioc_getfsmap+0x2b0/0x620 [ 2979.493490] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2979.494064] ? find_held_lock+0x2c/0x110 [ 2979.494596] ? avc_has_extended_perms+0x675/0xf40 [ 2979.495238] ? lock_downgrade+0x6d0/0x6d0 [ 2979.495762] __ext4_ioctl+0x8ad/0x4190 [ 2979.496271] ? ext4_reset_inode_seed+0x450/0x450 [ 2979.496865] ? perf_trace_lock+0xac/0x490 [ 2979.497384] ? SOFTIRQ_verbose+0x10/0x10 [ 2979.497907] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2979.498647] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2979.499296] ? do_vfs_ioctl+0x283/0x10d0 [ 2979.499805] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2979.500462] ? generic_block_fiemap+0x60/0x60 [ 2979.501024] ? lock_downgrade+0x6d0/0x6d0 [ 2979.501546] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2979.502155] ? wait_for_completion_io+0x270/0x270 [ 2979.502786] ? selinux_file_ioctl+0xb6/0x270 [ 2979.503342] ? __ext4_ioctl+0x4190/0x4190 [ 2979.503862] __x64_sys_ioctl+0x19a/0x210 [ 2979.504375] do_syscall_64+0x33/0x40 [ 2979.504843] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.505486] RIP: 0033:0x7f4e27e8db19 [ 2979.505954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.508273] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2979.509229] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2979.510123] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2979.511035] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.511933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.512829] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2979.536005] FAULT_INJECTION: forcing a failure. [ 2979.536005] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.537440] CPU: 1 PID: 16152 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 2979.538324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.539354] Call Trace: [ 2979.539685] dump_stack+0x107/0x167 [ 2979.540141] should_fail.cold+0x5/0xa [ 2979.540620] ? io_submit_one+0xfb/0x1b80 [ 2979.541132] should_failslab+0x5/0x20 [ 2979.541611] kmem_cache_alloc+0x5b/0x310 [ 2979.542127] io_submit_one+0xfb/0x1b80 [ 2979.542639] ? lock_acquire+0x197/0x470 [ 2979.543138] ? find_held_lock+0x2c/0x110 [ 2979.543649] ? __do_sys_io_pgetevents+0x410/0x410 [ 2979.544256] ? __might_fault+0xd3/0x180 [ 2979.544757] ? lock_downgrade+0x6d0/0x6d0 [ 2979.545293] __x64_sys_io_submit+0x18d/0x2f0 [ 2979.545846] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 2979.546462] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 2979.547142] ? ksys_write+0x1a9/0x260 [ 2979.547623] ? __ia32_sys_read+0xb0/0xb0 [ 2979.548142] do_syscall_64+0x33/0x40 [ 2979.548610] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.549253] RIP: 0033:0x7f67ad288b19 [ 2979.549720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.552045] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 2979.552999] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 2979.553895] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 2979.554809] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.555702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2979.556596] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 14:21:59 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:21:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x5, 0x0, 0x0, r1, 0x0}]) 14:21:59 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) 14:21:59 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x900, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:21:59 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:21:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x7, 0x0, 0x0, r1, 0x0}]) [ 2979.672100] FAULT_INJECTION: forcing a failure. [ 2979.672100] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.673580] CPU: 1 PID: 16164 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2979.674460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.675497] Call Trace: [ 2979.675837] dump_stack+0x107/0x167 [ 2979.676300] should_fail.cold+0x5/0xa [ 2979.676786] ? create_object.isra.0+0x3a/0xa20 [ 2979.677368] should_failslab+0x5/0x20 [ 2979.677850] kmem_cache_alloc+0x5b/0x310 [ 2979.678390] create_object.isra.0+0x3a/0xa20 [ 2979.678946] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2979.679594] kmem_cache_alloc+0x159/0x310 [ 2979.680129] __alloc_file+0x21/0x320 [ 2979.680604] alloc_empty_file+0x6d/0x170 [ 2979.681122] alloc_file+0x5e/0x5a0 [ 2979.681579] alloc_file_pseudo+0x16a/0x250 [ 2979.682116] ? alloc_file+0x5a0/0x5a0 [ 2979.682638] anon_inode_getfile+0xc8/0x1f0 [ 2979.683181] io_uring_setup+0x138b/0x2980 [ 2979.683718] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2979.684362] ? wait_for_completion_io+0x270/0x270 [ 2979.685013] do_syscall_64+0x33/0x40 [ 2979.685483] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.686128] RIP: 0033:0x7f214574ab19 [ 2979.686614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.688911] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2979.689870] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2979.690783] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2979.691679] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2979.692574] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2979.693470] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:21:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 3) 14:21:59 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) [ 2979.790004] FAULT_INJECTION: forcing a failure. [ 2979.790004] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.791592] CPU: 0 PID: 16175 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2979.792495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.793583] Call Trace: [ 2979.793939] dump_stack+0x107/0x167 [ 2979.794444] should_fail.cold+0x5/0xa [ 2979.794956] ? security_file_alloc+0x34/0x170 [ 2979.795551] should_failslab+0x5/0x20 [ 2979.796058] kmem_cache_alloc+0x5b/0x310 [ 2979.796604] security_file_alloc+0x34/0x170 [ 2979.797183] __alloc_file+0xb7/0x320 [ 2979.797679] alloc_empty_file+0x6d/0x170 [ 2979.798228] alloc_file+0x5e/0x5a0 [ 2979.798711] alloc_file_pseudo+0x16a/0x250 [ 2979.799269] ? alloc_file+0x5a0/0x5a0 [ 2979.799801] anon_inode_getfile+0xc8/0x1f0 [ 2979.800369] io_uring_setup+0x138b/0x2980 [ 2979.800930] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2979.801599] ? wait_for_completion_io+0x270/0x270 [ 2979.802300] do_syscall_64+0x33/0x40 [ 2979.802806] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.803484] RIP: 0033:0x7f214574ab19 [ 2979.803981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.806410] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2979.807416] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2979.808356] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2979.809294] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2979.810248] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2979.811200] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:22:00 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 46) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 2979.857503] FAULT_INJECTION: forcing a failure. [ 2979.857503] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.858960] CPU: 1 PID: 16180 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 2979.859818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.860847] Call Trace: [ 2979.861182] dump_stack+0x107/0x167 [ 2979.861637] should_fail.cold+0x5/0xa [ 2979.862116] ? create_object.isra.0+0x3a/0xa20 [ 2979.862706] should_failslab+0x5/0x20 [ 2979.863182] kmem_cache_alloc+0x5b/0x310 [ 2979.863691] create_object.isra.0+0x3a/0xa20 [ 2979.864236] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2979.864870] kmem_cache_alloc+0x159/0x310 [ 2979.865394] io_submit_one+0xfb/0x1b80 [ 2979.865885] ? lock_acquire+0x197/0x470 [ 2979.866397] ? find_held_lock+0x2c/0x110 [ 2979.866910] ? __do_sys_io_pgetevents+0x410/0x410 [ 2979.867511] ? __might_fault+0xd3/0x180 [ 2979.868011] ? lock_downgrade+0x6d0/0x6d0 [ 2979.868544] __x64_sys_io_submit+0x18d/0x2f0 [ 2979.869099] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 2979.869691] ? fput_many+0x2f/0x1a0 [ 2979.870148] ? ksys_write+0x1a9/0x260 [ 2979.870650] ? __ia32_sys_read+0xb0/0xb0 [ 2979.871170] do_syscall_64+0x33/0x40 [ 2979.871638] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.872278] RIP: 0033:0x7f67ad288b19 [ 2979.872753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.875077] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 2979.876032] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 2979.876924] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 2979.877818] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.878728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2979.879622] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 2979.924404] FAULT_INJECTION: forcing a failure. [ 2979.924404] name failslab, interval 1, probability 0, space 0, times 0 [ 2979.926227] CPU: 0 PID: 16184 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2979.927130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2979.928202] Call Trace: [ 2979.928550] dump_stack+0x107/0x167 [ 2979.929026] should_fail.cold+0x5/0xa [ 2979.929528] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2979.930161] should_failslab+0x5/0x20 [ 2979.930678] kmem_cache_alloc_trace+0x55/0x320 [ 2979.931275] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2979.931941] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2979.932560] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.933263] ? do_swap+0x134/0x210 [ 2979.933729] ? sort_r+0x239/0x360 [ 2979.934183] ? ext4_file_open+0xa50/0xa50 [ 2979.935296] ext4_getfsmap+0x695/0x990 [ 2979.936250] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.937559] ? ext4_fsmap_to_internal+0x260/0x260 [ 2979.938870] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2979.940183] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2979.941532] ext4_ioc_getfsmap+0x2b0/0x620 [ 2979.942680] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2979.943798] ? find_held_lock+0x2c/0x110 [ 2979.944792] ? avc_has_extended_perms+0x675/0xf40 [ 2979.946054] ? lock_downgrade+0x6d0/0x6d0 [ 2979.947272] __ext4_ioctl+0x8ad/0x4190 [ 2979.948285] ? ext4_reset_inode_seed+0x450/0x450 [ 2979.949521] ? perf_trace_lock+0xac/0x490 [ 2979.950677] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2979.952144] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2979.953405] ? do_vfs_ioctl+0x283/0x10d0 [ 2979.954443] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2979.955764] ? generic_block_fiemap+0x60/0x60 [ 2979.956880] ? lock_downgrade+0x6d0/0x6d0 [ 2979.957916] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2979.959308] ? wait_for_completion_io+0x270/0x270 [ 2979.960493] ? selinux_file_ioctl+0xb6/0x270 [ 2979.961563] ? __ext4_ioctl+0x4190/0x4190 [ 2979.962445] __x64_sys_ioctl+0x19a/0x210 [ 2979.962982] do_syscall_64+0x33/0x40 [ 2979.963474] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2979.964142] RIP: 0033:0x7f4e27e8db19 [ 2979.964628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2979.967041] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2979.968035] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2979.968963] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2979.969891] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2979.970840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2979.971774] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:22:14 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:22:14 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 47) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:22:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 4) 14:22:14 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) 14:22:14 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x20000157}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:22:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x8, 0x0, 0x0, r1, 0x0}]) 14:22:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xc00, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:14 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732166617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 2993.965274] FAULT_INJECTION: forcing a failure. [ 2993.965274] name failslab, interval 1, probability 0, space 0, times 0 [ 2993.966860] CPU: 0 PID: 16209 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2993.967770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2993.968861] Call Trace: [ 2993.969217] dump_stack+0x107/0x167 [ 2993.969705] should_fail.cold+0x5/0xa [ 2993.970213] ? create_object.isra.0+0x3a/0xa20 [ 2993.970851] should_failslab+0x5/0x20 [ 2993.971354] kmem_cache_alloc+0x5b/0x310 [ 2993.971892] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 2993.972618] create_object.isra.0+0x3a/0xa20 [ 2993.973196] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2993.973871] kmem_cache_alloc+0x159/0x310 [ 2993.974434] security_file_alloc+0x34/0x170 [ 2993.975027] __alloc_file+0xb7/0x320 [ 2993.975521] alloc_empty_file+0x6d/0x170 [ 2993.976060] alloc_file+0x5e/0x5a0 [ 2993.976536] alloc_file_pseudo+0x16a/0x250 [ 2993.977098] ? alloc_file+0x5a0/0x5a0 [ 2993.977630] anon_inode_getfile+0xc8/0x1f0 [ 2993.978194] io_uring_setup+0x138b/0x2980 [ 2993.978760] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2993.979432] ? wait_for_completion_io+0x270/0x270 [ 2993.980115] do_syscall_64+0x33/0x40 [ 2993.980606] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2993.981280] RIP: 0033:0x7f214574ab19 [ 2993.981773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2993.984196] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2993.985195] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2993.986133] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2993.987090] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2993.988031] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2993.988967] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 2993.998141] FAULT_INJECTION: forcing a failure. [ 2993.998141] name failslab, interval 1, probability 0, space 0, times 0 [ 2993.999697] CPU: 0 PID: 16207 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 2994.000600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2994.001689] Call Trace: [ 2994.002037] dump_stack+0x107/0x167 [ 2994.002515] should_fail.cold+0x5/0xa [ 2994.003040] ? create_object.isra.0+0x3a/0xa20 [ 2994.003640] should_failslab+0x5/0x20 [ 2994.004141] kmem_cache_alloc+0x5b/0x310 [ 2994.004680] create_object.isra.0+0x3a/0xa20 [ 2994.005256] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2994.005928] kmem_cache_alloc_trace+0x151/0x320 [ 2994.006546] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 2994.007192] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2994.007897] ? do_swap+0x134/0x210 [ 2994.008365] ? sort_r+0x239/0x360 [ 2994.008827] ? ext4_file_open+0xa50/0xa50 [ 2994.009376] ext4_getfsmap+0x695/0x990 [ 2994.009895] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2994.010599] ? ext4_fsmap_to_internal+0x260/0x260 [ 2994.011256] ? ext4_ioctl_check_immutable+0x200/0x200 [ 2994.011967] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 2994.012689] ext4_ioc_getfsmap+0x2b0/0x620 [ 2994.013243] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 2994.013848] ? find_held_lock+0x2c/0x110 [ 2994.014388] ? avc_has_extended_perms+0x675/0xf40 [ 2994.015082] ? lock_downgrade+0x6d0/0x6d0 [ 2994.015635] __ext4_ioctl+0x8ad/0x4190 [ 2994.016163] ? ext4_reset_inode_seed+0x450/0x450 [ 2994.016786] ? perf_trace_lock+0xac/0x490 [ 2994.017331] ? SOFTIRQ_verbose+0x10/0x10 [ 2994.017880] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 2994.018641] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 2994.019342] ? do_vfs_ioctl+0x283/0x10d0 [ 2994.019877] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 2994.020569] ? generic_block_fiemap+0x60/0x60 [ 2994.021158] ? lock_downgrade+0x6d0/0x6d0 [ 2994.021712] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2994.022352] ? wait_for_completion_io+0x270/0x270 [ 2994.023021] ? selinux_file_ioctl+0xb6/0x270 [ 2994.023602] ? __ext4_ioctl+0x4190/0x4190 [ 2994.024148] __x64_sys_ioctl+0x19a/0x210 [ 2994.024691] do_syscall_64+0x33/0x40 [ 2994.025181] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2994.025855] RIP: 0033:0x7f4e27e8db19 [ 2994.026343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2994.028783] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2994.029783] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 2994.030736] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 2994.031685] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 2994.032621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2994.033561] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 2994.060656] FAULT_INJECTION: forcing a failure. [ 2994.060656] name failslab, interval 1, probability 0, space 0, times 0 [ 2994.062170] CPU: 0 PID: 16221 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 2994.063088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2994.064167] Call Trace: [ 2994.064514] dump_stack+0x107/0x167 [ 2994.064992] should_fail.cold+0x5/0xa [ 2994.065490] ? jbd2__journal_start+0x190/0x7e0 [ 2994.066092] should_failslab+0x5/0x20 [ 2994.066591] kmem_cache_alloc+0x5b/0x310 [ 2994.067152] jbd2__journal_start+0x190/0x7e0 [ 2994.067741] __ext4_journal_start_sb+0x214/0x390 [ 2994.068372] ext4_file_write_iter+0xee9/0x1530 [ 2994.068989] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2994.069594] ? security_file_permission+0xb1/0xe0 [ 2994.070239] aio_write+0x355/0x7a0 [ 2994.070713] ? cpumask_weight.constprop.0+0x40/0x40 [ 2994.071385] ? lock_acquire+0x197/0x470 [ 2994.071927] ? __might_fault+0xd3/0x180 [ 2994.072449] ? lock_downgrade+0x6d0/0x6d0 [ 2994.072993] ? io_submit_one+0x1e0/0x1b80 [ 2994.073556] io_submit_one+0xfbc/0x1b80 [ 2994.074088] ? lock_acquire+0x197/0x470 [ 2994.074608] ? find_held_lock+0x2c/0x110 [ 2994.075165] ? __do_sys_io_pgetevents+0x410/0x410 [ 2994.075805] ? __might_fault+0xd3/0x180 [ 2994.076330] ? lock_downgrade+0x6d0/0x6d0 [ 2994.076898] __x64_sys_io_submit+0x18d/0x2f0 [ 2994.077478] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 2994.078098] ? fput_many+0x2f/0x1a0 [ 2994.078579] ? ksys_write+0x1a9/0x260 [ 2994.079105] ? __ia32_sys_read+0xb0/0xb0 [ 2994.079653] do_syscall_64+0x33/0x40 [ 2994.080144] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2994.080817] RIP: 0033:0x7f67ad288b19 [ 2994.081307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2994.083739] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 2994.084741] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 2994.085680] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 2994.086615] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2994.087567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2994.088507] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 14:22:14 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) 14:22:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfe, 0x0, 0x0, r1, 0x0}]) 14:22:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x1200, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:14 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 2994.154298] FAULT_INJECTION: forcing a failure. [ 2994.154298] name failslab, interval 1, probability 0, space 0, times 0 [ 2994.155888] CPU: 0 PID: 16224 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 2994.156791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2994.157880] Call Trace: [ 2994.158236] dump_stack+0x107/0x167 [ 2994.158721] should_fail.cold+0x5/0xa [ 2994.159246] ? io_uring_alloc_task_context+0x99/0x6a0 [ 2994.159928] should_failslab+0x5/0x20 [ 2994.160429] kmem_cache_alloc_trace+0x55/0x320 [ 2994.161039] io_uring_alloc_task_context+0x99/0x6a0 [ 2994.161700] ? io_import_iovec+0x1120/0x1120 [ 2994.162279] ? lock_downgrade+0x6d0/0x6d0 [ 2994.162841] ? do_raw_spin_lock+0x121/0x260 [ 2994.163409] ? rwlock_bug.part.0+0x90/0x90 [ 2994.163979] __io_uring_add_tctx_node+0x2c6/0x520 [ 2994.164610] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 2994.165295] ? alloc_fd+0x2e7/0x670 [ 2994.165790] io_uring_setup+0x1fbb/0x2980 [ 2994.166345] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 2994.167039] ? wait_for_completion_io+0x270/0x270 [ 2994.167713] do_syscall_64+0x33/0x40 [ 2994.168203] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2994.168879] RIP: 0033:0x7f214574ab19 [ 2994.169372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2994.171806] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2994.172814] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 2994.173755] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 2994.174696] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 2994.175654] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 2994.176594] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:22:28 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:22:28 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 48) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3008.234253] FAULT_INJECTION: forcing a failure. [ 3008.234253] name failslab, interval 1, probability 0, space 0, times 0 14:22:28 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) 14:22:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2103, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 5) 14:22:28 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:22:28 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0xfffffdef}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:22:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x300, 0x0, 0x0, r1, 0x0}]) [ 3008.236435] CPU: 0 PID: 16246 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3008.238559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.240931] Call Trace: [ 3008.241579] dump_stack+0x107/0x167 [ 3008.242480] should_fail.cold+0x5/0xa [ 3008.247485] ? create_object.isra.0+0x3a/0xa20 [ 3008.248649] should_failslab+0x5/0x20 [ 3008.249606] kmem_cache_alloc+0x5b/0x310 [ 3008.250639] ? perf_trace_lock+0x2bd/0x490 [ 3008.251545] create_object.isra.0+0x3a/0xa20 [ 3008.252143] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3008.252837] kmem_cache_alloc_trace+0x151/0x320 [ 3008.253475] io_uring_alloc_task_context+0x99/0x6a0 [ 3008.254156] ? io_import_iovec+0x1120/0x1120 [ 3008.254652] FAULT_INJECTION: forcing a failure. [ 3008.254652] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.254762] ? lock_downgrade+0x6d0/0x6d0 [ 3008.256830] ? do_raw_spin_lock+0x121/0x260 [ 3008.257407] ? rwlock_bug.part.0+0x90/0x90 [ 3008.257980] __io_uring_add_tctx_node+0x2c6/0x520 [ 3008.258619] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3008.259335] ? alloc_fd+0x2e7/0x670 [ 3008.259839] io_uring_setup+0x1fbb/0x2980 [ 3008.260404] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3008.261083] ? wait_for_completion_io+0x270/0x270 [ 3008.261767] do_syscall_64+0x33/0x40 [ 3008.262268] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.262946] RIP: 0033:0x7f214574ab19 [ 3008.263462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.265892] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3008.266901] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3008.267868] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3008.268809] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3008.269752] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3008.270698] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3008.271708] CPU: 1 PID: 16243 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3008.272655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.273758] Call Trace: [ 3008.274151] dump_stack+0x107/0x167 [ 3008.274611] should_fail.cold+0x5/0xa [ 3008.275180] ? create_object.isra.0+0x3a/0xa20 [ 3008.275808] should_failslab+0x5/0x20 [ 3008.276341] kmem_cache_alloc+0x5b/0x310 [ 3008.276860] create_object.isra.0+0x3a/0xa20 [ 3008.277470] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3008.278166] kmem_cache_alloc_trace+0x151/0x320 [ 3008.278755] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3008.279471] ? trace_hardirqs_on+0x5b/0x180 [ 3008.280065] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.280736] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3008.281475] ? do_swap+0x134/0x210 [ 3008.281923] ? sort_r+0x239/0x360 [ 3008.282412] ? ext4_file_open+0xa50/0xa50 [ 3008.282939] ext4_getfsmap+0x695/0x990 [ 3008.283546] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.284283] ? ext4_fsmap_to_internal+0x260/0x260 [ 3008.284890] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3008.285621] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.286342] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 3008.287085] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3008.287785] ? trace_hardirqs_on+0x5b/0x180 [ 3008.288394] ext4_ioc_getfsmap+0x2b0/0x620 [ 3008.288926] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3008.289558] ? find_held_lock+0x2c/0x110 [ 3008.290137] ? avc_has_extended_perms+0x675/0xf40 [ 3008.290781] __ext4_ioctl+0x8ad/0x4190 [ 3008.291381] ? ext4_reset_inode_seed+0x450/0x450 [ 3008.291980] ? perf_trace_lock+0xac/0x490 [ 3008.292552] ? SOFTIRQ_verbose+0x10/0x10 [ 3008.293136] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3008.295570] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3008.296282] ? do_vfs_ioctl+0x283/0x10d0 [ 3008.296788] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3008.297491] ? generic_block_fiemap+0x60/0x60 [ 3008.298114] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 3008.298763] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3008.299529] ? trace_hardirqs_on+0x5b/0x180 [ 3008.300128] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3008.300801] ? __ext4_ioctl+0x4190/0x4190 [ 3008.301369] ? ext4_ioctl+0x13/0x30 [ 3008.301822] ? __sanitizer_cov_trace_pc+0x3c/0x60 [ 3008.302479] ? __ext4_ioctl+0x4190/0x4190 [ 3008.303073] __x64_sys_ioctl+0x19a/0x210 [ 3008.303605] do_syscall_64+0x33/0x40 [ 3008.304129] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.304766] RIP: 0033:0x7f4e27e8db19 [ 3008.305282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.307712] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3008.308715] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3008.309650] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3008.310629] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3008.311606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3008.312549] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3008.327381] FAULT_INJECTION: forcing a failure. [ 3008.327381] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.329118] CPU: 0 PID: 16260 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3008.330055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.331162] Call Trace: [ 3008.331536] dump_stack+0x107/0x167 [ 3008.332014] should_fail.cold+0x5/0xa [ 3008.332510] ? create_object.isra.0+0x3a/0xa20 [ 3008.333110] should_failslab+0x5/0x20 [ 3008.333607] kmem_cache_alloc+0x5b/0x310 [ 3008.334144] create_object.isra.0+0x3a/0xa20 [ 3008.334718] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3008.335404] kmem_cache_alloc+0x159/0x310 [ 3008.335953] alloc_buffer_head+0x20/0x110 [ 3008.336494] alloc_page_buffers+0x14d/0x700 [ 3008.337066] create_empty_buffers+0x2c/0x640 [ 3008.337645] create_page_buffers+0x1bb/0x230 [ 3008.338224] __block_write_begin_int+0x1d1/0x19c0 [ 3008.338859] ? fat_add_cluster+0x100/0x100 [ 3008.339429] ? add_to_page_cache_locked+0x40/0x40 [ 3008.340061] ? __page_cache_alloc+0x10d/0x360 [ 3008.340650] ? __lock_acquire+0xbb1/0x5b00 [ 3008.341212] ? remove_inode_buffers+0x300/0x300 [ 3008.341820] ? pagecache_get_page+0x243/0xc80 [ 3008.342410] ? wait_for_stable_page+0x92/0xe0 [ 3008.343000] cont_write_begin+0x472/0x980 [ 3008.343564] ? __lock_acquire+0x1657/0x5b00 [ 3008.344139] ? fat_add_cluster+0x100/0x100 [ 3008.344694] ? nobh_write_begin+0xed0/0xed0 [ 3008.345271] fat_write_begin+0x89/0x180 [ 3008.345791] ? fat_add_cluster+0x100/0x100 [ 3008.346348] cont_write_begin+0x20e/0x980 [ 3008.346900] ? fat_add_cluster+0x100/0x100 [ 3008.347478] ? nobh_write_begin+0xed0/0xed0 [ 3008.348048] ? lock_downgrade+0x6d0/0x6d0 [ 3008.348587] ? do_raw_spin_lock+0x121/0x260 [ 3008.349152] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3008.349821] fat_write_begin+0x89/0x180 [ 3008.350345] ? fat_add_cluster+0x100/0x100 [ 3008.350901] generic_perform_write+0x20a/0x4f0 [ 3008.351523] ? fat_direct_IO+0x1ef/0x380 [ 3008.352056] ? page_cache_prev_miss+0x310/0x310 [ 3008.352678] __generic_file_write_iter+0x2cd/0x5d0 [ 3008.353328] generic_file_write_iter+0xdb/0x230 [ 3008.353939] aio_write+0x355/0x7a0 [ 3008.354406] ? cpumask_weight.constprop.0+0x40/0x40 [ 3008.355082] ? lock_acquire+0x197/0x470 [ 3008.355640] ? __might_fault+0xd3/0x180 [ 3008.356167] ? lock_downgrade+0x6d0/0x6d0 [ 3008.356707] ? io_submit_one+0x1e0/0x1b80 [ 3008.357264] io_submit_one+0xfbc/0x1b80 [ 3008.357789] ? lock_acquire+0x197/0x470 [ 3008.358307] ? find_held_lock+0x2c/0x110 [ 3008.358839] ? __do_sys_io_pgetevents+0x410/0x410 [ 3008.359488] ? __might_fault+0xd3/0x180 [ 3008.360017] ? lock_downgrade+0x6d0/0x6d0 [ 3008.360575] __x64_sys_io_submit+0x18d/0x2f0 [ 3008.361159] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3008.361783] ? fput_many+0x2f/0x1a0 [ 3008.362260] ? ksys_write+0x1a9/0x260 [ 3008.362759] ? __ia32_sys_read+0xb0/0xb0 [ 3008.363325] do_syscall_64+0x33/0x40 [ 3008.363819] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.364496] RIP: 0033:0x7f67ad288b19 [ 3008.364981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.367401] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3008.368395] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 3008.369325] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3008.370258] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3008.371188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3008.372139] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 14:22:28 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) 14:22:28 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:22:28 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3008.499925] FAULT_INJECTION: forcing a failure. [ 3008.499925] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.501501] CPU: 1 PID: 16271 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3008.502378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.503450] Call Trace: [ 3008.503793] dump_stack+0x107/0x167 [ 3008.504258] should_fail.cold+0x5/0xa [ 3008.504746] ? create_object.isra.0+0x3a/0xa20 [ 3008.505343] should_failslab+0x5/0x20 [ 3008.505827] kmem_cache_alloc+0x5b/0x310 [ 3008.506351] create_object.isra.0+0x3a/0xa20 [ 3008.506922] kmemleak_alloc_percpu+0xa0/0x100 [ 3008.507518] pcpu_alloc+0x4e2/0x1240 [ 3008.508021] __percpu_counter_init+0x10d/0x2d0 [ 3008.508612] io_uring_alloc_task_context+0xcc/0x6a0 [ 3008.509251] ? io_import_iovec+0x1120/0x1120 [ 3008.509816] ? lock_downgrade+0x6d0/0x6d0 [ 3008.510346] ? do_raw_spin_lock+0x121/0x260 [ 3008.510893] ? rwlock_bug.part.0+0x90/0x90 [ 3008.511460] __io_uring_add_tctx_node+0x2c6/0x520 [ 3008.512072] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3008.512740] ? alloc_fd+0x2e7/0x670 [ 3008.513225] io_uring_setup+0x1fbb/0x2980 [ 3008.513769] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3008.514417] ? wait_for_completion_io+0x270/0x270 [ 3008.515069] do_syscall_64+0x33/0x40 [ 3008.515559] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.516209] RIP: 0033:0x7f214574ab19 [ 3008.516682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.518991] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3008.519971] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3008.520871] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3008.521772] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3008.522671] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3008.523589] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:22:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3f00, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x500, 0x0, 0x0, r1, 0x0}]) 14:22:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 6) 14:22:28 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:22:28 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 49) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3008.613965] FAULT_INJECTION: forcing a failure. [ 3008.613965] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.615569] CPU: 1 PID: 16282 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3008.616463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.617509] Call Trace: [ 3008.617844] dump_stack+0x107/0x167 [ 3008.618302] should_fail.cold+0x5/0xa [ 3008.618780] ? jbd2__journal_start+0x190/0x7e0 [ 3008.619383] should_failslab+0x5/0x20 [ 3008.619868] kmem_cache_alloc+0x5b/0x310 [ 3008.620384] jbd2__journal_start+0x190/0x7e0 [ 3008.620946] __ext4_journal_start_sb+0x214/0x390 [ 3008.621548] ext4_file_write_iter+0xee9/0x1530 [ 3008.622134] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3008.622713] ? security_file_permission+0xb1/0xe0 [ 3008.623338] aio_write+0x355/0x7a0 [ 3008.623795] ? cpumask_weight.constprop.0+0x40/0x40 [ 3008.624438] ? __might_fault+0xd3/0x180 [ 3008.624942] ? lock_downgrade+0x6d0/0x6d0 [ 3008.625480] io_submit_one+0xfbc/0x1b80 [ 3008.625988] ? lock_acquire+0x197/0x470 [ 3008.626500] ? find_held_lock+0x2c/0x110 [ 3008.627013] ? __do_sys_io_pgetevents+0x410/0x410 [ 3008.627641] ? __might_fault+0xd3/0x180 [ 3008.628144] ? lock_downgrade+0x6d0/0x6d0 [ 3008.628687] __x64_sys_io_submit+0x18d/0x2f0 [ 3008.629244] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3008.629839] ? fput_many+0x2f/0x1a0 [ 3008.630304] ? ksys_write+0x1a9/0x260 [ 3008.630791] ? __ia32_sys_read+0xb0/0xb0 [ 3008.631322] do_syscall_64+0x33/0x40 [ 3008.631798] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.632443] RIP: 0033:0x7f67ad288b19 [ 3008.632912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.635228] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3008.636202] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3008.637097] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3008.638005] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 14:22:28 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) [ 3008.638918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3008.639844] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 3008.681757] FAULT_INJECTION: forcing a failure. [ 3008.681757] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.683550] CPU: 0 PID: 16287 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3008.684465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.685551] Call Trace: [ 3008.685904] dump_stack+0x107/0x167 [ 3008.686383] should_fail.cold+0x5/0xa [ 3008.686891] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 3008.687538] should_failslab+0x5/0x20 [ 3008.688040] kmem_cache_alloc_trace+0x55/0x320 [ 3008.688639] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3008.689308] ext4_getfsmap_datadev+0xf42/0x25d0 [ 3008.689930] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.690630] ? do_swap+0x134/0x210 [ 3008.691099] ? sort_r+0x239/0x360 [ 3008.691580] ? ext4_file_open+0xa50/0xa50 [ 3008.692127] ext4_getfsmap+0x695/0x990 [ 3008.692636] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.693335] ? ext4_fsmap_to_internal+0x260/0x260 [ 3008.693965] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3008.694658] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3008.695382] ext4_ioc_getfsmap+0x2b0/0x620 [ 3008.695939] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3008.696536] ? find_held_lock+0x2c/0x110 [ 3008.697073] ? avc_has_extended_perms+0x675/0xf40 [ 3008.697734] ? lock_downgrade+0x6d0/0x6d0 [ 3008.698279] __ext4_ioctl+0x8ad/0x4190 [ 3008.698796] ? ext4_reset_inode_seed+0x450/0x450 [ 3008.699433] ? perf_trace_lock+0xac/0x490 [ 3008.699990] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3008.700741] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3008.701417] ? do_vfs_ioctl+0x283/0x10d0 [ 3008.701947] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3008.702631] ? generic_block_fiemap+0x60/0x60 [ 3008.703215] ? lock_downgrade+0x6d0/0x6d0 [ 3008.703783] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3008.704417] ? wait_for_completion_io+0x270/0x270 [ 3008.705055] ? selinux_file_ioctl+0xb6/0x270 [ 3008.705631] ? __ext4_ioctl+0x4190/0x4190 [ 3008.706176] __x64_sys_ioctl+0x19a/0x210 [ 3008.706709] do_syscall_64+0x33/0x40 [ 3008.707197] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.707890] RIP: 0033:0x7f4e27e8db19 [ 3008.708376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.710779] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3008.711785] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3008.712716] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3008.713653] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3008.714579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3008.715521] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:22:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 7) [ 3008.755617] FAULT_INJECTION: forcing a failure. [ 3008.755617] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.757145] CPU: 0 PID: 16292 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3008.758050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.759137] Call Trace: [ 3008.759509] dump_stack+0x107/0x167 [ 3008.759996] should_fail.cold+0x5/0xa [ 3008.760501] ? create_object.isra.0+0x3a/0xa20 [ 3008.761115] should_failslab+0x5/0x20 [ 3008.761617] kmem_cache_alloc+0x5b/0x310 [ 3008.762162] create_object.isra.0+0x3a/0xa20 [ 3008.762756] kmemleak_alloc_percpu+0xa0/0x100 [ 3008.763372] pcpu_alloc+0x4e2/0x1240 [ 3008.763899] __percpu_counter_init+0x10d/0x2d0 [ 3008.764509] io_uring_alloc_task_context+0xcc/0x6a0 [ 3008.765174] ? io_import_iovec+0x1120/0x1120 [ 3008.765757] ? lock_downgrade+0x6d0/0x6d0 [ 3008.766304] ? do_raw_spin_lock+0x121/0x260 [ 3008.766876] ? rwlock_bug.part.0+0x90/0x90 [ 3008.771472] __io_uring_add_tctx_node+0x2c6/0x520 [ 3008.772112] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3008.772803] ? alloc_fd+0x2e7/0x670 [ 3008.773300] io_uring_setup+0x1fbb/0x2980 [ 3008.773859] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3008.774521] ? wait_for_completion_io+0x270/0x270 [ 3008.775203] do_syscall_64+0x33/0x40 [ 3008.775715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.776389] RIP: 0033:0x7f214574ab19 [ 3008.776885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.779298] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3008.780303] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3008.781241] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3008.782175] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3008.783114] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3008.784069] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3008.877559] FAULT_INJECTION: forcing a failure. [ 3008.877559] name failslab, interval 1, probability 0, space 0, times 0 [ 3008.879132] CPU: 0 PID: 16298 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3008.880051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3008.881134] Call Trace: [ 3008.881479] dump_stack+0x107/0x167 [ 3008.881956] should_fail.cold+0x5/0xa [ 3008.882453] ? create_object.isra.0+0x3a/0xa20 [ 3008.883051] should_failslab+0x5/0x20 [ 3008.883568] kmem_cache_alloc+0x5b/0x310 [ 3008.884101] create_object.isra.0+0x3a/0xa20 [ 3008.884669] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3008.885342] kmem_cache_alloc+0x159/0x310 [ 3008.885885] alloc_buffer_head+0x20/0x110 [ 3008.886429] alloc_page_buffers+0x14d/0x700 [ 3008.886997] create_empty_buffers+0x2c/0x640 [ 3008.887587] create_page_buffers+0x1bb/0x230 [ 3008.888167] __block_write_begin_int+0x1d1/0x19c0 [ 3008.888801] ? fat_add_cluster+0x100/0x100 [ 3008.889353] ? add_to_page_cache_locked+0x40/0x40 [ 3008.889984] ? __page_cache_alloc+0x10d/0x360 [ 3008.890565] ? __lock_acquire+0xbb1/0x5b00 [ 3008.891119] ? remove_inode_buffers+0x300/0x300 [ 3008.891739] ? pagecache_get_page+0x243/0xc80 [ 3008.892332] ? wait_for_stable_page+0x92/0xe0 [ 3008.892921] cont_write_begin+0x472/0x980 [ 3008.893463] ? __lock_acquire+0x1657/0x5b00 [ 3008.894032] ? fat_add_cluster+0x100/0x100 [ 3008.894590] ? nobh_write_begin+0xed0/0xed0 [ 3008.895168] fat_write_begin+0x89/0x180 [ 3008.895700] ? fat_add_cluster+0x100/0x100 [ 3008.896252] cont_write_begin+0x20e/0x980 [ 3008.896802] ? fat_add_cluster+0x100/0x100 [ 3008.897351] ? nobh_write_begin+0xed0/0xed0 [ 3008.897917] ? lock_downgrade+0x6d0/0x6d0 [ 3008.898454] ? do_raw_spin_lock+0x121/0x260 [ 3008.899019] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3008.899701] fat_write_begin+0x89/0x180 [ 3008.900221] ? fat_add_cluster+0x100/0x100 [ 3008.900777] generic_perform_write+0x20a/0x4f0 [ 3008.901381] ? fat_direct_IO+0x1ef/0x380 [ 3008.901911] ? page_cache_prev_miss+0x310/0x310 [ 3008.902530] __generic_file_write_iter+0x2cd/0x5d0 [ 3008.903181] generic_file_write_iter+0xdb/0x230 [ 3008.903809] aio_write+0x355/0x7a0 [ 3008.904276] ? cpumask_weight.constprop.0+0x40/0x40 [ 3008.904925] ? lock_acquire+0x197/0x470 [ 3008.905456] ? __might_fault+0xd3/0x180 [ 3008.905983] ? lock_downgrade+0x6d0/0x6d0 [ 3008.906521] ? io_submit_one+0x1e0/0x1b80 [ 3008.907077] io_submit_one+0xfbc/0x1b80 [ 3008.907615] ? lock_acquire+0x197/0x470 [ 3008.908135] ? find_held_lock+0x2c/0x110 [ 3008.908668] ? __do_sys_io_pgetevents+0x410/0x410 [ 3008.909298] ? __might_fault+0xd3/0x180 [ 3008.909819] ? lock_downgrade+0x6d0/0x6d0 [ 3008.910380] __x64_sys_io_submit+0x18d/0x2f0 [ 3008.910956] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3008.911589] ? fput_many+0x2f/0x1a0 [ 3008.912067] ? ksys_write+0x1a9/0x260 [ 3008.912564] ? __ia32_sys_read+0xb0/0xb0 [ 3008.913103] do_syscall_64+0x33/0x40 [ 3008.913589] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3008.914258] RIP: 0033:0x7f67ad288b19 [ 3008.914745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3008.917160] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3008.918153] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3008.919085] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3008.920032] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3008.920963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3008.921897] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 14:22:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x6400, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 8) 14:22:43 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x700, 0x0, 0x0, r1, 0x0}]) 14:22:43 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:22:43 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0xfffffffffffffdef}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:22:43 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:22:43 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 50) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:22:43 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) [ 3023.179555] FAULT_INJECTION: forcing a failure. [ 3023.179555] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.182892] CPU: 1 PID: 16322 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3023.185055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.187366] Call Trace: [ 3023.188180] dump_stack+0x107/0x167 [ 3023.189212] should_fail.cold+0x5/0xa [ 3023.190309] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 3023.191788] should_failslab+0x5/0x20 [ 3023.193037] kmem_cache_alloc_trace+0x55/0x320 [ 3023.194306] io_uring_alloc_task_context+0x4a3/0x6a0 [ 3023.195697] ? io_import_iovec+0x1120/0x1120 [ 3023.197138] ? lock_downgrade+0x6d0/0x6d0 [ 3023.198313] ? do_raw_spin_lock+0x121/0x260 [ 3023.199521] ? rwlock_bug.part.0+0x90/0x90 [ 3023.200878] __io_uring_add_tctx_node+0x2c6/0x520 [ 3023.202192] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3023.203621] ? alloc_fd+0x2e7/0x670 [ 3023.204793] io_uring_setup+0x1fbb/0x2980 [ 3023.205972] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3023.207400] ? wait_for_completion_io+0x270/0x270 [ 3023.208984] do_syscall_64+0x33/0x40 [ 3023.210000] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.211394] RIP: 0033:0x7f214574ab19 [ 3023.212531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.217896] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3023.219945] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3023.221918] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3023.223939] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3023.225889] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3023.227890] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3023.245271] FAULT_INJECTION: forcing a failure. [ 3023.245271] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.247172] CPU: 0 PID: 16330 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3023.248343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.249703] Call Trace: [ 3023.250139] dump_stack+0x107/0x167 [ 3023.250742] should_fail.cold+0x5/0xa [ 3023.251375] ? create_object.isra.0+0x3a/0xa20 [ 3023.252150] should_failslab+0x5/0x20 [ 3023.252782] kmem_cache_alloc+0x5b/0x310 [ 3023.253462] create_object.isra.0+0x3a/0xa20 [ 3023.254189] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3023.255036] kmem_cache_alloc+0x159/0x310 [ 3023.255731] alloc_buffer_head+0x20/0x110 [ 3023.256443] alloc_page_buffers+0x14d/0x700 [ 3023.257166] create_empty_buffers+0x2c/0x640 [ 3023.257901] create_page_buffers+0x1bb/0x230 [ 3023.258636] __block_write_begin_int+0x1d1/0x19c0 [ 3023.259439] ? fat_add_cluster+0x100/0x100 [ 3023.260161] ? add_to_page_cache_locked+0x40/0x40 [ 3023.260963] ? __page_cache_alloc+0x10d/0x360 [ 3023.261704] ? __lock_acquire+0xbb1/0x5b00 [ 3023.262406] ? remove_inode_buffers+0x300/0x300 [ 3023.263177] ? pagecache_get_page+0x243/0xc80 [ 3023.263933] ? wait_for_stable_page+0x92/0xe0 [ 3023.264681] cont_write_begin+0x472/0x980 [ 3023.265373] ? __lock_acquire+0x1657/0x5b00 [ 3023.266092] ? fat_add_cluster+0x100/0x100 [ 3023.266793] ? nobh_write_begin+0xed0/0xed0 [ 3023.267528] fat_write_begin+0x89/0x180 [ 3023.268147] ? fat_add_cluster+0x100/0x100 [ 3023.268743] cont_write_begin+0x20e/0x980 [ 3023.269334] ? fat_add_cluster+0x100/0x100 [ 3023.269930] ? nobh_write_begin+0xed0/0xed0 [ 3023.270540] ? lock_downgrade+0x6d0/0x6d0 [ 3023.271123] ? do_raw_spin_lock+0x121/0x260 [ 3023.271734] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3023.272559] fat_write_begin+0x89/0x180 [ 3023.273211] ? fat_add_cluster+0x100/0x100 [ 3023.273904] generic_perform_write+0x20a/0x4f0 [ 3023.274656] ? fat_direct_IO+0x1ef/0x380 [ 3023.275318] ? page_cache_prev_miss+0x310/0x310 [ 3023.276084] __generic_file_write_iter+0x2cd/0x5d0 [ 3023.276786] generic_file_write_iter+0xdb/0x230 [ 3023.277472] aio_write+0x355/0x7a0 [ 3023.277980] ? cpumask_weight.constprop.0+0x40/0x40 [ 3023.278700] ? lock_acquire+0x197/0x470 [ 3023.279290] ? __might_fault+0xd3/0x180 [ 3023.279876] ? lock_downgrade+0x6d0/0x6d0 [ 3023.280579] ? io_submit_one+0x1e0/0x1b80 [ 3023.281304] io_submit_one+0xfbc/0x1b80 [ 3023.281982] ? lock_acquire+0x197/0x470 [ 3023.282649] ? find_held_lock+0x2c/0x110 [ 3023.283336] ? __do_sys_io_pgetevents+0x410/0x410 [ 3023.284158] ? __might_fault+0xd3/0x180 [ 3023.284836] ? lock_downgrade+0x6d0/0x6d0 [ 3023.285548] __x64_sys_io_submit+0x18d/0x2f0 [ 3023.286297] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3023.287077] ? fput_many+0x2f/0x1a0 [ 3023.287707] ? ksys_write+0x1a9/0x260 [ 3023.288285] ? __ia32_sys_read+0xb0/0xb0 [ 3023.288898] do_syscall_64+0x33/0x40 [ 3023.289437] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.290165] RIP: 0033:0x7f67ad288b19 [ 3023.290722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.293652] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3023.294932] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 3023.296136] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3023.297322] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.298510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3023.299675] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 14:22:43 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) [ 3023.339490] FAULT_INJECTION: forcing a failure. [ 3023.339490] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.341071] CPU: 1 PID: 16321 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3023.342005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.343120] Call Trace: [ 3023.343484] dump_stack+0x107/0x167 [ 3023.344041] should_fail.cold+0x5/0xa [ 3023.344564] ? ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3023.345231] should_failslab+0x5/0x20 [ 3023.345750] kmem_cache_alloc_trace+0x55/0x320 [ 3023.346382] ? ext4_get_group_desc+0x2a0/0x560 [ 3023.347028] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3023.347673] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3023.349322] ? do_swap+0x134/0x210 [ 3023.350346] ? sort_r+0x239/0x360 [ 3023.351294] ? ext4_file_open+0xa50/0xa50 [ 3023.352569] ext4_getfsmap+0x695/0x990 [ 3023.353638] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3023.355102] ? ext4_fsmap_to_internal+0x260/0x260 [ 3023.356572] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3023.358113] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3023.359614] ext4_ioc_getfsmap+0x2b0/0x620 [ 3023.360977] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3023.362257] ? find_held_lock+0x2c/0x110 [ 3023.363384] ? avc_has_extended_perms+0x675/0xf40 [ 3023.364962] ? lock_downgrade+0x6d0/0x6d0 [ 3023.366162] __ext4_ioctl+0x8ad/0x4190 [ 3023.367275] ? ext4_reset_inode_seed+0x450/0x450 [ 3023.368717] ? perf_trace_lock+0xac/0x490 [ 3023.369869] ? SOFTIRQ_verbose+0x10/0x10 [ 3023.371014] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3023.372789] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3023.374197] ? do_vfs_ioctl+0x283/0x10d0 [ 3023.375282] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3023.376906] ? generic_block_fiemap+0x60/0x60 [ 3023.378126] ? lock_downgrade+0x6d0/0x6d0 [ 3023.379258] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3023.380748] ? wait_for_completion_io+0x270/0x270 [ 3023.382141] ? selinux_file_ioctl+0xb6/0x270 [ 3023.383385] ? __ext4_ioctl+0x4190/0x4190 [ 3023.384675] __x64_sys_ioctl+0x19a/0x210 [ 3023.385767] do_syscall_64+0x33/0x40 [ 3023.386740] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.388161] RIP: 0033:0x7f4e27e8db19 [ 3023.389171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.394591] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3023.396736] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3023.398671] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3023.400732] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.402645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.404752] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3023.410253] FAULT_INJECTION: forcing a failure. [ 3023.410253] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.412304] CPU: 0 PID: 16343 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3023.413441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.414795] Call Trace: [ 3023.415242] dump_stack+0x107/0x167 [ 3023.415870] should_fail.cold+0x5/0xa [ 3023.416541] ? create_object.isra.0+0x3a/0xa20 [ 3023.417297] should_failslab+0x5/0x20 [ 3023.417927] kmem_cache_alloc+0x5b/0x310 [ 3023.418615] create_object.isra.0+0x3a/0xa20 [ 3023.419346] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3023.420225] kmem_cache_alloc_trace+0x151/0x320 [ 3023.421009] io_uring_alloc_task_context+0x4a3/0x6a0 [ 3023.421855] ? io_import_iovec+0x1120/0x1120 [ 3023.422592] ? lock_downgrade+0x6d0/0x6d0 [ 3023.423290] ? do_raw_spin_lock+0x121/0x260 [ 3023.424026] ? rwlock_bug.part.0+0x90/0x90 [ 3023.424732] __io_uring_add_tctx_node+0x2c6/0x520 [ 3023.425536] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3023.426409] ? alloc_fd+0x2e7/0x670 [ 3023.427047] io_uring_setup+0x1fbb/0x2980 [ 3023.427777] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3023.428694] ? wait_for_completion_io+0x270/0x270 [ 3023.429562] do_syscall_64+0x33/0x40 [ 3023.430188] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.431044] RIP: 0033:0x7f214574ab19 [ 3023.431665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.434629] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3023.435709] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3023.436712] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3023.437648] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3023.438579] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3023.439510] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:22:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x66a2, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 9) 14:22:43 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) 14:22:43 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xeffd, 0x0, 0x0, r1, 0x0}]) 14:22:43 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3023.594678] FAULT_INJECTION: forcing a failure. [ 3023.594678] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.597799] CPU: 1 PID: 16354 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3023.599641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.602267] Call Trace: [ 3023.602913] dump_stack+0x107/0x167 [ 3023.603774] should_fail.cold+0x5/0xa [ 3023.604844] ? create_object.isra.0+0x3a/0xa20 [ 3023.605994] should_failslab+0x5/0x20 [ 3023.606918] kmem_cache_alloc+0x5b/0x310 [ 3023.607921] create_object.isra.0+0x3a/0xa20 [ 3023.608478] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3023.609118] kmem_cache_alloc_trace+0x151/0x320 [ 3023.609709] __iomap_dio_rw+0x1ee/0x1110 [ 3023.610227] ? jbd2_journal_stop+0x188/0xdc0 [ 3023.610781] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3023.611356] ? ext4_orphan_add+0x253/0x9e0 [ 3023.611996] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3023.612662] ? ext4_empty_dir+0xae0/0xae0 [ 3023.613212] ? jbd2__journal_start+0xf3/0x7e0 [ 3023.613820] iomap_dio_rw+0x31/0x90 [ 3023.614315] ext4_file_write_iter+0xe0e/0x1530 [ 3023.614940] ? ext4_file_read_iter+0x4c0/0x4c0 14:22:43 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3023.615564] ? security_file_permission+0xb1/0xe0 [ 3023.616031] FAULT_INJECTION: forcing a failure. [ 3023.616031] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.616255] aio_write+0x355/0x7a0 [ 3023.618100] ? cpumask_weight.constprop.0+0x40/0x40 [ 3023.618725] ? lock_acquire+0x197/0x470 [ 3023.619243] ? __might_fault+0xd3/0x180 [ 3023.619743] ? lock_downgrade+0x6d0/0x6d0 [ 3023.620818] ? io_submit_one+0x1e0/0x1b80 [ 3023.621826] io_submit_one+0xfbc/0x1b80 [ 3023.622778] ? lock_acquire+0x197/0x470 [ 3023.623725] ? find_held_lock+0x2c/0x110 [ 3023.624862] ? __do_sys_io_pgetevents+0x410/0x410 [ 3023.626013] ? __might_fault+0xd3/0x180 [ 3023.626959] ? lock_downgrade+0x6d0/0x6d0 [ 3023.627989] __x64_sys_io_submit+0x18d/0x2f0 [ 3023.629042] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3023.630170] ? fput_many+0x2f/0x1a0 [ 3023.631038] ? ksys_write+0x1a9/0x260 [ 3023.631932] ? __ia32_sys_read+0xb0/0xb0 [ 3023.632455] do_syscall_64+0x33/0x40 [ 3023.632927] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.633568] RIP: 0033:0x7f67ad288b19 [ 3023.634037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.636956] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3023.638771] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3023.640208] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3023.641100] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.641993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3023.642884] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 3023.643803] CPU: 0 PID: 16352 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3023.645958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.648330] Call Trace: [ 3023.649050] dump_stack+0x107/0x167 [ 3023.650049] should_fail.cold+0x5/0xa [ 3023.651136] ? io_wq_create+0xeb/0xc00 [ 3023.652077] should_failslab+0x5/0x20 [ 3023.652617] __kmalloc+0x72/0x390 [ 3023.653134] io_wq_create+0xeb/0xc00 [ 3023.653688] io_uring_alloc_task_context+0x1f1/0x6a0 [ 3023.654409] ? io_import_iovec+0x1120/0x1120 [ 3023.655039] ? io_apoll_task_func+0x2d0/0x2d0 [ 3023.655677] ? __io_req_find_next+0x300/0x300 [ 3023.656962] ? do_raw_spin_lock+0x121/0x260 [ 3023.658179] ? rwlock_bug.part.0+0x90/0x90 [ 3023.659379] __io_uring_add_tctx_node+0x2c6/0x520 [ 3023.660921] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3023.662421] ? alloc_fd+0x2e7/0x670 [ 3023.663479] io_uring_setup+0x1fbb/0x2980 [ 3023.664831] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3023.666291] ? wait_for_completion_io+0x270/0x270 [ 3023.667710] do_syscall_64+0x33/0x40 [ 3023.668954] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.670377] RIP: 0033:0x7f214574ab19 [ 3023.671396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.674185] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3023.675259] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3023.676281] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3023.677279] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3023.678277] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3023.679271] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:22:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 10) [ 3023.845080] FAULT_INJECTION: forcing a failure. [ 3023.845080] name failslab, interval 1, probability 0, space 0, times 0 [ 3023.846759] CPU: 1 PID: 16365 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3023.847681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3023.848798] Call Trace: [ 3023.849161] dump_stack+0x107/0x167 [ 3023.849654] should_fail.cold+0x5/0xa [ 3023.850165] ? create_object.isra.0+0x3a/0xa20 [ 3023.850774] should_failslab+0x5/0x20 [ 3023.851283] kmem_cache_alloc+0x5b/0x310 [ 3023.851835] create_object.isra.0+0x3a/0xa20 [ 3023.852434] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3023.853090] kmem_cache_alloc+0x159/0x310 [ 3023.853610] alloc_buffer_head+0x20/0x110 [ 3023.854124] alloc_page_buffers+0x14d/0x700 [ 3023.854662] create_empty_buffers+0x2c/0x640 [ 3023.855213] create_page_buffers+0x1bb/0x230 [ 3023.855761] __block_write_begin_int+0x1d1/0x19c0 [ 3023.856382] ? fat_add_cluster+0x100/0x100 [ 3023.856911] ? add_to_page_cache_locked+0x40/0x40 [ 3023.857511] ? __page_cache_alloc+0x10d/0x360 [ 3023.858070] ? __lock_acquire+0xbb1/0x5b00 [ 3023.858597] ? remove_inode_buffers+0x300/0x300 [ 3023.859179] ? pagecache_get_page+0x243/0xc80 [ 3023.859742] ? wait_for_stable_page+0x92/0xe0 [ 3023.860319] cont_write_begin+0x472/0x980 [ 3023.860843] ? __lock_acquire+0x1657/0x5b00 [ 3023.861380] ? fat_add_cluster+0x100/0x100 [ 3023.861908] ? nobh_write_begin+0xed0/0xed0 [ 3023.862458] fat_write_begin+0x89/0x180 [ 3023.862953] ? fat_add_cluster+0x100/0x100 [ 3023.863487] cont_write_begin+0x20e/0x980 [ 3023.864030] ? fat_add_cluster+0x100/0x100 [ 3023.864556] ? nobh_write_begin+0xed0/0xed0 [ 3023.865094] ? lock_downgrade+0x6d0/0x6d0 [ 3023.865607] ? do_raw_spin_lock+0x121/0x260 [ 3023.866145] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3023.866778] fat_write_begin+0x89/0x180 [ 3023.867271] ? fat_add_cluster+0x100/0x100 [ 3023.867801] generic_perform_write+0x20a/0x4f0 [ 3023.868385] ? fat_direct_IO+0x1ef/0x380 [ 3023.868892] ? page_cache_prev_miss+0x310/0x310 [ 3023.869481] __generic_file_write_iter+0x2cd/0x5d0 [ 3023.870095] generic_file_write_iter+0xdb/0x230 [ 3023.870676] aio_write+0x355/0x7a0 [ 3023.871124] ? cpumask_weight.constprop.0+0x40/0x40 [ 3023.871741] ? lock_acquire+0x197/0x470 [ 3023.872275] ? __might_fault+0xd3/0x180 [ 3023.872769] ? lock_downgrade+0x6d0/0x6d0 [ 3023.873285] ? io_submit_one+0x1e0/0x1b80 [ 3023.873817] io_submit_one+0xfbc/0x1b80 [ 3023.874320] ? lock_acquire+0x197/0x470 [ 3023.874815] ? find_held_lock+0x2c/0x110 [ 3023.875323] ? __do_sys_io_pgetevents+0x410/0x410 [ 3023.875936] ? __might_fault+0xd3/0x180 [ 3023.876435] ? lock_downgrade+0x6d0/0x6d0 [ 3023.876976] __x64_sys_io_submit+0x18d/0x2f0 [ 3023.877526] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3023.878113] ? fput_many+0x2f/0x1a0 [ 3023.878566] ? ksys_write+0x1a9/0x260 [ 3023.879044] ? __ia32_sys_read+0xb0/0xb0 [ 3023.879559] do_syscall_64+0x33/0x40 [ 3023.880044] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3023.880679] RIP: 0033:0x7f67ad288b19 [ 3023.881146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3023.883419] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3023.884382] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3023.885283] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3023.886193] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3023.887129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3023.888035] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 14:22:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x8102, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 11) 14:22:57 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) 14:22:57 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:22:57 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x2}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:22:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfcfd, 0x0, 0x0, r1, 0x0}]) 14:22:57 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66731e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:22:57 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 51) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3037.772607] FAULT_INJECTION: forcing a failure. [ 3037.772607] name failslab, interval 1, probability 0, space 0, times 0 [ 3037.774138] CPU: 0 PID: 16376 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3037.775043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3037.776126] Call Trace: [ 3037.776501] dump_stack+0x107/0x167 [ 3037.776993] should_fail.cold+0x5/0xa [ 3037.777502] ? create_object.isra.0+0x3a/0xa20 [ 3037.778112] should_failslab+0x5/0x20 [ 3037.778617] kmem_cache_alloc+0x5b/0x310 [ 3037.779166] create_object.isra.0+0x3a/0xa20 [ 3037.779745] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3037.780429] __kmalloc+0x16e/0x390 [ 3037.780920] io_wq_create+0xeb/0xc00 [ 3037.781430] io_uring_alloc_task_context+0x1f1/0x6a0 [ 3037.782104] ? io_import_iovec+0x1120/0x1120 [ 3037.782690] ? io_apoll_task_func+0x2d0/0x2d0 [ 3037.783277] ? __io_req_find_next+0x300/0x300 [ 3037.783869] ? do_raw_spin_lock+0x121/0x260 [ 3037.784453] ? rwlock_bug.part.0+0x90/0x90 [ 3037.785027] __io_uring_add_tctx_node+0x2c6/0x520 [ 3037.785667] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3037.786357] ? alloc_fd+0x2e7/0x670 [ 3037.786858] io_uring_setup+0x1fbb/0x2980 [ 3037.787418] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3037.788088] ? wait_for_completion_io+0x270/0x270 [ 3037.788788] do_syscall_64+0x33/0x40 [ 3037.789283] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3037.789961] RIP: 0033:0x7f214574ab19 [ 3037.790458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3037.792932] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3037.793959] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3037.794911] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3037.795869] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3037.796840] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3037.797457] FAULT_INJECTION: forcing a failure. [ 3037.797457] name failslab, interval 1, probability 0, space 0, times 0 [ 3037.797789] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3037.800536] CPU: 1 PID: 16387 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3037.801409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3037.802452] Call Trace: [ 3037.802791] dump_stack+0x107/0x167 [ 3037.803250] should_fail.cold+0x5/0xa [ 3037.803731] ? create_object.isra.0+0x3a/0xa20 [ 3037.804309] should_failslab+0x5/0x20 [ 3037.804808] kmem_cache_alloc+0x5b/0x310 [ 3037.805321] ? lock_downgrade+0x6d0/0x6d0 [ 3037.805850] create_object.isra.0+0x3a/0xa20 [ 3037.806687] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3037.808169] kmem_cache_alloc_trace+0x151/0x320 [ 3037.809564] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3037.810977] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3037.812587] ? do_swap+0x134/0x210 [ 3037.813650] ? sort_r+0x239/0x360 [ 3037.814703] ? ext4_file_open+0xa50/0xa50 [ 3037.815959] ext4_getfsmap+0x695/0x990 [ 3037.817120] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3037.818676] ? ext4_fsmap_to_internal+0x260/0x260 [ 3037.820080] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3037.821651] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3037.823277] ext4_ioc_getfsmap+0x2b0/0x620 [ 3037.824525] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3037.825847] ? find_held_lock+0x2c/0x110 [ 3037.827032] ? avc_has_extended_perms+0x675/0xf40 [ 3037.828501] ? lock_downgrade+0x6d0/0x6d0 [ 3037.829707] __ext4_ioctl+0x8ad/0x4190 [ 3037.830846] ? ext4_reset_inode_seed+0x450/0x450 [ 3037.832221] ? perf_trace_lock+0xac/0x490 [ 3037.833438] ? SOFTIRQ_verbose+0x10/0x10 [ 3037.834632] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3037.836313] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3037.837892] ? do_vfs_ioctl+0x283/0x10d0 [ 3037.839073] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3037.840605] ? generic_block_fiemap+0x60/0x60 [ 3037.841901] ? lock_downgrade+0x6d0/0x6d0 [ 3037.843102] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3037.844549] ? wait_for_completion_io+0x270/0x270 [ 3037.846029] ? selinux_file_ioctl+0xb6/0x270 [ 3037.847393] ? __ext4_ioctl+0x4190/0x4190 [ 3037.848654] __x64_sys_ioctl+0x19a/0x210 [ 3037.849853] do_syscall_64+0x33/0x40 [ 3037.850972] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3037.852527] RIP: 0033:0x7f4e27e8db19 [ 3037.853615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3037.859123] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3037.861349] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3037.863510] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3037.865644] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3037.867802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3037.869932] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3037.876754] FAULT_INJECTION: forcing a failure. [ 3037.876754] name failslab, interval 1, probability 0, space 0, times 0 [ 3037.880092] CPU: 1 PID: 16392 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3037.882131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3037.884587] Call Trace: [ 3037.885364] dump_stack+0x107/0x167 [ 3037.886453] should_fail.cold+0x5/0xa [ 3037.887588] ? create_object.isra.0+0x3a/0xa20 [ 3037.888954] should_failslab+0x5/0x20 [ 3037.890068] kmem_cache_alloc+0x5b/0x310 [ 3037.891253] create_object.isra.0+0x3a/0xa20 [ 3037.892542] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3037.894024] kmem_cache_alloc+0x159/0x310 [ 3037.895233] alloc_buffer_head+0x20/0x110 [ 3037.896449] alloc_page_buffers+0x14d/0x700 [ 3037.897706] create_empty_buffers+0x2c/0x640 [ 3037.898994] create_page_buffers+0x1bb/0x230 [ 3037.900318] __block_write_begin_int+0x1d1/0x19c0 [ 3037.901757] ? fat_add_cluster+0x100/0x100 [ 3037.902988] ? add_to_page_cache_locked+0x40/0x40 [ 3037.904399] ? __page_cache_alloc+0x10d/0x360 [ 3037.905711] ? __lock_acquire+0xbb1/0x5b00 [ 3037.906936] ? remove_inode_buffers+0x300/0x300 [ 3037.908289] ? pagecache_get_page+0x243/0xc80 [ 3037.909610] ? wait_for_stable_page+0x92/0xe0 [ 3037.910911] cont_write_begin+0x472/0x980 [ 3037.912123] ? __lock_acquire+0x1657/0x5b00 [ 3037.913424] ? fat_add_cluster+0x100/0x100 [ 3037.914693] ? nobh_write_begin+0xed0/0xed0 [ 3037.916000] fat_write_begin+0x89/0x180 [ 3037.917179] ? fat_add_cluster+0x100/0x100 [ 3037.918410] cont_write_begin+0x20e/0x980 [ 3037.919617] ? fat_add_cluster+0x100/0x100 [ 3037.920851] ? nobh_write_begin+0xed0/0xed0 [ 3037.922106] ? lock_downgrade+0x6d0/0x6d0 [ 3037.923307] ? do_raw_spin_lock+0x121/0x260 [ 3037.924581] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3037.926079] fat_write_begin+0x89/0x180 [ 3037.927270] ? fat_add_cluster+0x100/0x100 [ 3037.928508] generic_perform_write+0x20a/0x4f0 [ 3037.929837] ? fat_direct_IO+0x1ef/0x380 [ 3037.931015] ? page_cache_prev_miss+0x310/0x310 [ 3037.932416] __generic_file_write_iter+0x2cd/0x5d0 [ 3037.933885] generic_file_write_iter+0xdb/0x230 [ 3037.935283] aio_write+0x355/0x7a0 [ 3037.936313] ? cpumask_weight.constprop.0+0x40/0x40 [ 3037.937793] ? lock_acquire+0x197/0x470 [ 3037.938999] ? __might_fault+0xd3/0x180 [ 3037.940168] ? lock_downgrade+0x6d0/0x6d0 [ 3037.941378] ? io_submit_one+0x1e0/0x1b80 [ 3037.942620] io_submit_one+0xfbc/0x1b80 [ 3037.943821] ? lock_acquire+0x197/0x470 [ 3037.945012] ? find_held_lock+0x2c/0x110 [ 3037.946201] ? __do_sys_io_pgetevents+0x410/0x410 [ 3037.947631] ? __might_fault+0xd3/0x180 [ 3037.948800] ? lock_downgrade+0x6d0/0x6d0 [ 3037.950030] __x64_sys_io_submit+0x18d/0x2f0 [ 3037.951355] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3037.952776] ? fput_many+0x2f/0x1a0 [ 3037.953845] ? ksys_write+0x1a9/0x260 [ 3037.954943] ? __ia32_sys_read+0xb0/0xb0 [ 3037.956121] do_syscall_64+0x33/0x40 [ 3037.957205] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3037.958692] RIP: 0033:0x7f67ad288b19 [ 3037.959763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3037.965221] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3037.967457] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 3037.969556] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3037.971626] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3037.973709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3037.975793] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 14:22:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) 14:22:58 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 52) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3038.003575] FAT-fs (loop7): invalid media value (0x84) [ 3038.005284] FAT-fs (loop7): Can't find a valid FAT filesystem 14:22:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 12) [ 3038.043456] FAULT_INJECTION: forcing a failure. [ 3038.043456] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.045166] CPU: 0 PID: 16400 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3038.046180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.047390] Call Trace: [ 3038.047785] dump_stack+0x107/0x167 [ 3038.048329] should_fail.cold+0x5/0xa [ 3038.048912] ? io_wq_create+0x6ef/0xc00 [ 3038.049514] should_failslab+0x5/0x20 [ 3038.050093] kmem_cache_alloc_node_trace+0x59/0x340 [ 3038.050859] io_wq_create+0x6ef/0xc00 [ 3038.051451] io_uring_alloc_task_context+0x1f1/0x6a0 [ 3038.052210] ? io_import_iovec+0x1120/0x1120 [ 3038.052878] ? io_apoll_task_func+0x2d0/0x2d0 [ 3038.053538] ? __io_req_find_next+0x300/0x300 [ 3038.054199] ? do_raw_spin_lock+0x121/0x260 [ 3038.055502] ? rwlock_bug.part.0+0x90/0x90 [ 3038.056179] __io_uring_add_tctx_node+0x2c6/0x520 [ 3038.060957] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3038.061761] ? alloc_fd+0x2e7/0x670 [ 3038.062353] io_uring_setup+0x1fbb/0x2980 [ 3038.063017] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3038.063793] ? wait_for_completion_io+0x270/0x270 [ 3038.064622] do_syscall_64+0x33/0x40 [ 3038.065214] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3038.066767] RIP: 0033:0x7f214574ab19 [ 3038.067882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3038.073487] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3038.075748] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3038.077894] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3038.080036] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3038.082204] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3038.084326] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3038.146860] FAULT_INJECTION: forcing a failure. [ 3038.146860] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.150943] CPU: 0 PID: 16407 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3038.153014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.155522] Call Trace: 14:22:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) [ 3038.156309] dump_stack+0x107/0x167 [ 3038.160951] should_fail.cold+0x5/0xa [ 3038.162078] ? ext4_find_extent+0xa77/0xd70 [ 3038.163363] should_failslab+0x5/0x20 [ 3038.164500] __kmalloc+0x72/0x390 [ 3038.165236] FAULT_INJECTION: forcing a failure. [ 3038.165236] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.165551] ext4_find_extent+0xa77/0xd70 [ 3038.169376] ext4_ext_map_blocks+0x1c8/0x5830 [ 3038.170714] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3038.172261] ? SOFTIRQ_verbose+0x10/0x10 [ 3038.173477] ? perf_trace_lock+0xac/0x490 [ 3038.174703] ? SOFTIRQ_verbose+0x10/0x10 [ 3038.175907] ? ext4_ext_release+0x10/0x10 [ 3038.177148] ? lock_release+0x680/0x680 [ 3038.178341] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 3038.179739] ? lock_downgrade+0x6d0/0x6d0 [ 3038.180997] ? down_read+0x10f/0x430 [ 3038.182096] ? down_write+0x160/0x160 [ 3038.183215] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 3038.184650] ext4_map_blocks+0x8e1/0x1910 [ 3038.185879] ? kmem_cache_alloc+0x2a6/0x310 [ 3038.187149] ? __kernel_text_address+0x9/0x40 [ 3038.188520] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 3038.189866] ? jbd2__journal_start+0xf3/0x7e0 [ 3038.191221] ? __ext4_journal_start_sb+0x214/0x390 [ 3038.192679] ? __ext4_journal_start_sb+0x1db/0x390 [ 3038.194131] ext4_iomap_begin+0x3ad/0x700 [ 3038.195376] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 3038.196871] ? kasan_save_stack+0x1b/0x40 [ 3038.198105] ? ext4_file_write_iter+0xe0e/0x1530 [ 3038.199527] ? truncate_exceptional_pvec_entries.part.0+0x510/0x510 [ 3038.201467] ? lock_chain_count+0x20/0x20 [ 3038.202691] ? __lockdep_reset_lock+0x180/0x180 [ 3038.204064] iomap_apply+0x164/0x810 [ 3038.205189] ? iomap_dio_rw+0x90/0x90 [ 3038.206310] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3038.208055] ? mark_held_locks+0x9e/0xe0 [ 3038.209275] ? filemap_check_errors+0xa5/0x150 [ 3038.210628] __iomap_dio_rw+0x6cd/0x1110 [ 3038.211824] ? iomap_dio_rw+0x90/0x90 [ 3038.212976] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3038.214338] ? ext4_orphan_add+0x253/0x9e0 [ 3038.215595] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3038.217075] ? ext4_empty_dir+0xae0/0xae0 [ 3038.218306] ? jbd2__journal_start+0xf3/0x7e0 [ 3038.219661] iomap_dio_rw+0x31/0x90 [ 3038.220779] ext4_file_write_iter+0xe0e/0x1530 [ 3038.222139] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3038.223498] ? security_file_permission+0xb1/0xe0 [ 3038.224965] aio_write+0x355/0x7a0 [ 3038.226050] ? cpumask_weight.constprop.0+0x40/0x40 [ 3038.227560] ? lock_acquire+0x197/0x470 [ 3038.228763] ? __might_fault+0xd3/0x180 [ 3038.229932] ? lock_downgrade+0x6d0/0x6d0 [ 3038.231149] ? io_submit_one+0x1e0/0x1b80 [ 3038.232387] io_submit_one+0xfbc/0x1b80 [ 3038.233608] ? lock_acquire+0x197/0x470 [ 3038.234812] ? find_held_lock+0x2c/0x110 [ 3038.236005] ? __do_sys_io_pgetevents+0x410/0x410 [ 3038.237437] ? __might_fault+0xd3/0x180 [ 3038.238607] ? lock_downgrade+0x6d0/0x6d0 [ 3038.239842] __x64_sys_io_submit+0x18d/0x2f0 [ 3038.241166] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3038.242605] ? fput_many+0x2f/0x1a0 [ 3038.243674] ? ksys_write+0x1a9/0x260 [ 3038.244803] ? __ia32_sys_read+0xb0/0xb0 [ 3038.246008] do_syscall_64+0x33/0x40 [ 3038.247101] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3038.248644] RIP: 0033:0x7f67ad288b19 [ 3038.249743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3038.255338] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3038.257599] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3038.259708] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3038.261846] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3038.264032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3038.266171] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 3038.268308] CPU: 1 PID: 16409 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3038.269300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.270460] Call Trace: [ 3038.270800] dump_stack+0x107/0x167 [ 3038.271264] should_fail.cold+0x5/0xa [ 3038.271750] ? create_object.isra.0+0x3a/0xa20 [ 3038.272328] should_failslab+0x5/0x20 [ 3038.272819] kmem_cache_alloc+0x5b/0x310 [ 3038.273332] ? io_wq_create+0x114/0xc00 [ 3038.273839] create_object.isra.0+0x3a/0xa20 [ 3038.274388] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3038.275032] kmem_cache_alloc_node_trace+0x16d/0x340 [ 3038.275678] io_wq_create+0x6ef/0xc00 [ 3038.276172] io_uring_alloc_task_context+0x1f1/0x6a0 [ 3038.277339] ? io_import_iovec+0x1120/0x1120 [ 3038.278617] ? io_apoll_task_func+0x2d0/0x2d0 [ 3038.279911] ? __io_req_find_next+0x300/0x300 [ 3038.289461] ? do_raw_spin_lock+0x121/0x260 [ 3038.290714] ? rwlock_bug.part.0+0x90/0x90 [ 3038.291950] __io_uring_add_tctx_node+0x2c6/0x520 [ 3038.293377] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3038.294897] ? alloc_fd+0x2e7/0x670 [ 3038.295970] io_uring_setup+0x1fbb/0x2980 [ 3038.297194] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3038.298667] ? wait_for_completion_io+0x270/0x270 [ 3038.300107] do_syscall_64+0x33/0x40 [ 3038.301183] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3038.302436] RIP: 0033:0x7f214574ab19 [ 3038.303339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3038.308653] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3038.310865] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3038.312994] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3038.315063] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3038.317152] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3038.319295] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3038.327486] FAULT_INJECTION: forcing a failure. [ 3038.327486] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.330669] CPU: 1 PID: 16404 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3038.332373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.334835] Call Trace: [ 3038.335609] dump_stack+0x107/0x167 [ 3038.336675] should_fail.cold+0x5/0xa [ 3038.337784] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 3038.339189] should_failslab+0x5/0x20 [ 3038.340295] kmem_cache_alloc_trace+0x55/0x320 [ 3038.341651] ? ext4_bg_num_gdb+0x172/0x250 [ 3038.342883] ext4_getfsmap_datadev+0x86d/0x25d0 [ 3038.344250] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3038.345811] ? do_swap+0x134/0x210 [ 3038.346843] ? sort_r+0x239/0x360 [ 3038.347846] ? ext4_file_open+0xa50/0xa50 [ 3038.349073] ext4_getfsmap+0x695/0x990 [ 3038.350228] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3038.351782] ? ext4_fsmap_to_internal+0x260/0x260 [ 3038.353199] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3038.354750] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3038.356322] ext4_ioc_getfsmap+0x2b0/0x620 [ 3038.357542] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3038.358630] ? find_held_lock+0x2c/0x110 [ 3038.359606] ? avc_has_extended_perms+0x675/0xf40 [ 3038.360699] ? lock_downgrade+0x6d0/0x6d0 [ 3038.361917] __ext4_ioctl+0x8ad/0x4190 [ 3038.363055] ? ext4_reset_inode_seed+0x450/0x450 [ 3038.364437] ? perf_trace_lock+0xac/0x490 [ 3038.365648] ? SOFTIRQ_verbose+0x10/0x10 [ 3038.366842] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3038.368534] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3038.370034] ? do_vfs_ioctl+0x283/0x10d0 [ 3038.371209] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3038.372750] ? generic_block_fiemap+0x60/0x60 [ 3038.374052] ? lock_downgrade+0x6d0/0x6d0 [ 3038.375258] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3038.376673] ? wait_for_completion_io+0x270/0x270 [ 3038.378083] ? selinux_file_ioctl+0xb6/0x270 [ 3038.379363] ? __ext4_ioctl+0x4190/0x4190 [ 3038.380588] __x64_sys_ioctl+0x19a/0x210 [ 3038.381791] do_syscall_64+0x33/0x40 [ 3038.382869] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3038.384367] RIP: 0033:0x7f4e27e8db19 [ 3038.385435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3038.389199] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3038.390154] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3038.391048] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3038.391943] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3038.393398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3038.395154] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:22:58 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x3}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:22:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xa266, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:22:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) [ 3038.452225] FAULT_INJECTION: forcing a failure. [ 3038.452225] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.454655] CPU: 1 PID: 16417 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3038.455522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.456558] Call Trace: [ 3038.456898] dump_stack+0x107/0x167 [ 3038.457361] should_fail.cold+0x5/0xa [ 3038.457848] ? __io_uring_add_tctx_node+0x15c/0x520 [ 3038.458481] should_failslab+0x5/0x20 [ 3038.458964] kmem_cache_alloc_trace+0x55/0x320 [ 3038.459551] __io_uring_add_tctx_node+0x15c/0x520 [ 3038.460163] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3038.461366] ? alloc_fd+0x2e7/0x670 [ 3038.462471] io_uring_setup+0x1fbb/0x2980 [ 3038.463673] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3038.464932] ? wait_for_completion_io+0x270/0x270 [ 3038.466160] do_syscall_64+0x33/0x40 [ 3038.467071] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3038.468334] RIP: 0033:0x7f214574ab19 [ 3038.469408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:22:58 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3038.474189] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3038.481302] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3038.482195] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3038.483086] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3038.483976] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3038.488837] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3038.509549] FAT-fs (loop7): invalid media value (0x00) [ 3038.510319] FAT-fs (loop7): Can't find a valid FAT filesystem 14:23:12 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:12 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 53) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:23:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xff01, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfdef, 0x0, 0x0, r1, 0x0}]) 14:23:12 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732166617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:23:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 13) 14:23:12 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) 14:23:12 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x4}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3052.562086] FAULT_INJECTION: forcing a failure. [ 3052.562086] name failslab, interval 1, probability 0, space 0, times 0 [ 3052.563621] CPU: 0 PID: 16436 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3052.564523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3052.565624] Call Trace: [ 3052.565979] dump_stack+0x107/0x167 [ 3052.566469] should_fail.cold+0x5/0xa [ 3052.566979] ? create_object.isra.0+0x3a/0xa20 [ 3052.567585] should_failslab+0x5/0x20 [ 3052.568088] kmem_cache_alloc+0x5b/0x310 [ 3052.568635] create_object.isra.0+0x3a/0xa20 [ 3052.569233] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3052.569911] kmem_cache_alloc_trace+0x151/0x320 [ 3052.570538] __io_uring_add_tctx_node+0x15c/0x520 [ 3052.571178] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3052.571877] ? io_uring_setup+0x1fb3/0x2980 [ 3052.572459] io_uring_setup+0x1fbb/0x2980 [ 3052.573038] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3052.573712] ? wait_for_completion_io+0x270/0x270 [ 3052.574388] do_syscall_64+0x33/0x40 [ 3052.574880] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3052.575558] RIP: 0033:0x7f214574ab19 [ 3052.576050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3052.580564] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3052.582901] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3052.585031] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3052.587152] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3052.589337] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3052.591512] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3052.602294] FAULT_INJECTION: forcing a failure. [ 3052.602294] name failslab, interval 1, probability 0, space 0, times 0 [ 3052.605089] CPU: 1 PID: 16444 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3052.606059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3052.607214] Call Trace: [ 3052.607582] dump_stack+0x107/0x167 [ 3052.608093] should_fail.cold+0x5/0xa [ 3052.608619] ? create_object.isra.0+0x3a/0xa20 [ 3052.609263] should_failslab+0x5/0x20 [ 3052.609793] kmem_cache_alloc+0x5b/0x310 [ 3052.610360] create_object.isra.0+0x3a/0xa20 [ 3052.610966] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3052.612409] kmem_cache_alloc_trace+0x151/0x320 [ 3052.613766] ext4_getfsmap_datadev+0x86d/0x25d0 [ 3052.614541] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3052.616079] ? do_swap+0x134/0x210 [ 3052.617110] ? sort_r+0x239/0x360 [ 3052.618104] ? ext4_file_open+0xa50/0xa50 [ 3052.619321] ext4_getfsmap+0x695/0x990 [ 3052.619877] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3052.621415] ? ext4_fsmap_to_internal+0x260/0x260 [ 3052.622101] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3052.623595] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3052.624362] ext4_ioc_getfsmap+0x2b0/0x620 [ 3052.625580] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3052.626229] ? find_held_lock+0x2c/0x110 [ 3052.627389] ? avc_has_extended_perms+0x675/0xf40 [ 3052.628104] ? lock_downgrade+0x6d0/0x6d0 [ 3052.629312] __ext4_ioctl+0x8ad/0x4190 [ 3052.629874] ? ext4_reset_inode_seed+0x450/0x450 [ 3052.631228] ? perf_trace_lock+0xac/0x490 [ 3052.631831] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3052.633500] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3052.634230] ? do_vfs_ioctl+0x283/0x10d0 [ 3052.635384] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3052.636123] ? generic_block_fiemap+0x60/0x60 [ 3052.637408] ? lock_downgrade+0x6d0/0x6d0 [ 3052.637996] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3052.639403] ? wait_for_completion_io+0x270/0x270 [ 3052.640097] ? selinux_file_ioctl+0xb6/0x270 [ 3052.641363] ? __ext4_ioctl+0x4190/0x4190 [ 3052.641951] __x64_sys_ioctl+0x19a/0x210 [ 3052.643109] do_syscall_64+0x33/0x40 [ 3052.643641] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3052.645123] RIP: 0033:0x7f4e27e8db19 [ 3052.645654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3052.651031] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3052.652110] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3052.654187] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3052.656253] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3052.658364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3052.660433] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3052.671189] FAULT_INJECTION: forcing a failure. [ 3052.671189] name failslab, interval 1, probability 0, space 0, times 0 [ 3052.672826] CPU: 1 PID: 16450 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3052.674847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3052.677305] Call Trace: [ 3052.678054] dump_stack+0x107/0x167 [ 3052.679096] should_fail.cold+0x5/0xa [ 3052.680190] ? create_object.isra.0+0x3a/0xa20 [ 3052.681518] should_failslab+0x5/0x20 [ 3052.682621] kmem_cache_alloc+0x5b/0x310 [ 3052.683799] create_object.isra.0+0x3a/0xa20 [ 3052.685073] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3052.686547] __kmalloc+0x16e/0x390 [ 3052.687573] ext4_find_extent+0xa77/0xd70 [ 3052.688770] ext4_ext_map_blocks+0x1c8/0x5830 [ 3052.690103] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3052.691640] ? perf_trace_lock+0xac/0x490 [ 3052.692875] ? ext4_ext_release+0x10/0x10 [ 3052.694084] ? lock_release+0x680/0x680 [ 3052.695236] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 3052.695903] ? lock_downgrade+0x6d0/0x6d0 [ 3052.696489] ? down_read+0x10f/0x430 [ 3052.697010] ? down_write+0x160/0x160 [ 3052.697545] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 3052.698205] ext4_map_blocks+0x8e1/0x1910 [ 3052.698789] ? kmem_cache_alloc+0x2a6/0x310 [ 3052.699390] ? __kernel_text_address+0x9/0x40 [ 3052.700018] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 3052.700646] ? jbd2__journal_start+0xf3/0x7e0 [ 3052.701287] ? __ext4_journal_start_sb+0x214/0x390 [ 3052.701971] ? __ext4_journal_start_sb+0x1db/0x390 [ 3052.702664] ext4_iomap_begin+0x3ad/0x700 [ 3052.703252] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 3052.703930] ? kasan_save_stack+0x1b/0x40 [ 3052.704506] ? ext4_file_write_iter+0xe0e/0x1530 [ 3052.705172] ? truncate_exceptional_pvec_entries.part.0+0x510/0x510 [ 3052.706055] ? lock_chain_count+0x20/0x20 [ 3052.706629] ? __lockdep_reset_lock+0x180/0x180 [ 3052.707221] iomap_apply+0x164/0x810 [ 3052.707688] ? iomap_dio_rw+0x90/0x90 [ 3052.708170] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3052.708897] ? mark_held_locks+0x9e/0xe0 [ 3052.709427] ? filemap_check_errors+0xa5/0x150 [ 3052.710004] __iomap_dio_rw+0x6cd/0x1110 [ 3052.710511] ? iomap_dio_rw+0x90/0x90 [ 3052.711003] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3052.711576] ? ext4_orphan_add+0x253/0x9e0 [ 3052.712106] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3052.712723] ? ext4_empty_dir+0xae0/0xae0 [ 3052.713248] ? jbd2__journal_start+0xf3/0x7e0 [ 3052.713818] iomap_dio_rw+0x31/0x90 [ 3052.714277] ext4_file_write_iter+0xe0e/0x1530 [ 3052.714860] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3052.715436] ? security_file_permission+0xb1/0xe0 [ 3052.716048] aio_write+0x355/0x7a0 [ 3052.716497] ? cpumask_weight.constprop.0+0x40/0x40 [ 3052.717209] ? lock_acquire+0x197/0x470 [ 3052.717778] ? __might_fault+0xd3/0x180 [ 3052.718332] ? lock_downgrade+0x6d0/0x6d0 [ 3052.718903] ? io_submit_one+0x1e0/0x1b80 [ 3052.719492] io_submit_one+0xfbc/0x1b80 [ 3052.720056] ? lock_acquire+0x197/0x470 [ 3052.720615] ? find_held_lock+0x2c/0x110 [ 3052.721175] ? __do_sys_io_pgetevents+0x410/0x410 [ 3052.721779] ? __might_fault+0xd3/0x180 [ 3052.722278] ? lock_downgrade+0x6d0/0x6d0 [ 3052.722814] __x64_sys_io_submit+0x18d/0x2f0 [ 3052.723369] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3052.723959] ? fput_many+0x2f/0x1a0 [ 3052.724415] ? ksys_write+0x1a9/0x260 [ 3052.724899] ? __ia32_sys_read+0xb0/0xb0 [ 3052.725434] do_syscall_64+0x33/0x40 [ 3052.725902] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3052.726545] RIP: 0033:0x7f67ad288b19 [ 3052.727011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3052.729331] RSP: 002b:00007f67aa7dd188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3052.730286] RAX: ffffffffffffffda RBX: 00007f67ad39c020 RCX: 00007f67ad288b19 [ 3052.731183] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3052.732077] RBP: 00007f67aa7dd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3052.732975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3052.733875] R13: 00007ffcfd279fff R14: 00007f67aa7dd300 R15: 0000000000022000 [ 3052.773377] FAT-fs (loop7): invalid media value (0x70) [ 3052.774162] FAT-fs (loop7): Can't find a valid FAT filesystem 14:23:13 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x80000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:13 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) 14:23:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 14) 14:23:13 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x5}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3052.897773] FAULT_INJECTION: forcing a failure. [ 3052.897773] name failslab, interval 1, probability 0, space 0, times 0 [ 3052.899709] CPU: 0 PID: 16466 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3052.900619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3052.902739] Call Trace: [ 3052.903429] dump_stack+0x107/0x167 [ 3052.904345] should_fail.cold+0x5/0xa 14:23:13 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732266617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3052.905370] ? xas_alloc+0x336/0x440 [ 3052.909309] should_failslab+0x5/0x20 [ 3052.909815] kmem_cache_alloc+0x5b/0x310 [ 3052.910354] ? stack_trace_consume_entry+0x160/0x160 [ 3052.911030] xas_alloc+0x336/0x440 [ 3052.911506] xas_create+0x34a/0x10d0 [ 3052.912020] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3052.912715] xas_store+0x8c/0x1c40 [ 3052.913504] __xa_store+0x164/0x2d0 [ 3052.914398] ? xa_delete_node+0x280/0x280 [ 3052.915424] ? trace_hardirqs_on+0x5b/0x180 [ 3052.916490] xa_store+0x31/0x50 [ 3052.917398] __io_uring_add_tctx_node+0x1cf/0x520 [ 3052.918609] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3052.919929] ? alloc_fd+0x2e7/0x670 [ 3052.920855] io_uring_setup+0x1fbb/0x2980 [ 3052.922104] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3052.923353] ? wait_for_completion_io+0x270/0x270 [ 3052.924579] do_syscall_64+0x33/0x40 [ 3052.925270] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3052.925947] RIP: 0033:0x7f214574ab19 [ 3052.926438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3052.928843] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3052.931057] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3052.932810] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3052.933837] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3052.934774] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3052.935713] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:23:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfdfc, 0x0, 0x0, r1, 0x0}]) 14:23:13 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 54) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3052.993434] FAT-fs (loop7): bogus number of FAT structure [ 3052.995290] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3053.004133] FAULT_INJECTION: forcing a failure. [ 3053.004133] name failslab, interval 1, probability 0, space 0, times 0 [ 3053.007210] CPU: 0 PID: 16469 Comm: syz-executor.2 Not tainted 5.10.230 #1 [ 3053.008904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3053.011429] Call Trace: [ 3053.012086] dump_stack+0x107/0x167 [ 3053.012999] should_fail.cold+0x5/0xa [ 3053.014139] ? create_object.isra.0+0x3a/0xa20 [ 3053.015251] should_failslab+0x5/0x20 [ 3053.016176] kmem_cache_alloc+0x5b/0x310 [ 3053.017212] create_object.isra.0+0x3a/0xa20 [ 3053.018306] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3053.019577] kmem_cache_alloc+0x159/0x310 [ 3053.020627] ? mempool_free_pages+0x20/0x20 [ 3053.021382] mempool_alloc+0x148/0x360 [ 3053.021898] ? __lockdep_reset_lock+0x180/0x180 [ 3053.022504] ? mempool_resize+0x7d0/0x7d0 [ 3053.023049] ? lock_acquire+0x197/0x470 [ 3053.023568] ? find_held_lock+0x2c/0x110 [ 3053.024113] bio_alloc_bioset+0x36e/0x600 [ 3053.024658] ? bvec_alloc+0x2f0/0x2f0 [ 3053.025409] ? __brelse+0x84/0xa0 [ 3053.026255] submit_bh_wbc.constprop.0+0x1b8/0x780 [ 3053.027462] __bread_gfp+0x166/0x3a0 [ 3053.028371] fat_ent_bread+0x175/0x310 [ 3053.029413] fat_alloc_clusters+0x571/0xf30 [ 3053.030502] ? is_dynamic_key+0x1e0/0x1e0 [ 3053.031543] ? fat_ent_write+0x1a0/0x1a0 [ 3053.032554] ? __lock_acquire+0xbb1/0x5b00 [ 3053.033337] ? __lock_acquire+0x1657/0x5b00 [ 3053.033920] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3053.034613] ? perf_trace_lock+0xac/0x490 [ 3053.035163] fat_add_cluster+0x6d/0x100 [ 3053.035685] ? fat_fill_super+0x36e0/0x36e0 [ 3053.036248] ? lock_release+0x680/0x680 [ 3053.036769] ? fat_bmap+0x200/0x460 [ 3053.037305] fat_get_block+0x5b3/0x940 [ 3053.037826] ? fat_add_cluster+0x100/0x100 [ 3053.038379] ? create_empty_buffers+0x4a3/0x640 [ 3053.038995] ? create_page_buffers+0x139/0x230 [ 3053.039597] __block_write_begin_int+0x3d1/0x19c0 [ 3053.040239] ? fat_add_cluster+0x100/0x100 [ 3053.040800] ? __lock_acquire+0xbb1/0x5b00 [ 3053.041864] ? remove_inode_buffers+0x300/0x300 [ 3053.043028] ? pagecache_get_page+0x243/0xc80 [ 3053.044158] ? wait_for_stable_page+0x92/0xe0 [ 3053.045341] cont_write_begin+0x472/0x980 [ 3053.046354] ? __lock_acquire+0x1657/0x5b00 [ 3053.047412] ? fat_add_cluster+0x100/0x100 [ 3053.048443] ? nobh_write_begin+0xed0/0xed0 [ 3053.049626] fat_write_begin+0x89/0x180 [ 3053.050622] ? fat_add_cluster+0x100/0x100 [ 3053.051681] cont_write_begin+0x20e/0x980 [ 3053.052727] ? fat_add_cluster+0x100/0x100 [ 3053.053941] ? nobh_write_begin+0xed0/0xed0 [ 3053.054993] ? lock_downgrade+0x6d0/0x6d0 [ 3053.056024] ? do_raw_spin_lock+0x121/0x260 [ 3053.057116] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3053.058390] fat_write_begin+0x89/0x180 [ 3053.059380] ? fat_add_cluster+0x100/0x100 [ 3053.060435] generic_perform_write+0x20a/0x4f0 [ 3053.061694] ? fat_direct_IO+0x1ef/0x380 [ 3053.062716] ? page_cache_prev_miss+0x310/0x310 [ 3053.063910] __generic_file_write_iter+0x2cd/0x5d0 [ 3053.065196] generic_file_write_iter+0xdb/0x230 [ 3053.066389] aio_write+0x355/0x7a0 [ 3053.067277] ? cpumask_weight.constprop.0+0x40/0x40 [ 3053.068524] ? lock_acquire+0x197/0x470 [ 3053.069633] ? __might_fault+0xd3/0x180 [ 3053.070600] ? lock_downgrade+0x6d0/0x6d0 [ 3053.071610] ? io_submit_one+0x1e0/0x1b80 [ 3053.072638] io_submit_one+0xfbc/0x1b80 [ 3053.073754] ? lock_acquire+0x197/0x470 [ 3053.074744] ? find_held_lock+0x2c/0x110 [ 3053.075756] ? __do_sys_io_pgetevents+0x410/0x410 [ 3053.076968] ? __might_fault+0xd3/0x180 [ 3053.078129] ? lock_downgrade+0x6d0/0x6d0 [ 3053.079153] __x64_sys_io_submit+0x18d/0x2f0 [ 3053.080225] ? __ia32_sys_io_destroy+0x1b0/0x1b0 [ 3053.081483] ? fput_many+0x2f/0x1a0 [ 3053.082389] ? ksys_write+0x1a9/0x260 [ 3053.083335] ? __ia32_sys_read+0xb0/0xb0 [ 3053.084357] do_syscall_64+0x33/0x40 [ 3053.085346] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3053.086601] RIP: 0033:0x7f67ad288b19 [ 3053.087508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3053.092820] RSP: 002b:00007f67aa7fe188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 3053.095052] RAX: ffffffffffffffda RBX: 00007f67ad39bf60 RCX: 00007f67ad288b19 [ 3053.096870] RDX: 0000000020000800 RSI: 0000000000000001 RDI: 00007f67ad37f000 [ 3053.098992] RBP: 00007f67aa7fe1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3053.100784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3053.102863] R13: 00007ffcfd279fff R14: 00007f67aa7fe300 R15: 0000000000022000 [ 3053.108639] FAULT_INJECTION: forcing a failure. [ 3053.108639] name failslab, interval 1, probability 0, space 0, times 0 [ 3053.110593] CPU: 1 PID: 16477 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3053.111635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3053.112884] Call Trace: [ 3053.113273] dump_stack+0x107/0x167 [ 3053.113819] should_fail.cold+0x5/0xa [ 3053.114394] ? ext4_getfsmap_datadev+0xabb/0x25d0 [ 3053.115148] should_failslab+0x5/0x20 [ 3053.115719] kmem_cache_alloc_trace+0x55/0x320 [ 3053.116408] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3053.117167] ext4_getfsmap_datadev+0xabb/0x25d0 [ 3053.117872] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3053.118666] ? do_swap+0x134/0x210 [ 3053.119201] ? sort_r+0x239/0x360 [ 3053.119721] ? ext4_file_open+0xa50/0xa50 [ 3053.120346] ext4_getfsmap+0x695/0x990 [ 3053.120903] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3053.121709] ? ext4_fsmap_to_internal+0x260/0x260 [ 3053.122436] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3053.123228] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3053.124041] ext4_ioc_getfsmap+0x2b0/0x620 [ 3053.124671] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3053.125339] ? find_held_lock+0x2c/0x110 [ 3053.125955] ? avc_has_extended_perms+0x675/0xf40 [ 3053.126709] ? lock_downgrade+0x6d0/0x6d0 [ 3053.127334] __ext4_ioctl+0x8ad/0x4190 [ 3053.127927] ? ext4_reset_inode_seed+0x450/0x450 [ 3053.128640] ? perf_trace_lock+0xac/0x490 [ 3053.129263] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3053.129988] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3053.130631] ? do_vfs_ioctl+0x283/0x10d0 [ 3053.131137] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3053.131789] ? generic_block_fiemap+0x60/0x60 [ 3053.132352] ? lock_downgrade+0x6d0/0x6d0 [ 3053.132872] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3053.133484] ? wait_for_completion_io+0x270/0x270 [ 3053.134091] ? selinux_file_ioctl+0xb6/0x270 [ 3053.134640] ? __ext4_ioctl+0x4190/0x4190 [ 3053.135160] __x64_sys_ioctl+0x19a/0x210 [ 3053.135667] do_syscall_64+0x33/0x40 [ 3053.136130] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3053.136768] RIP: 0033:0x7f4e27e8db19 [ 3053.137240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3053.139532] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3053.140478] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3053.141391] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3053.142279] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3053.143167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3053.144054] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:23:13 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) 14:23:13 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3053.267308] FAULT_INJECTION: forcing a failure. [ 3053.267308] name failslab, interval 1, probability 0, space 0, times 0 [ 3053.268855] CPU: 0 PID: 16489 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3053.269773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3053.270857] Call Trace: [ 3053.271212] dump_stack+0x107/0x167 [ 3053.271697] should_fail.cold+0x5/0xa [ 3053.272204] ? xas_alloc+0x336/0x440 [ 3053.272701] should_failslab+0x5/0x20 [ 3053.273220] kmem_cache_alloc+0x5b/0x310 [ 3053.273759] ? stack_trace_consume_entry+0x160/0x160 [ 3053.274431] xas_alloc+0x336/0x440 [ 3053.274908] xas_create+0x34a/0x10d0 [ 3053.275412] ? kernel_text_address+0xf2/0x120 [ 3053.276009] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3053.276708] xas_store+0x8c/0x1c40 [ 3053.277214] __xa_store+0x164/0x2d0 [ 3053.277701] ? xa_delete_node+0x280/0x280 [ 3053.278263] ? trace_hardirqs_on+0x5b/0x180 [ 3053.278845] xa_store+0x31/0x50 [ 3053.279287] __io_uring_add_tctx_node+0x1cf/0x520 [ 3053.279925] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3053.280612] ? alloc_fd+0x2e7/0x670 [ 3053.281122] io_uring_setup+0x1fbb/0x2980 [ 3053.281682] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3053.282349] ? wait_for_completion_io+0x270/0x270 [ 3053.283028] do_syscall_64+0x33/0x40 [ 3053.283520] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3053.284200] RIP: 0033:0x7f214574ab19 [ 3053.284692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3053.287120] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3053.288120] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3053.289065] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3053.290003] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3053.290937] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3053.291868] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:23:27 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x800000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:27 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x6}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:23:27 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:27 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) 14:23:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfdfe, 0x0, 0x0, r1, 0x0}]) 14:23:27 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) (fail_nth: 15) 14:23:27 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732366617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:23:27 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 55) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3067.643977] FAULT_INJECTION: forcing a failure. [ 3067.643977] name failslab, interval 1, probability 0, space 0, times 0 [ 3067.645639] CPU: 1 PID: 16511 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3067.646599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3067.647751] Call Trace: [ 3067.648123] dump_stack+0x107/0x167 [ 3067.648644] should_fail.cold+0x5/0xa [ 3067.649186] ? xas_alloc+0x336/0x440 [ 3067.657741] should_failslab+0x5/0x20 [ 3067.658294] kmem_cache_alloc+0x5b/0x310 [ 3067.658876] xas_alloc+0x336/0x440 [ 3067.659398] xas_create+0x34a/0x10d0 [ 3067.659951] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3067.660697] xas_store+0x8c/0x1c40 [ 3067.661229] __xa_store+0x164/0x2d0 [ 3067.661760] ? xa_delete_node+0x280/0x280 [ 3067.662352] ? trace_hardirqs_on+0x5b/0x180 [ 3067.662967] xa_store+0x31/0x50 [ 3067.663437] __io_uring_add_tctx_node+0x1cf/0x520 [ 3067.664107] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3067.664857] ? alloc_fd+0x2e7/0x670 [ 3067.665397] io_uring_setup+0x1fbb/0x2980 [ 3067.666001] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3067.666732] ? wait_for_completion_io+0x270/0x270 [ 3067.667469] do_syscall_64+0x33/0x40 [ 3067.667983] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3067.668702] RIP: 0033:0x7f214574ab19 [ 3067.669234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3067.671681] FAULT_INJECTION: forcing a failure. [ 3067.671681] name failslab, interval 1, probability 0, space 0, times 0 [ 3067.675812] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3067.675857] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3067.675866] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3067.675875] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3067.675883] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3067.675892] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3067.686345] CPU: 0 PID: 16508 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3067.687249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3067.688335] Call Trace: [ 3067.688680] dump_stack+0x107/0x167 [ 3067.689158] should_fail.cold+0x5/0xa [ 3067.689679] ? create_object.isra.0+0x3a/0xa20 [ 3067.690281] should_failslab+0x5/0x20 [ 3067.690785] kmem_cache_alloc+0x5b/0x310 [ 3067.691326] create_object.isra.0+0x3a/0xa20 [ 3067.691902] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3067.692570] kmem_cache_alloc_trace+0x151/0x320 [ 3067.693186] ext4_getfsmap_datadev+0xabb/0x25d0 [ 3067.693839] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3067.694536] ? do_swap+0x134/0x210 [ 3067.695005] ? sort_r+0x239/0x360 [ 3067.695457] ? ext4_file_open+0xa50/0xa50 [ 3067.696027] ext4_getfsmap+0x695/0x990 [ 3067.696559] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3067.697298] ? ext4_fsmap_to_internal+0x260/0x260 [ 3067.702007] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3067.702808] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3067.703634] ext4_ioc_getfsmap+0x2b0/0x620 [ 3067.704304] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3067.705007] ? find_held_lock+0x2c/0x110 [ 3067.705649] ? avc_has_extended_perms+0x675/0xf40 [ 3067.706417] ? lock_downgrade+0x6d0/0x6d0 [ 3067.707060] __ext4_ioctl+0x8ad/0x4190 [ 3067.707675] ? ext4_reset_inode_seed+0x450/0x450 [ 3067.708393] ? perf_trace_lock+0xac/0x490 [ 3067.709030] ? SOFTIRQ_verbose+0x10/0x10 [ 3067.709668] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3067.710524] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3067.711290] ? do_vfs_ioctl+0x283/0x10d0 [ 3067.711889] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3067.712664] ? generic_block_fiemap+0x60/0x60 14:23:27 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) [ 3067.713325] ? lock_downgrade+0x6d0/0x6d0 [ 3067.718016] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3067.718651] ? wait_for_completion_io+0x270/0x270 [ 3067.719287] ? selinux_file_ioctl+0xb6/0x270 [ 3067.719864] ? __ext4_ioctl+0x4190/0x4190 [ 3067.720405] __x64_sys_ioctl+0x19a/0x210 [ 3067.720939] do_syscall_64+0x33/0x40 [ 3067.721423] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3067.722107] RIP: 0033:0x7f4e27e8db19 [ 3067.722591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3067.724987] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3067.726001] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3067.726930] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3067.727858] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3067.728787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3067.729728] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3067.742881] FAT-fs (loop7): invalid media value (0x00) [ 3067.743587] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3067.782099] FAULT_INJECTION: forcing a failure. [ 3067.782099] name failslab, interval 1, probability 0, space 0, times 0 [ 3067.783561] CPU: 1 PID: 16526 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3067.784424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3067.785457] Call Trace: [ 3067.785809] dump_stack+0x107/0x167 [ 3067.786272] should_fail.cold+0x5/0xa [ 3067.786760] ? create_object.isra.0+0x3a/0xa20 [ 3067.787339] should_failslab+0x5/0x20 [ 3067.787820] kmem_cache_alloc+0x5b/0x310 [ 3067.788334] ? mark_held_locks+0x9e/0xe0 [ 3067.788856] create_object.isra.0+0x3a/0xa20 [ 3067.789412] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3067.790072] kmem_cache_alloc+0x159/0x310 [ 3067.790609] xas_alloc+0x336/0x440 [ 3067.791065] xas_create+0x34a/0x10d0 [ 3067.791553] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3067.792221] xas_store+0x8c/0x1c40 [ 3067.792696] __xa_store+0x164/0x2d0 [ 3067.793162] ? xa_delete_node+0x280/0x280 [ 3067.797738] ? trace_hardirqs_on+0x5b/0x180 [ 3067.798296] xa_store+0x31/0x50 [ 3067.798718] __io_uring_add_tctx_node+0x1cf/0x520 [ 3067.799324] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3067.799982] ? alloc_fd+0x2e7/0x670 [ 3067.800460] io_uring_setup+0x1fbb/0x2980 [ 3067.800996] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3067.801646] ? wait_for_completion_io+0x270/0x270 [ 3067.802300] do_syscall_64+0x33/0x40 [ 3067.802769] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3067.803412] RIP: 0033:0x7f214574ab19 [ 3067.803881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3067.806191] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3067.807147] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3067.808042] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3067.808936] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3067.809845] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3067.810740] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:23:28 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x7}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:23:28 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) 14:23:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x1000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfe00, 0x0, 0x0, r1, 0x0}]) 14:23:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3067.915415] FAULT_INJECTION: forcing a failure. [ 3067.915415] name failslab, interval 1, probability 0, space 0, times 0 [ 3067.916864] CPU: 1 PID: 16539 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3067.917760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3067.918794] Call Trace: [ 3067.919135] dump_stack+0x107/0x167 [ 3067.919603] should_fail.cold+0x5/0xa [ 3067.920090] ? xas_alloc+0x336/0x440 [ 3067.920567] should_failslab+0x5/0x20 [ 3067.921049] kmem_cache_alloc+0x5b/0x310 [ 3067.921583] xas_alloc+0x336/0x440 [ 3067.922043] xas_create+0x34a/0x10d0 [ 3067.922539] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3067.923206] xas_store+0x8c/0x1c40 [ 3067.923683] __xa_store+0x164/0x2d0 [ 3067.924151] ? xa_delete_node+0x280/0x280 [ 3067.924690] ? trace_hardirqs_on+0x5b/0x180 [ 3067.925247] xa_store+0x31/0x50 [ 3067.925689] __io_uring_add_tctx_node+0x1cf/0x520 [ 3067.926301] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3067.926962] ? alloc_fd+0x2e7/0x670 [ 3067.927443] io_uring_setup+0x1fbb/0x2980 [ 3067.927980] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3067.928620] ? wait_for_completion_io+0x270/0x270 14:23:28 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732466617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:23:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfefd, 0x0, 0x0, r1, 0x0}]) [ 3067.929276] do_syscall_64+0x33/0x40 [ 3067.937592] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3067.938238] RIP: 0033:0x7f214574ab19 [ 3067.938709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3067.940998] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3067.941985] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3067.942879] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3067.943772] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3067.944665] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3067.945570] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3067.958778] FAT-fs (loop7): invalid media value (0x01) [ 3067.959482] FAT-fs (loop7): Can't find a valid FAT filesystem 14:23:28 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:28 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x8}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:23:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfeffff, 0x0, 0x0, r1, 0x0}]) 14:23:28 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) [ 3068.110615] FAT-fs (loop7): invalid media value (0x08) [ 3068.111330] FAT-fs (loop7): Can't find a valid FAT filesystem 14:23:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x1800000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3068.161390] FAULT_INJECTION: forcing a failure. [ 3068.161390] name failslab, interval 1, probability 0, space 0, times 0 [ 3068.163033] CPU: 0 PID: 16562 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3068.163944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3068.165028] Call Trace: [ 3068.165383] dump_stack+0x107/0x167 [ 3068.165895] should_fail.cold+0x5/0xa [ 3068.166408] ? create_object.isra.0+0x3a/0xa20 [ 3068.167017] should_failslab+0x5/0x20 [ 3068.167519] kmem_cache_alloc+0x5b/0x310 [ 3068.168060] ? mark_held_locks+0x9e/0xe0 [ 3068.168602] create_object.isra.0+0x3a/0xa20 [ 3068.169181] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3068.169889] kmem_cache_alloc+0x159/0x310 [ 3068.170447] xas_alloc+0x336/0x440 [ 3068.170924] xas_create+0x34a/0x10d0 [ 3068.171429] ? kernel_text_address+0xf2/0x120 [ 3068.172025] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3068.172720] xas_store+0x8c/0x1c40 [ 3068.173211] __xa_store+0x164/0x2d0 [ 3068.177727] ? xa_delete_node+0x280/0x280 [ 3068.178286] ? trace_hardirqs_on+0x5b/0x180 [ 3068.178867] xa_store+0x31/0x50 [ 3068.179308] __io_uring_add_tctx_node+0x1cf/0x520 [ 3068.179943] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3068.180630] ? alloc_fd+0x2e7/0x670 [ 3068.181128] io_uring_setup+0x1fbb/0x2980 [ 3068.181708] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3068.182380] ? wait_for_completion_io+0x270/0x270 [ 3068.183058] do_syscall_64+0x33/0x40 [ 3068.183547] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3068.184220] RIP: 0033:0x7f214574ab19 [ 3068.184711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3068.187132] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3068.188132] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3068.189064] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3068.190016] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3068.190952] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3068.191888] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:23:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x1000000, 0x0, 0x0, r1, 0x0}]) 14:23:44 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 56) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:23:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:44 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0xb}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:23:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x2, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:44 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732566617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:23:44 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732f66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:44 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) [ 3084.561224] FAULT_INJECTION: forcing a failure. [ 3084.561224] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.565172] CPU: 1 PID: 16581 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3084.567078] FAULT_INJECTION: forcing a failure. [ 3084.567078] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.567357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3084.567367] Call Trace: [ 3084.573247] dump_stack+0x107/0x167 [ 3084.574289] should_fail.cold+0x5/0xa [ 3084.575384] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3084.576766] should_failslab+0x5/0x20 [ 3084.578300] kmem_cache_alloc_trace+0x55/0x320 [ 3084.579607] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3084.581061] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3084.582418] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3084.584015] ? do_swap+0x134/0x210 [ 3084.585030] ? sort_r+0x239/0x360 [ 3084.586022] ? ext4_file_open+0xa50/0xa50 [ 3084.587270] ext4_getfsmap+0x695/0x990 [ 3084.588430] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3084.589975] ? ext4_fsmap_to_internal+0x260/0x260 [ 3084.591360] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3084.593763] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3084.595493] ext4_ioc_getfsmap+0x2b0/0x620 [ 3084.596507] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3084.597596] ? find_held_lock+0x2c/0x110 [ 3084.598714] ? avc_has_extended_perms+0x675/0xf40 [ 3084.600100] ? avc_has_extended_perms+0x67a/0xf40 [ 3084.601100] __ext4_ioctl+0x8ad/0x4190 [ 3084.601603] ? ext4_reset_inode_seed+0x450/0x450 [ 3084.602209] ? perf_trace_lock+0xac/0x490 [ 3084.602730] ? SOFTIRQ_verbose+0x10/0x10 [ 3084.603259] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3084.603983] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3084.604631] ? do_vfs_ioctl+0x283/0x10d0 [ 3084.605142] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3084.605800] ? generic_block_fiemap+0x60/0x60 [ 3084.606656] ? lock_downgrade+0x6d0/0x6d0 [ 3084.607847] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 3084.609441] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3084.611102] ? trace_hardirqs_on+0x5b/0x180 [ 3084.612346] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3084.613898] ? __ext4_ioctl+0x4190/0x4190 [ 3084.615106] ? __ext4_ioctl+0x4190/0x4190 [ 3084.616294] __x64_sys_ioctl+0x19a/0x210 [ 3084.617458] do_syscall_64+0x33/0x40 [ 3084.618450] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3084.619098] RIP: 0033:0x7f4e27e8db19 [ 3084.619571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.621870] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3084.622853] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3084.623745] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3084.624635] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3084.625532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3084.626468] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3084.627387] CPU: 0 PID: 16591 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3084.628356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3084.629494] Call Trace: [ 3084.629879] dump_stack+0x107/0x167 [ 3084.630411] should_fail.cold+0x5/0xa [ 3084.630955] ? xas_alloc+0x336/0x440 [ 3084.631490] should_failslab+0x5/0x20 [ 3084.632029] kmem_cache_alloc+0x5b/0x310 [ 3084.632608] xas_alloc+0x336/0x440 [ 3084.633114] xas_create+0x34a/0x10d0 [ 3084.633673] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3084.634436] xas_store+0x8c/0x1c40 [ 3084.634971] __xa_store+0x164/0x2d0 [ 3084.635495] ? xa_delete_node+0x280/0x280 [ 3084.636094] ? trace_hardirqs_on+0x5b/0x180 [ 3084.636708] xa_store+0x31/0x50 [ 3084.637181] __io_uring_add_tctx_node+0x1cf/0x520 [ 3084.637856] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3084.638604] ? alloc_fd+0x2e7/0x670 [ 3084.639146] io_uring_setup+0x1fbb/0x2980 [ 3084.639757] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3084.640459] ? wait_for_completion_io+0x270/0x270 [ 3084.641195] do_syscall_64+0x33/0x40 [ 3084.641732] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3084.642465] RIP: 0033:0x7f214574ab19 [ 3084.642992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.645504] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3084.646591] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3084.647585] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3084.648581] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3084.649580] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3084.650643] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3084.664026] FAT-fs (loop7): invalid media value (0x74) [ 3084.665155] FAT-fs (loop7): Can't find a valid FAT filesystem 14:23:44 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) 14:23:44 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x18}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:23:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x2000000, 0x0, 0x0, r1, 0x0}]) 14:23:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x3, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:23:45 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e22617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:23:45 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732666617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3084.809260] FAULT_INJECTION: forcing a failure. [ 3084.809260] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.811850] CPU: 1 PID: 16613 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3084.812787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3084.813888] Call Trace: [ 3084.814261] dump_stack+0x107/0x167 [ 3084.814767] should_fail.cold+0x5/0xa [ 3084.815291] ? create_object.isra.0+0x3a/0xa20 [ 3084.815927] should_failslab+0x5/0x20 [ 3084.816444] kmem_cache_alloc+0x5b/0x310 [ 3084.817011] ? mark_held_locks+0x9e/0xe0 [ 3084.817573] create_object.isra.0+0x3a/0xa20 [ 3084.818188] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3084.819877] kmem_cache_alloc+0x159/0x310 [ 3084.821021] xas_alloc+0x336/0x440 [ 3084.822002] xas_create+0x34a/0x10d0 [ 3084.823214] ? kernel_text_address+0xf2/0x120 [ 3084.824445] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3084.825898] xas_store+0x8c/0x1c40 [ 3084.827065] __xa_store+0x164/0x2d0 [ 3084.828069] ? xa_delete_node+0x280/0x280 [ 3084.829178] ? trace_hardirqs_on+0x5b/0x180 [ 3084.830396] xa_store+0x31/0x50 [ 3084.831285] __io_uring_add_tctx_node+0x1cf/0x520 [ 3084.832562] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3084.833923] ? alloc_fd+0x2e7/0x670 [ 3084.835044] io_uring_setup+0x1fbb/0x2980 [ 3084.836132] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3084.837514] ? wait_for_completion_io+0x270/0x270 [ 3084.842736] do_syscall_64+0x33/0x40 [ 3084.843349] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3084.844180] RIP: 0033:0x7f214574ab19 [ 3084.844787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.847644] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3084.848868] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3084.850019] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3084.851097] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3084.852270] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3084.853443] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3084.862829] FAT-fs (loop7): bogus number of reserved sectors [ 3084.863723] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:00 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) 14:24:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x2010000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x4, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:00 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 57) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:24:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x3000000, 0x0, 0x0, r1, 0x0}]) 14:24:00 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732766617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:24:00 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2c617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:00 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x1c}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3100.333840] FAT-fs (loop7): bogus number of reserved sectors [ 3100.334628] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:00 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x66}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3100.395635] FAULT_INJECTION: forcing a failure. [ 3100.395635] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.397208] CPU: 1 PID: 16655 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3100.398106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.399170] Call Trace: [ 3100.399509] dump_stack+0x107/0x167 [ 3100.399976] should_fail.cold+0x5/0xa [ 3100.400464] ? xas_alloc+0x336/0x440 [ 3100.400942] should_failslab+0x5/0x20 [ 3100.401426] kmem_cache_alloc+0x5b/0x310 [ 3100.402001] xas_alloc+0x336/0x440 [ 3100.402466] xas_create+0x34a/0x10d0 [ 3100.402994] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3100.403663] xas_store+0x8c/0x1c40 [ 3100.404138] __xa_store+0x164/0x2d0 [ 3100.404604] ? xa_delete_node+0x280/0x280 [ 3100.405143] ? trace_hardirqs_on+0x5b/0x180 [ 3100.405703] xa_store+0x31/0x50 [ 3100.406129] __io_uring_add_tctx_node+0x1cf/0x520 [ 3100.406789] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3100.407461] ? alloc_fd+0x2e7/0x670 [ 3100.407969] io_uring_setup+0x1fbb/0x2980 [ 3100.408509] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3100.409153] ? wait_for_completion_io+0x270/0x270 [ 3100.409808] do_syscall_64+0x33/0x40 [ 3100.410279] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3100.410942] RIP: 0033:0x7f214574ab19 [ 3100.411418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.412057] FAULT_INJECTION: forcing a failure. [ 3100.412057] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.413798] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3100.413815] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3100.413824] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3100.413836] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3100.418958] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3100.419890] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3100.420954] CPU: 0 PID: 16652 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3100.421861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.422989] Call Trace: [ 3100.423336] dump_stack+0x107/0x167 [ 3100.423822] should_fail.cold+0x5/0xa [ 3100.424325] ? create_object.isra.0+0x3a/0xa20 [ 3100.424925] should_failslab+0x5/0x20 [ 3100.425425] kmem_cache_alloc+0x5b/0x310 [ 3100.425965] create_object.isra.0+0x3a/0xa20 [ 3100.426544] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3100.427226] kmem_cache_alloc_trace+0x151/0x320 [ 3100.427846] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3100.428478] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.429179] ? do_swap+0x134/0x210 [ 3100.429648] ? sort_r+0x239/0x360 [ 3100.430104] ? ext4_file_open+0xa50/0xa50 [ 3100.430653] ext4_getfsmap+0x695/0x990 [ 3100.431184] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.431886] ? ext4_fsmap_to_internal+0x260/0x260 [ 3100.432521] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3100.433224] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.433944] ext4_ioc_getfsmap+0x2b0/0x620 [ 3100.434497] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3100.435116] ? find_held_lock+0x2c/0x110 [ 3100.435657] ? avc_has_extended_perms+0x675/0xf40 [ 3100.436321] ? __ext4_ioctl+0x124/0x4190 [ 3100.436865] ? __sanitizer_cov_trace_switch+0x37/0x80 [ 3100.437543] __ext4_ioctl+0x8ad/0x4190 [ 3100.438063] ? ext4_reset_inode_seed+0x450/0x450 [ 3100.438684] ? perf_trace_lock+0xac/0x490 [ 3100.439245] ? SOFTIRQ_verbose+0x10/0x10 [ 3100.439801] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3100.440553] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3100.441235] ? do_vfs_ioctl+0x283/0x10d0 [ 3100.441768] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3100.442453] ? generic_block_fiemap+0x60/0x60 [ 3100.443064] ? lock_downgrade+0x6d0/0x6d0 [ 3100.443607] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3100.444242] ? wait_for_completion_io+0x270/0x270 [ 3100.444880] ? selinux_file_ioctl+0xb6/0x270 [ 3100.445457] ? __ext4_ioctl+0x4190/0x4190 [ 3100.446003] __x64_sys_ioctl+0x19a/0x210 [ 3100.446543] do_syscall_64+0x33/0x40 [ 3100.447049] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3100.447720] RIP: 0033:0x7f4e27e8db19 [ 3100.448218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.450623] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3100.451635] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3100.452569] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3100.453506] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.454439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.456017] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:24:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3100.493112] FAT-fs (loop7): bogus number of reserved sectors [ 3100.495057] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:00 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2e617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:00 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) 14:24:00 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 58) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3100.623736] FAULT_INJECTION: forcing a failure. [ 3100.623736] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.626816] CPU: 0 PID: 16675 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3100.628626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.630791] Call Trace: [ 3100.631505] dump_stack+0x107/0x167 [ 3100.632454] should_fail.cold+0x5/0xa [ 3100.633451] ? create_object.isra.0+0x3a/0xa20 [ 3100.634624] should_failslab+0x5/0x20 [ 3100.635713] kmem_cache_alloc+0x5b/0x310 [ 3100.636768] ? mark_held_locks+0x9e/0xe0 [ 3100.637833] create_object.isra.0+0x3a/0xa20 [ 3100.638998] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3100.640329] kmem_cache_alloc+0x159/0x310 [ 3100.641417] xas_alloc+0x336/0x440 [ 3100.642334] xas_create+0x34a/0x10d0 [ 3100.643343] ? kernel_text_address+0xf2/0x120 [ 3100.644513] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3100.645881] xas_store+0x8c/0x1c40 [ 3100.646819] __xa_store+0x164/0x2d0 [ 3100.647791] ? xa_delete_node+0x280/0x280 [ 3100.648952] xa_store+0x31/0x50 [ 3100.649832] __io_uring_add_tctx_node+0x1cf/0x520 [ 3100.651124] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3100.652411] ? alloc_fd+0x2e7/0x670 [ 3100.653319] io_uring_setup+0x1fbb/0x2980 [ 3100.654346] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3100.655256] ? wait_for_completion_io+0x270/0x270 [ 3100.655940] do_syscall_64+0x33/0x40 [ 3100.656434] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3100.657134] RIP: 0033:0x7f214574ab19 [ 3100.657652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.660189] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3100.661197] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3100.662137] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3100.663115] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3100.664057] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3100.664994] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:24:00 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x300}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:00 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732866617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3100.673243] FAULT_INJECTION: forcing a failure. [ 3100.673243] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.675110] CPU: 0 PID: 16672 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3100.676825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3100.678886] Call Trace: [ 3100.679232] dump_stack+0x107/0x167 [ 3100.679714] should_fail.cold+0x5/0xa [ 3100.680218] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3100.680854] should_failslab+0x5/0x20 [ 3100.681354] kmem_cache_alloc_trace+0x55/0x320 [ 3100.681954] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3100.682624] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3100.683294] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.683997] ? do_swap+0x134/0x210 [ 3100.684466] ? sort_r+0x239/0x360 [ 3100.684921] ? ext4_file_open+0xa50/0xa50 [ 3100.685472] ext4_getfsmap+0x695/0x990 [ 3100.685983] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.686687] ? ext4_fsmap_to_internal+0x260/0x260 [ 3100.687467] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3100.688177] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3100.688896] ext4_ioc_getfsmap+0x2b0/0x620 [ 3100.689451] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3100.690052] ? find_held_lock+0x2c/0x110 [ 3100.690591] ? avc_has_extended_perms+0x675/0xf40 [ 3100.691318] ? lock_downgrade+0x6d0/0x6d0 [ 3100.691868] __ext4_ioctl+0x8ad/0x4190 [ 3100.692387] ? ext4_reset_inode_seed+0x450/0x450 [ 3100.693012] ? perf_trace_lock+0xac/0x490 [ 3100.693570] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3100.694327] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3100.695026] ? do_vfs_ioctl+0x283/0x10d0 [ 3100.695558] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3100.696246] ? generic_block_fiemap+0x60/0x60 [ 3100.696836] ? lock_downgrade+0x6d0/0x6d0 [ 3100.697379] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3100.698016] ? wait_for_completion_io+0x270/0x270 [ 3100.698656] ? selinux_file_ioctl+0xb6/0x270 [ 3100.699819] ? __ext4_ioctl+0x4190/0x4190 [ 3100.700893] __x64_sys_ioctl+0x19a/0x210 [ 3100.701942] do_syscall_64+0x33/0x40 [ 3100.702917] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3100.704178] RIP: 0033:0x7f4e27e8db19 [ 3100.705083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.710392] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3100.711644] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3100.712584] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3100.713520] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.714456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3100.715960] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3100.737170] FAT-fs (loop7): bogus number of reserved sectors [ 3100.738636] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x4000000, 0x0, 0x0, r1, 0x0}]) 14:24:15 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 59) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:24:15 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732966617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:24:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x4000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x5, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:15 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) 14:24:15 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x480}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:15 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2f617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3114.993387] FAULT_INJECTION: forcing a failure. [ 3114.993387] name failslab, interval 1, probability 0, space 0, times 0 [ 3114.995040] CPU: 1 PID: 16713 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3114.996872] FAULT_INJECTION: forcing a failure. [ 3114.996872] name failslab, interval 1, probability 0, space 0, times 0 [ 3114.999925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3114.999932] Call Trace: [ 3114.999952] dump_stack+0x107/0x167 [ 3114.999971] should_fail.cold+0x5/0xa [ 3114.999990] ? create_object.isra.0+0x3a/0xa20 [ 3115.000010] should_failslab+0x5/0x20 [ 3115.004710] kmem_cache_alloc+0x5b/0x310 [ 3115.005228] create_object.isra.0+0x3a/0xa20 [ 3115.005775] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3115.006417] kmem_cache_alloc_trace+0x151/0x320 [ 3115.007010] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3115.007626] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3115.008297] ? do_swap+0x134/0x210 [ 3115.008744] ? sort_r+0x239/0x360 [ 3115.009182] ? ext4_file_open+0xa50/0xa50 [ 3115.009706] ext4_getfsmap+0x695/0x990 [ 3115.010197] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3115.010872] ? ext4_fsmap_to_internal+0x260/0x260 [ 3115.011493] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3115.012168] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3115.012860] ext4_ioc_getfsmap+0x2b0/0x620 [ 3115.013390] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3115.013964] ? find_held_lock+0x2c/0x110 [ 3115.014479] ? avc_has_extended_perms+0x675/0xf40 [ 3115.015125] ? lock_downgrade+0x6d0/0x6d0 [ 3115.019667] __ext4_ioctl+0x8ad/0x4190 [ 3115.020168] ? ext4_reset_inode_seed+0x450/0x450 [ 3115.020759] ? perf_trace_lock+0xac/0x490 [ 3115.021300] ? SOFTIRQ_verbose+0x10/0x10 [ 3115.021827] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3115.022594] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3115.023284] ? do_vfs_ioctl+0x283/0x10d0 [ 3115.023815] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3115.024483] ? generic_block_fiemap+0x60/0x60 [ 3115.025047] ? lock_downgrade+0x6d0/0x6d0 [ 3115.025567] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3115.026175] ? wait_for_completion_io+0x270/0x270 [ 3115.026787] ? selinux_file_ioctl+0xb6/0x270 [ 3115.027356] ? __ext4_ioctl+0x4190/0x4190 [ 3115.027881] __x64_sys_ioctl+0x19a/0x210 [ 3115.028392] do_syscall_64+0x33/0x40 [ 3115.028861] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3115.029502] RIP: 0033:0x7f4e27e8db19 [ 3115.029973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3115.032276] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3115.033230] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3115.034122] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3115.035013] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3115.035920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3115.036812] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3115.037727] CPU: 0 PID: 16714 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3115.038688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3115.043834] Call Trace: [ 3115.044213] dump_stack+0x107/0x167 [ 3115.044736] should_fail.cold+0x5/0xa [ 3115.045281] ? xas_alloc+0x336/0x440 [ 3115.045823] should_failslab+0x5/0x20 [ 3115.046353] kmem_cache_alloc+0x5b/0x310 [ 3115.046935] xas_alloc+0x336/0x440 [ 3115.047480] xas_create+0x34a/0x10d0 [ 3115.048042] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3115.048792] xas_store+0x8c/0x1c40 [ 3115.049326] __xa_store+0x164/0x2d0 [ 3115.049829] ? xa_delete_node+0x280/0x280 [ 3115.050414] ? trace_hardirqs_on+0x5b/0x180 [ 3115.051042] xa_store+0x31/0x50 [ 3115.051550] __io_uring_add_tctx_node+0x1cf/0x520 [ 3115.052234] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3115.052978] ? alloc_fd+0x2e7/0x670 [ 3115.053522] io_uring_setup+0x1fbb/0x2980 [ 3115.054121] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3115.054830] ? wait_for_completion_io+0x270/0x270 [ 3115.055575] do_syscall_64+0x33/0x40 [ 3115.056123] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3115.056845] RIP: 0033:0x7f214574ab19 [ 3115.057350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3115.059915] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3115.060991] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3115.062002] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3115.063016] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3115.068031] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3115.069040] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3115.106962] FAT-fs (loop7): bogus number of reserved sectors [ 3115.111917] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:29 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 50) 14:24:29 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 60) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:24:29 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732a66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:24:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x5000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:29 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e67617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x5000000, 0x0, 0x0, r1, 0x0}]) 14:24:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x6, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:29 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x500}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3129.179860] FAULT_INJECTION: forcing a failure. [ 3129.179860] name failslab, interval 1, probability 0, space 0, times 0 [ 3129.181379] CPU: 0 PID: 16748 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3129.182287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3129.183377] Call Trace: [ 3129.183740] dump_stack+0x107/0x167 [ 3129.184109] FAULT_INJECTION: forcing a failure. [ 3129.184109] name failslab, interval 1, probability 0, space 0, times 0 [ 3129.184251] should_fail.cold+0x5/0xa [ 3129.186222] ? create_object.isra.0+0x3a/0xa20 [ 3129.186832] should_failslab+0x5/0x20 [ 3129.187343] kmem_cache_alloc+0x5b/0x310 [ 3129.187904] ? mark_held_locks+0x9e/0xe0 [ 3129.188453] create_object.isra.0+0x3a/0xa20 [ 3129.189041] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3129.189724] kmem_cache_alloc+0x159/0x310 [ 3129.190293] xas_alloc+0x336/0x440 [ 3129.190779] xas_create+0x34a/0x10d0 [ 3129.191298] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3129.192017] xas_store+0x8c/0x1c40 [ 3129.192515] __xa_store+0x164/0x2d0 [ 3129.193010] ? xa_delete_node+0x280/0x280 [ 3129.193579] ? trace_hardirqs_on+0x5b/0x180 [ 3129.194171] xa_store+0x31/0x50 [ 3129.194616] __io_uring_add_tctx_node+0x1cf/0x520 [ 3129.195261] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3129.195968] ? alloc_fd+0x2e7/0x670 [ 3129.196475] io_uring_setup+0x1fbb/0x2980 [ 3129.197043] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3129.197711] ? wait_for_completion_io+0x270/0x270 [ 3129.198400] do_syscall_64+0x33/0x40 [ 3129.198897] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3129.199579] RIP: 0033:0x7f214574ab19 [ 3129.204106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3129.206508] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3129.207515] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3129.208474] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3129.209420] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3129.210362] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3129.211308] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3129.212313] CPU: 1 PID: 16745 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3129.213232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3129.214319] Call Trace: [ 3129.214655] dump_stack+0x107/0x167 [ 3129.215159] should_fail.cold+0x5/0xa [ 3129.215637] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 3129.216324] should_failslab+0x5/0x20 [ 3129.216801] kmem_cache_alloc_trace+0x55/0x320 [ 3129.217414] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3129.218096] ext4_getfsmap_datadev+0xf42/0x25d0 [ 3129.218689] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.219401] ? do_swap+0x134/0x210 [ 3129.219857] ? sort_r+0x239/0x360 [ 3129.220364] ? ext4_file_open+0xa50/0xa50 [ 3129.220883] ext4_getfsmap+0x695/0x990 [ 3129.221416] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.222081] ? ext4_fsmap_to_internal+0x260/0x260 [ 3129.222679] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3129.223341] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.224050] ext4_ioc_getfsmap+0x2b0/0x620 [ 3129.224580] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3129.225146] ? find_held_lock+0x2c/0x110 [ 3129.225657] ? avc_has_extended_perms+0x675/0xf40 [ 3129.226288] ? lock_downgrade+0x6d0/0x6d0 [ 3129.226811] __ext4_ioctl+0x8ad/0x4190 [ 3129.227303] ? ext4_reset_inode_seed+0x450/0x450 [ 3129.227900] ? perf_trace_lock+0xac/0x490 [ 3129.228418] ? SOFTIRQ_verbose+0x10/0x10 [ 3129.228937] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3129.229650] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3129.230296] ? do_vfs_ioctl+0x283/0x10d0 [ 3129.230805] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3129.231456] ? generic_block_fiemap+0x60/0x60 [ 3129.232025] ? lock_downgrade+0x6d0/0x6d0 [ 3129.232543] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3129.233146] ? wait_for_completion_io+0x270/0x270 [ 3129.233753] ? selinux_file_ioctl+0xb6/0x270 [ 3129.234322] ? __ext4_ioctl+0x4190/0x4190 [ 3129.234842] __x64_sys_ioctl+0x19a/0x210 [ 3129.235349] do_syscall_64+0x33/0x40 [ 3129.235814] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3129.236460] RIP: 0033:0x7f4e27e8db19 [ 3129.236925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3129.239203] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3129.240162] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3129.241048] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3129.241935] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3129.242821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3129.243708] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:24:29 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 51) [ 3129.280906] FAT-fs (loop7): bogus number of reserved sectors [ 3129.281820] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3129.312423] FAULT_INJECTION: forcing a failure. [ 3129.312423] name failslab, interval 1, probability 0, space 0, times 0 [ 3129.314004] CPU: 1 PID: 16763 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3129.314879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3129.315932] Call Trace: [ 3129.316280] dump_stack+0x107/0x167 [ 3129.316756] should_fail.cold+0x5/0xa [ 3129.317260] ? xas_alloc+0x336/0x440 [ 3129.317757] should_failslab+0x5/0x20 [ 3129.318249] kmem_cache_alloc+0x5b/0x310 [ 3129.318810] xas_alloc+0x336/0x440 [ 3129.319283] xas_create+0x34a/0x10d0 [ 3129.319783] ? kernel_text_address+0xf2/0x120 [ 3129.320397] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3129.321070] xas_store+0x8c/0x1c40 [ 3129.321567] __xa_store+0x164/0x2d0 [ 3129.322046] ? xa_delete_node+0x280/0x280 [ 3129.322589] ? trace_hardirqs_on+0x5b/0x180 [ 3129.323156] xa_store+0x31/0x50 [ 3129.323587] __io_uring_add_tctx_node+0x1cf/0x520 [ 3129.324221] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3129.324883] ? alloc_fd+0x2e7/0x670 [ 3129.325373] io_uring_setup+0x1fbb/0x2980 [ 3129.325924] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3129.326579] ? wait_for_completion_io+0x270/0x270 [ 3129.327246] do_syscall_64+0x33/0x40 [ 3129.327718] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3129.328384] RIP: 0033:0x7f214574ab19 [ 3129.328882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3129.331186] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3129.332165] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3129.333061] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3129.333964] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3129.334864] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3129.335765] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:24:29 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x600}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:29 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617402020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x7, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x6000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:29 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 52) 14:24:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x7000000, 0x0, 0x0, r1, 0x0}]) [ 3129.451023] FAT-fs (loop7): bogus number of reserved sectors [ 3129.451849] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:29 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732b66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3129.467796] FAULT_INJECTION: forcing a failure. [ 3129.467796] name failslab, interval 1, probability 0, space 0, times 0 [ 3129.469282] CPU: 1 PID: 16779 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3129.470162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3129.471223] Call Trace: [ 3129.471569] dump_stack+0x107/0x167 [ 3129.472052] should_fail.cold+0x5/0xa [ 3129.472542] ? create_object.isra.0+0x3a/0xa20 [ 3129.473139] should_failslab+0x5/0x20 [ 3129.473624] kmem_cache_alloc+0x5b/0x310 [ 3129.474150] ? mark_held_locks+0x9e/0xe0 [ 3129.474674] create_object.isra.0+0x3a/0xa20 [ 3129.475232] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3129.475893] kmem_cache_alloc+0x159/0x310 [ 3129.476455] xas_alloc+0x336/0x440 [ 3129.476916] xas_create+0x34a/0x10d0 [ 3129.477407] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3129.478078] xas_store+0x8c/0x1c40 [ 3129.478556] __xa_store+0x164/0x2d0 [ 3129.479026] ? xa_delete_node+0x280/0x280 [ 3129.479568] ? trace_hardirqs_on+0x5b/0x180 [ 3129.480144] xa_store+0x31/0x50 [ 3129.480570] __io_uring_add_tctx_node+0x1cf/0x520 [ 3129.481184] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3129.481849] ? alloc_fd+0x2e7/0x670 [ 3129.482333] io_uring_setup+0x1fbb/0x2980 [ 3129.482875] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3129.483521] ? wait_for_completion_io+0x270/0x270 [ 3129.484198] do_syscall_64+0x33/0x40 [ 3129.484672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3129.485323] RIP: 0033:0x7f214574ab19 [ 3129.485797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3129.488133] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3129.489096] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3129.489996] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3129.490899] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3129.491800] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3129.492723] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:24:29 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 61) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3129.553737] FAULT_INJECTION: forcing a failure. [ 3129.553737] name failslab, interval 1, probability 0, space 0, times 0 [ 3129.555492] CPU: 0 PID: 16787 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3129.556415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3129.557512] Call Trace: [ 3129.557863] dump_stack+0x107/0x167 [ 3129.558343] should_fail.cold+0x5/0xa [ 3129.558849] ? create_object.isra.0+0x3a/0xa20 [ 3129.559450] should_failslab+0x5/0x20 [ 3129.563980] kmem_cache_alloc+0x5b/0x310 [ 3129.564515] create_object.isra.0+0x3a/0xa20 [ 3129.565088] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3129.565752] kmem_cache_alloc_trace+0x151/0x320 [ 3129.566362] ext4_getfsmap_datadev+0xf42/0x25d0 [ 3129.566988] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.567689] ? do_swap+0x134/0x210 [ 3129.568171] ? sort_r+0x239/0x360 [ 3129.568625] ? ext4_file_open+0xa50/0xa50 [ 3129.569172] ext4_getfsmap+0x695/0x990 [ 3129.570313] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.571946] ? ext4_fsmap_to_internal+0x260/0x260 [ 3129.572638] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3129.573355] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3129.574089] ext4_ioc_getfsmap+0x2b0/0x620 [ 3129.574641] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3129.575263] ? find_held_lock+0x2c/0x110 [ 3129.575802] ? avc_has_extended_perms+0x675/0xf40 [ 3129.576480] ? lock_downgrade+0x6d0/0x6d0 [ 3129.577027] __ext4_ioctl+0x8ad/0x4190 [ 3129.577546] ? ext4_reset_inode_seed+0x450/0x450 [ 3129.578231] ? perf_trace_lock+0xac/0x490 [ 3129.578814] ? SOFTIRQ_verbose+0x10/0x10 [ 3129.579405] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3129.580195] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3129.580901] ? do_vfs_ioctl+0x283/0x10d0 [ 3129.581453] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3129.582156] ? generic_block_fiemap+0x60/0x60 [ 3129.582760] ? lock_downgrade+0x6d0/0x6d0 [ 3129.583323] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3129.583970] ? wait_for_completion_io+0x270/0x270 [ 3129.584648] ? selinux_file_ioctl+0xb6/0x270 [ 3129.585268] ? __ext4_ioctl+0x4190/0x4190 [ 3129.585856] __x64_sys_ioctl+0x19a/0x210 [ 3129.586435] do_syscall_64+0x33/0x40 [ 3129.586945] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3129.587679] RIP: 0033:0x7f4e27e8db19 [ 3129.588196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3129.590595] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3129.591588] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3129.592527] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3129.593454] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3129.594435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3129.595450] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:24:29 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x700}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3129.651280] FAT-fs (loop5): bogus logical sector size 514 [ 3129.652156] FAT-fs (loop5): Can't find a valid FAT filesystem 14:24:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x8, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3129.722445] FAT-fs (loop5): bogus logical sector size 514 [ 3129.723494] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3129.740716] FAT-fs (loop7): bogus number of reserved sectors [ 3129.741579] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:44 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 53) [ 3143.894444] FAULT_INJECTION: forcing a failure. [ 3143.894444] name failslab, interval 1, probability 0, space 0, times 0 [ 3143.896100] CPU: 0 PID: 16821 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3143.897013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3143.898099] Call Trace: [ 3143.898451] dump_stack+0x107/0x167 [ 3143.898933] should_fail.cold+0x5/0xa [ 3143.899436] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3143.900077] should_failslab+0x5/0x20 [ 3143.916607] kmem_cache_alloc_trace+0x55/0x320 [ 3143.917204] ? ext4_bg_num_gdb+0x172/0x250 [ 3143.917758] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3143.918375] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3143.919071] ? do_swap+0x134/0x210 [ 3143.919536] ? sort_r+0x239/0x360 [ 3143.919988] ? ext4_file_open+0xa50/0xa50 [ 3143.920554] ext4_getfsmap+0x695/0x990 [ 3143.921063] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3143.921763] ? ext4_fsmap_to_internal+0x260/0x260 [ 3143.922391] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3143.923085] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3143.923797] ext4_ioc_getfsmap+0x2b0/0x620 [ 3143.924346] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3143.924963] ? find_held_lock+0x2c/0x110 [ 3143.925496] ? avc_has_extended_perms+0x675/0xf40 [ 3143.926151] ? lock_downgrade+0x6d0/0x6d0 [ 3143.926693] __ext4_ioctl+0x8ad/0x4190 [ 3143.927205] ? ext4_reset_inode_seed+0x450/0x450 [ 3143.927820] ? perf_trace_lock+0xac/0x490 [ 3143.928370] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3143.929128] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3143.929798] ? do_vfs_ioctl+0x283/0x10d0 [ 3143.930323] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3143.931001] ? generic_block_fiemap+0x60/0x60 [ 3143.931581] ? lock_downgrade+0x6d0/0x6d0 [ 3143.932120] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3143.944784] ? wait_for_completion_io+0x270/0x270 [ 3143.945416] ? selinux_file_ioctl+0xb6/0x270 [ 3143.945990] ? __ext4_ioctl+0x4190/0x4190 [ 3143.946527] __x64_sys_ioctl+0x19a/0x210 [ 3143.947058] do_syscall_64+0x33/0x40 [ 3143.947540] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3143.948202] RIP: 0033:0x7f4e27e8db19 [ 3143.948700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3143.951074] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3143.952064] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3143.953002] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3143.953924] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3143.954845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3143.955767] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3143.963117] FAULT_INJECTION: forcing a failure. 14:24:44 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617403020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:44 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0xb00}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:44 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 62) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:24:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x7000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x8000000, 0x0, 0x0, r1, 0x0}]) 14:24:44 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732c66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3143.963117] name failslab, interval 1, probability 0, space 0, times 0 [ 3143.973023] CPU: 1 PID: 16815 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3143.973958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3143.975063] Call Trace: [ 3143.975428] dump_stack+0x107/0x167 [ 3143.975930] should_fail.cold+0x5/0xa [ 3143.980475] ? xas_alloc+0x336/0x440 [ 3143.981002] should_failslab+0x5/0x20 [ 3143.981525] kmem_cache_alloc+0x5b/0x310 [ 3143.982096] xas_alloc+0x336/0x440 [ 3143.982593] xas_create+0x34a/0x10d0 [ 3143.983129] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3143.983840] xas_store+0x8c/0x1c40 14:24:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x9, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3143.984361] __xa_store+0x164/0x2d0 [ 3144.004488] ? xa_delete_node+0x280/0x280 [ 3144.005025] ? trace_hardirqs_on+0x5b/0x180 [ 3144.005579] xa_store+0x31/0x50 [ 3144.006001] __io_uring_add_tctx_node+0x1cf/0x520 [ 3144.006605] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3144.007259] ? alloc_fd+0x2e7/0x670 [ 3144.007735] io_uring_setup+0x1fbb/0x2980 [ 3144.008270] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3144.008998] ? wait_for_completion_io+0x270/0x270 [ 3144.009656] do_syscall_64+0x33/0x40 [ 3144.010145] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3144.010787] RIP: 0033:0x7f214574ab19 [ 3144.011277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3144.013670] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3144.014711] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3144.015598] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3144.016503] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3144.017394] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3144.018284] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3144.022522] FAT-fs (loop7): bogus number of reserved sectors [ 3144.023351] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:44 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 54) [ 3144.085197] FAT-fs (loop5): bogus logical sector size 515 [ 3144.086202] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3144.144446] FAT-fs (loop5): bogus logical sector size 515 [ 3144.145372] FAT-fs (loop5): Can't find a valid FAT filesystem 14:24:44 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732d66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3144.175402] FAULT_INJECTION: forcing a failure. [ 3144.175402] name failslab, interval 1, probability 0, space 0, times 0 [ 3144.176963] CPU: 0 PID: 16846 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3144.177877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3144.178966] Call Trace: [ 3144.179322] dump_stack+0x107/0x167 [ 3144.179809] should_fail.cold+0x5/0xa [ 3144.180315] ? create_object.isra.0+0x3a/0xa20 [ 3144.180935] should_failslab+0x5/0x20 [ 3144.181438] kmem_cache_alloc+0x5b/0x310 [ 3144.181978] ? mark_held_locks+0x9e/0xe0 [ 3144.182521] create_object.isra.0+0x3a/0xa20 [ 3144.183101] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3144.183780] kmem_cache_alloc+0x159/0x310 [ 3144.184339] xas_alloc+0x336/0x440 [ 3144.184836] xas_create+0x34a/0x10d0 [ 3144.185343] ? kernel_text_address+0xf2/0x120 [ 3144.185938] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3144.186634] xas_store+0x8c/0x1c40 [ 3144.187127] __xa_store+0x164/0x2d0 [ 3144.187615] ? xa_delete_node+0x280/0x280 [ 3144.188175] ? trace_hardirqs_on+0x5b/0x180 [ 3144.188772] xa_store+0x31/0x50 [ 3144.189214] __io_uring_add_tctx_node+0x1cf/0x520 [ 3144.189852] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3144.190541] ? alloc_fd+0x2e7/0x670 [ 3144.191041] io_uring_setup+0x1fbb/0x2980 [ 3144.191601] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3144.192269] ? wait_for_completion_io+0x270/0x270 [ 3144.192971] do_syscall_64+0x33/0x40 [ 3144.193463] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3144.194141] RIP: 0033:0x7f214574ab19 [ 3144.194634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3144.197072] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3144.198076] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3144.199014] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3144.199952] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3144.200911] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3144.201851] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:24:44 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x1800}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0xa, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xeffdffff, 0x0, 0x0, r1, 0x0}]) 14:24:44 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617404020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x8000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3144.367157] FAT-fs (loop5): bogus logical sector size 516 [ 3144.367954] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3144.422414] FAT-fs (loop5): bogus logical sector size 516 [ 3144.423764] FAT-fs (loop5): Can't find a valid FAT filesystem 14:24:58 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x1c00}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:58 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617405020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:24:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x9000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0xb, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:24:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 55) 14:24:58 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 63) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:24:58 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732f66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:24:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfcfdffff, 0x0, 0x0, r1, 0x0}]) [ 3158.108467] FAULT_INJECTION: forcing a failure. [ 3158.108467] name failslab, interval 1, probability 0, space 0, times 0 [ 3158.110091] CPU: 1 PID: 16890 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3158.111026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3158.112143] Call Trace: [ 3158.112530] dump_stack+0x107/0x167 [ 3158.113050] should_fail.cold+0x5/0xa [ 3158.113585] ? xas_alloc+0x336/0x440 [ 3158.114106] should_failslab+0x5/0x20 [ 3158.114658] kmem_cache_alloc+0x5b/0x310 [ 3158.115234] xas_alloc+0x336/0x440 [ 3158.115745] xas_create+0x34a/0x10d0 [ 3158.116293] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3158.117041] xas_store+0x8c/0x1c40 [ 3158.117570] __xa_store+0x164/0x2d0 [ 3158.118087] ? xa_delete_node+0x280/0x280 [ 3158.118672] ? trace_hardirqs_on+0x5b/0x180 [ 3158.119287] xa_store+0x31/0x50 [ 3158.119762] __io_uring_add_tctx_node+0x1cf/0x520 [ 3158.120438] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3158.121178] ? alloc_fd+0x2e7/0x670 [ 3158.121658] io_uring_setup+0x1fbb/0x2980 [ 3158.122193] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3158.122829] ? wait_for_completion_io+0x270/0x270 [ 3158.123486] do_syscall_64+0x33/0x40 [ 3158.123954] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3158.124594] RIP: 0033:0x7f214574ab19 [ 3158.125091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3158.127555] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3158.128579] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3158.130116] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3158.131072] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3158.132022] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3158.132991] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3158.136591] FAULT_INJECTION: forcing a failure. [ 3158.136591] name failslab, interval 1, probability 0, space 0, times 0 [ 3158.138350] CPU: 0 PID: 16894 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3158.139314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3158.140467] Call Trace: [ 3158.140842] dump_stack+0x107/0x167 [ 3158.141373] should_fail.cold+0x5/0xa [ 3158.141918] ? create_object.isra.0+0x3a/0xa20 [ 3158.142567] should_failslab+0x5/0x20 [ 3158.143107] kmem_cache_alloc+0x5b/0x310 [ 3158.143681] ? lock_downgrade+0x6d0/0x6d0 [ 3158.144273] create_object.isra.0+0x3a/0xa20 [ 3158.144890] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3158.145621] kmem_cache_alloc_trace+0x151/0x320 [ 3158.146292] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3158.146965] ? ext4_file_open+0xa50/0xa50 [ 3158.147548] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.148304] ? do_swap+0x134/0x210 [ 3158.148795] ? sort_r+0x239/0x360 [ 3158.149285] ? ext4_file_open+0xa50/0xa50 [ 3158.149868] ext4_getfsmap+0x695/0x990 [ 3158.150418] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.151176] ? ext4_fsmap_to_internal+0x260/0x260 [ 3158.151854] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3158.152610] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.153396] ext4_ioc_getfsmap+0x2b0/0x620 [ 3158.154002] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3158.154643] ? find_held_lock+0x2c/0x110 [ 3158.155221] ? avc_has_extended_perms+0x675/0xf40 [ 3158.155942] ? lock_downgrade+0x6d0/0x6d0 [ 3158.156542] __ext4_ioctl+0x8ad/0x4190 [ 3158.157118] ? ext4_reset_inode_seed+0x450/0x450 [ 3158.157784] ? perf_trace_lock+0xac/0x490 [ 3158.158367] ? SOFTIRQ_verbose+0x10/0x10 [ 3158.158961] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3158.159761] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3158.160480] ? do_vfs_ioctl+0x283/0x10d0 [ 3158.161062] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3158.161793] ? generic_block_fiemap+0x60/0x60 [ 3158.162420] ? lock_downgrade+0x6d0/0x6d0 [ 3158.162997] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3158.163674] ? wait_for_completion_io+0x270/0x270 [ 3158.164364] ? selinux_file_ioctl+0xb6/0x270 [ 3158.165001] ? __ext4_ioctl+0x4190/0x4190 [ 3158.165585] __x64_sys_ioctl+0x19a/0x210 [ 3158.166162] do_syscall_64+0x33/0x40 [ 3158.166688] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3158.167411] RIP: 0033:0x7f4e27e8db19 [ 3158.167938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3158.170480] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3158.171542] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3158.172553] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3158.173572] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3158.174576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3158.175580] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:24:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 56) [ 3158.215074] FAT-fs (loop7): bogus number of reserved sectors [ 3158.215967] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3158.224286] FAT-fs (loop5): bogus logical sector size 517 [ 3158.225102] FAT-fs (loop5): Can't find a valid FAT filesystem 14:24:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0xd, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3158.270628] FAT-fs (loop5): bogus logical sector size 517 [ 3158.271481] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3158.287655] FAULT_INJECTION: forcing a failure. [ 3158.287655] name failslab, interval 1, probability 0, space 0, times 0 [ 3158.289212] CPU: 1 PID: 16908 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3158.290080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3158.291110] Call Trace: [ 3158.291448] dump_stack+0x107/0x167 [ 3158.291914] should_fail.cold+0x5/0xa 14:24:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xc000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3158.292398] ? create_object.isra.0+0x3a/0xa20 [ 3158.301015] should_failslab+0x5/0x20 [ 3158.301549] kmem_cache_alloc+0x5b/0x310 [ 3158.302113] ? mark_held_locks+0x9e/0xe0 [ 3158.302691] create_object.isra.0+0x3a/0xa20 [ 3158.303303] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3158.304417] kmem_cache_alloc+0x159/0x310 [ 3158.305759] xas_alloc+0x336/0x440 [ 3158.306814] xas_create+0x34a/0x10d0 [ 3158.307942] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3158.309220] xas_store+0x8c/0x1c40 [ 3158.309790] __xa_store+0x164/0x2d0 [ 3158.310370] ? xa_delete_node+0x280/0x280 [ 3158.310994] ? trace_hardirqs_on+0x5b/0x180 [ 3158.311700] xa_store+0x31/0x50 [ 3158.312210] __io_uring_add_tctx_node+0x1cf/0x520 [ 3158.312904] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3158.313710] ? alloc_fd+0x2e7/0x670 [ 3158.314285] io_uring_setup+0x1fbb/0x2980 [ 3158.314958] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3158.316506] ? wait_for_completion_io+0x270/0x270 [ 3158.318023] do_syscall_64+0x33/0x40 [ 3158.319134] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3158.320623] RIP: 0033:0x7f214574ab19 [ 3158.321776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3158.327248] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3158.329519] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3158.331659] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3158.333825] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3158.335958] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3158.337988] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:24:58 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x3f00}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:24:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfefdffff, 0x0, 0x0, r1, 0x0}]) 14:24:58 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e22617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:24:58 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617406020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3158.464009] FAT-fs (loop7): bogus number of reserved sectors [ 3158.464891] FAT-fs (loop7): Can't find a valid FAT filesystem 14:24:58 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 57) [ 3158.547441] FAULT_INJECTION: forcing a failure. [ 3158.547441] name failslab, interval 1, probability 0, space 0, times 0 [ 3158.548914] CPU: 1 PID: 16930 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3158.549851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3158.550957] Call Trace: [ 3158.551327] dump_stack+0x107/0x167 [ 3158.551815] should_fail.cold+0x5/0xa [ 3158.552303] ? xas_alloc+0x336/0x440 14:24:58 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 64) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3158.552761] should_failslab+0x5/0x20 [ 3158.561052] kmem_cache_alloc+0x5b/0x310 [ 3158.561572] xas_alloc+0x336/0x440 [ 3158.562033] xas_create+0x34a/0x10d0 [ 3158.562549] ? kernel_text_address+0xf2/0x120 [ 3158.563184] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3158.563928] xas_store+0x8c/0x1c40 [ 3158.564454] __xa_store+0x164/0x2d0 [ 3158.564922] ? xa_delete_node+0x280/0x280 [ 3158.565525] ? trace_hardirqs_on+0x5b/0x180 [ 3158.566082] xa_store+0x31/0x50 [ 3158.567140] __io_uring_add_tctx_node+0x1cf/0x520 [ 3158.568531] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3158.569239] ? alloc_fd+0x2e7/0x670 [ 3158.569739] io_uring_setup+0x1fbb/0x2980 [ 3158.570285] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3158.570947] ? wait_for_completion_io+0x270/0x270 [ 3158.571610] do_syscall_64+0x33/0x40 [ 3158.572093] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3158.572744] RIP: 0033:0x7f214574ab19 [ 3158.573229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3158.575556] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3158.576525] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3158.577469] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3158.578357] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3158.579246] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3158.580134] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3158.663573] FAULT_INJECTION: forcing a failure. [ 3158.663573] name failslab, interval 1, probability 0, space 0, times 0 [ 3158.665466] CPU: 0 PID: 16936 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3158.666443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3158.667601] Call Trace: [ 3158.667988] dump_stack+0x107/0x167 [ 3158.668508] should_fail.cold+0x5/0xa [ 3158.669075] ? ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3158.669764] should_failslab+0x5/0x20 [ 3158.670308] kmem_cache_alloc_trace+0x55/0x320 [ 3158.670956] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3158.672694] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3158.674173] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.675977] ? do_swap+0x134/0x210 [ 3158.677152] ? sort_r+0x239/0x360 [ 3158.678157] ? ext4_file_open+0xa50/0xa50 [ 3158.679370] ext4_getfsmap+0x695/0x990 [ 3158.680479] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.682025] ? ext4_fsmap_to_internal+0x260/0x260 [ 3158.683275] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3158.684617] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3158.686124] ext4_ioc_getfsmap+0x2b0/0x620 [ 3158.687210] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3158.688379] ? find_held_lock+0x2c/0x110 [ 3158.689510] ? avc_has_extended_perms+0x675/0xf40 [ 3158.690795] ? lock_downgrade+0x6d0/0x6d0 [ 3158.691870] __ext4_ioctl+0x8ad/0x4190 [ 3158.692859] ? ext4_reset_inode_seed+0x450/0x450 [ 3158.694118] ? perf_trace_lock+0xac/0x490 [ 3158.695179] ? SOFTIRQ_verbose+0x10/0x10 [ 3158.696228] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3158.697716] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3158.699048] ? do_vfs_ioctl+0x283/0x10d0 [ 3158.700082] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3158.701450] ? generic_block_fiemap+0x60/0x60 [ 3158.702599] ? lock_downgrade+0x6d0/0x6d0 [ 3158.703665] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3158.704895] ? wait_for_completion_io+0x270/0x270 [ 3158.706183] ? selinux_file_ioctl+0xb6/0x270 [ 3158.707315] ? __ext4_ioctl+0x4190/0x4190 [ 3158.708369] __x64_sys_ioctl+0x19a/0x210 [ 3158.709451] do_syscall_64+0x33/0x40 [ 3158.710406] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3158.711729] RIP: 0033:0x7f4e27e8db19 [ 3158.712665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3158.717566] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3158.719532] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3158.721182] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3158.722108] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3158.723034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3158.723963] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3158.731229] FAT-fs (loop5): bogus logical sector size 518 [ 3158.732850] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3158.822461] FAT-fs (loop5): bogus logical sector size 518 [ 3158.823323] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:12 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x4000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:25:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x10000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:12 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2c617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:25:12 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617407020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:25:12 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 58) 14:25:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfffffdef, 0x0, 0x0, r1, 0x0}]) 14:25:12 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 65) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:25:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0xf, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3172.686166] FAULT_INJECTION: forcing a failure. [ 3172.686166] name failslab, interval 1, probability 0, space 0, times 0 [ 3172.687890] CPU: 1 PID: 16950 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3172.688771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3172.689827] Call Trace: [ 3172.690163] dump_stack+0x107/0x167 [ 3172.690621] should_fail.cold+0x5/0xa [ 3172.691103] ? create_object.isra.0+0x3a/0xa20 [ 3172.691679] should_failslab+0x5/0x20 [ 3172.692157] kmem_cache_alloc+0x5b/0x310 [ 3172.692671] create_object.isra.0+0x3a/0xa20 [ 3172.693220] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3172.693872] kmem_cache_alloc_trace+0x151/0x320 [ 3172.694465] ext4_getfsmap_datadev+0xd9c/0x25d0 [ 3172.695068] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3172.695740] ? do_swap+0x134/0x210 [ 3172.696190] ? sort_r+0x239/0x360 [ 3172.696624] ? ext4_file_open+0xa50/0xa50 [ 3172.697149] ext4_getfsmap+0x695/0x990 [ 3172.697846] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3172.699155] ? ext4_fsmap_to_internal+0x260/0x260 [ 3172.699432] FAULT_INJECTION: forcing a failure. [ 3172.699432] name failslab, interval 1, probability 0, space 0, times 0 [ 3172.700331] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3172.700372] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3172.704690] ext4_ioc_getfsmap+0x2b0/0x620 [ 3172.705780] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3172.706893] ? find_held_lock+0x2c/0x110 [ 3172.707885] ? avc_has_extended_perms+0x675/0xf40 [ 3172.709091] ? lock_downgrade+0x6d0/0x6d0 [ 3172.710241] __ext4_ioctl+0x8ad/0x4190 [ 3172.711199] ? ext4_reset_inode_seed+0x450/0x450 [ 3172.712352] ? perf_trace_lock+0xac/0x490 [ 3172.713357] ? SOFTIRQ_verbose+0x10/0x10 [ 3172.714528] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3172.715939] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3172.717203] ? do_vfs_ioctl+0x283/0x10d0 [ 3172.717856] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3172.718514] ? generic_block_fiemap+0x60/0x60 [ 3172.719076] ? lock_downgrade+0x6d0/0x6d0 [ 3172.719600] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3172.720211] ? wait_for_completion_io+0x270/0x270 [ 3172.720824] ? selinux_file_ioctl+0xb6/0x270 [ 3172.721380] ? __ext4_ioctl+0x4190/0x4190 [ 3172.721914] __x64_sys_ioctl+0x19a/0x210 [ 3172.722427] do_syscall_64+0x33/0x40 [ 3172.722896] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3172.723538] RIP: 0033:0x7f4e27e8db19 [ 3172.724006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3172.726322] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3172.727277] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3172.728172] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3172.729070] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3172.729980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3172.730871] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3172.731788] CPU: 0 PID: 16964 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3172.732713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3172.733831] Call Trace: [ 3172.734194] dump_stack+0x107/0x167 [ 3172.734684] should_fail.cold+0x5/0xa [ 3172.735193] ? create_object.isra.0+0x3a/0xa20 [ 3172.735802] should_failslab+0x5/0x20 [ 3172.736307] kmem_cache_alloc+0x5b/0x310 [ 3172.736848] ? mark_held_locks+0x9e/0xe0 [ 3172.737392] create_object.isra.0+0x3a/0xa20 [ 3172.737990] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3172.738668] kmem_cache_alloc+0x159/0x310 [ 3172.739228] xas_alloc+0x336/0x440 [ 3172.739712] xas_create+0x34a/0x10d0 [ 3172.740229] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3172.740924] xas_store+0x8c/0x1c40 [ 3172.741419] __xa_store+0x164/0x2d0 [ 3172.741936] ? xa_delete_node+0x280/0x280 [ 3172.742498] ? trace_hardirqs_on+0x5b/0x180 [ 3172.743092] xa_store+0x31/0x50 [ 3172.743540] __io_uring_add_tctx_node+0x1cf/0x520 [ 3172.744181] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3172.744875] ? alloc_fd+0x2e7/0x670 [ 3172.745377] io_uring_setup+0x1fbb/0x2980 [ 3172.745957] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3172.746630] ? wait_for_completion_io+0x270/0x270 [ 3172.747314] do_syscall_64+0x33/0x40 [ 3172.747815] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3172.748490] RIP: 0033:0x7f214574ab19 [ 3172.748983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3172.751394] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3172.752394] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3172.753340] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3172.754287] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3172.755220] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3172.756152] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3172.783565] FAT-fs (loop5): bogus logical sector size 519 [ 3172.784383] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3172.814731] FAT-fs (loop7): bogus number of reserved sectors [ 3172.815597] FAT-fs (loop7): Can't find a valid FAT filesystem 14:25:13 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 59) 14:25:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x10, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfffffdfc, 0x0, 0x0, r1, 0x0}]) 14:25:13 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 66) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3172.893124] FAT-fs (loop5): bogus logical sector size 519 [ 3172.893929] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:13 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x6600}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3172.956465] FAULT_INJECTION: forcing a failure. [ 3172.956465] name failslab, interval 1, probability 0, space 0, times 0 [ 3172.957958] CPU: 1 PID: 16986 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3172.958823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3172.959857] Call Trace: [ 3172.960199] dump_stack+0x107/0x167 [ 3172.960663] should_fail.cold+0x5/0xa [ 3172.961145] ? xas_alloc+0x336/0x440 [ 3172.961630] should_failslab+0x5/0x20 [ 3172.962108] kmem_cache_alloc+0x5b/0x310 [ 3172.962628] xas_alloc+0x336/0x440 [ 3172.963082] xas_create+0x34a/0x10d0 [ 3172.963563] ? kernel_text_address+0xf2/0x120 [ 3172.964129] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3172.964791] xas_store+0x8c/0x1c40 [ 3172.965262] __xa_store+0x164/0x2d0 [ 3172.965734] ? xa_delete_node+0x280/0x280 [ 3172.966268] ? trace_hardirqs_on+0x5b/0x180 [ 3172.966824] xa_store+0x31/0x50 [ 3172.967244] __io_uring_add_tctx_node+0x1cf/0x520 [ 3172.967851] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3172.968505] ? alloc_fd+0x2e7/0x670 [ 3172.968984] io_uring_setup+0x1fbb/0x2980 [ 3172.969527] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3172.970166] ? wait_for_completion_io+0x270/0x270 [ 3172.970816] do_syscall_64+0x33/0x40 [ 3172.971290] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3172.971931] RIP: 0033:0x7f214574ab19 14:25:13 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2e617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:25:13 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617408020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3172.972399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3172.978692] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3172.979645] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3172.980532] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3172.981425] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3172.986322] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3172.987210] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:25:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x12000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3173.016541] FAULT_INJECTION: forcing a failure. [ 3173.016541] name failslab, interval 1, probability 0, space 0, times 0 [ 3173.018222] CPU: 0 PID: 16992 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3173.019149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3173.020243] Call Trace: [ 3173.020599] dump_stack+0x107/0x167 [ 3173.021079] should_fail.cold+0x5/0xa [ 3173.021822] ? ext4_getfsmap_datadev+0xf42/0x25d0 [ 3173.023030] should_failslab+0x5/0x20 [ 3173.023980] kmem_cache_alloc_trace+0x55/0x320 [ 3173.025117] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3173.026596] ext4_getfsmap_datadev+0xf42/0x25d0 [ 3173.027775] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3173.029109] ? do_swap+0x134/0x210 [ 3173.030100] ? sort_r+0x239/0x360 [ 3173.030963] ? ext4_file_open+0xa50/0xa50 [ 3173.032002] ext4_getfsmap+0x695/0x990 [ 3173.032970] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3173.034479] ? ext4_fsmap_to_internal+0x260/0x260 [ 3173.035687] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3173.036995] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3173.038517] ext4_ioc_getfsmap+0x2b0/0x620 [ 3173.039570] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3173.040710] ? find_held_lock+0x2c/0x110 [ 3173.041632] ? avc_has_extended_perms+0x675/0xf40 [ 3173.042295] ? lock_downgrade+0x6d0/0x6d0 [ 3173.042844] __ext4_ioctl+0x8ad/0x4190 [ 3173.043367] ? ext4_reset_inode_seed+0x450/0x450 [ 3173.043990] ? perf_trace_lock+0xac/0x490 [ 3173.044548] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3173.045303] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3173.046005] ? do_vfs_ioctl+0x283/0x10d0 [ 3173.046543] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3173.047233] ? generic_block_fiemap+0x60/0x60 [ 3173.047822] ? lock_downgrade+0x6d0/0x6d0 [ 3173.048368] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3173.049005] ? wait_for_completion_io+0x270/0x270 [ 3173.049661] ? selinux_file_ioctl+0xb6/0x270 [ 3173.050241] ? __ext4_ioctl+0x4190/0x4190 [ 3173.050789] __x64_sys_ioctl+0x19a/0x210 [ 3173.051323] do_syscall_64+0x33/0x40 [ 3173.051814] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3173.052486] RIP: 0033:0x7f4e27e8db19 [ 3173.052974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3173.055396] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3173.056395] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3173.057330] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3173.058280] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3173.059218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3173.060151] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3173.096548] FAT-fs (loop7): bogus number of reserved sectors [ 3173.097485] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3173.142912] FAT-fs (loop5): bogus logical sector size 520 [ 3173.143671] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3173.213437] FAT-fs (loop5): bogus logical sector size 520 [ 3173.214301] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfffffdfe, 0x0, 0x0, r1, 0x0}]) 14:25:33 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 67) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:25:33 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x21030000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:33 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 60) 14:25:33 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x8004}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:25:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x11, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:33 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e2f617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:25:33 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617409020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3193.715880] FAULT_INJECTION: forcing a failure. [ 3193.715880] name failslab, interval 1, probability 0, space 0, times 0 [ 3193.717324] CPU: 1 PID: 17026 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3193.718186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3193.719239] Call Trace: [ 3193.719579] dump_stack+0x107/0x167 [ 3193.720046] should_fail.cold+0x5/0xa [ 3193.720534] ? create_object.isra.0+0x3a/0xa20 [ 3193.721113] should_failslab+0x5/0x20 [ 3193.721593] kmem_cache_alloc+0x5b/0x310 [ 3193.722108] ? mark_held_locks+0x9e/0xe0 [ 3193.722646] create_object.isra.0+0x3a/0xa20 [ 3193.723199] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3193.723845] kmem_cache_alloc+0x159/0x310 [ 3193.724380] xas_alloc+0x336/0x440 [ 3193.724836] xas_create+0x34a/0x10d0 [ 3193.725320] ? kernel_text_address+0xf2/0x120 [ 3193.725887] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3193.726566] xas_store+0x8c/0x1c40 [ 3193.727039] __xa_store+0x164/0x2d0 [ 3193.727505] ? xa_delete_node+0x280/0x280 [ 3193.728041] ? trace_hardirqs_on+0x5b/0x180 [ 3193.728596] xa_store+0x31/0x50 [ 3193.729018] __io_uring_add_tctx_node+0x1cf/0x520 [ 3193.729627] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 3193.730291] ? alloc_fd+0x2e7/0x670 [ 3193.730773] io_uring_setup+0x1fbb/0x2980 [ 3193.731308] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 3193.731946] ? wait_for_completion_io+0x270/0x270 [ 3193.732594] do_syscall_64+0x33/0x40 [ 3193.733063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3193.733705] RIP: 0033:0x7f214574ab19 [ 3193.734172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3193.736474] RSP: 002b:00007f2142cc0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3193.737427] RAX: ffffffffffffffda RBX: 00007f214585df60 RCX: 00007f214574ab19 [ 3193.738333] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000004d4f [ 3193.739230] RBP: 00000000200002c0 R08: 0000000020000140 R09: 0000000020000140 [ 3193.740123] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 3193.741018] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:25:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 61) 14:25:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xfffffe00, 0x0, 0x0, r1, 0x0}]) [ 3193.775423] FAULT_INJECTION: forcing a failure. [ 3193.775423] name failslab, interval 1, probability 0, space 0, times 0 [ 3193.788044] CPU: 1 PID: 17034 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3193.788911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3193.789940] Call Trace: [ 3193.790282] dump_stack+0x107/0x167 [ 3193.790750] should_fail.cold+0x5/0xa [ 3193.791231] ? create_object.isra.0+0x3a/0xa20 [ 3193.791806] should_failslab+0x5/0x20 [ 3193.792283] kmem_cache_alloc+0x5b/0x310 [ 3193.792796] create_object.isra.0+0x3a/0xa20 [ 3193.793342] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3193.793981] kmem_cache_alloc_trace+0x151/0x320 [ 3193.794582] ext4_getfsmap_datadev+0xf42/0x25d0 [ 3193.795185] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3193.795851] ? do_swap+0x134/0x210 [ 3193.796296] ? sort_r+0x239/0x360 [ 3193.796729] ? ext4_file_open+0xa50/0xa50 [ 3193.797253] ext4_getfsmap+0x695/0x990 [ 3193.797739] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3193.798421] ? ext4_fsmap_to_internal+0x260/0x260 [ 3193.799027] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3193.799696] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3193.800383] ext4_ioc_getfsmap+0x2b0/0x620 [ 3193.800913] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3193.801485] ? find_held_lock+0x2c/0x110 [ 3193.802000] ? avc_has_extended_perms+0x675/0xf40 [ 3193.802660] ? lock_downgrade+0x6d0/0x6d0 [ 3193.803183] __ext4_ioctl+0x8ad/0x4190 [ 3193.803676] ? ext4_reset_inode_seed+0x450/0x450 [ 3193.804266] ? perf_trace_lock+0xac/0x490 [ 3193.804779] ? SOFTIRQ_verbose+0x10/0x10 [ 3193.805301] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3193.806014] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3193.806667] ? do_vfs_ioctl+0x283/0x10d0 [ 3193.807178] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3193.807827] ? generic_block_fiemap+0x60/0x60 [ 3193.808390] ? lock_downgrade+0x6d0/0x6d0 [ 3193.808909] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3193.809512] ? wait_for_completion_io+0x270/0x270 [ 3193.810125] ? selinux_file_ioctl+0xb6/0x270 [ 3193.814704] ? __ext4_ioctl+0x4190/0x4190 [ 3193.815224] __x64_sys_ioctl+0x19a/0x210 [ 3193.815734] do_syscall_64+0x33/0x40 [ 3193.816198] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3193.816836] RIP: 0033:0x7f4e27e8db19 [ 3193.817299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3193.819608] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3193.820557] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3193.821443] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3193.822343] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3193.823231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3193.824118] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3193.834728] FAT-fs (loop7): bogus number of reserved sectors [ 3193.835495] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3193.889047] FAT-fs (loop5): bogus logical sector size 521 [ 3193.889979] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x112, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x8008}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:25:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x3f000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3193.950751] FAULT_INJECTION: forcing a failure. [ 3193.950751] name failslab, interval 1, probability 0, space 0, times 0 [ 3193.962949] CPU: 0 PID: 17055 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3193.963857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3193.964944] Call Trace: [ 3193.965301] dump_stack+0x107/0x167 [ 3193.965786] should_fail.cold+0x5/0xa [ 3193.966307] ? vm_area_dup+0x78/0x290 [ 3193.966819] should_failslab+0x5/0x20 [ 3193.967323] kmem_cache_alloc+0x5b/0x310 [ 3193.967870] vm_area_dup+0x78/0x290 [ 3193.968369] ? mark_lock+0xf5/0x2df0 [ 3193.968867] ? tracing_generic_entry_update+0x1ed/0x270 [ 3193.969573] ? lock_chain_count+0x20/0x20 [ 3193.970117] ? perf_tp_event+0x5ce/0xc00 [ 3193.970684] ? perf_event_switch_output+0x7d0/0x7d0 [ 3193.971335] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3193.971995] ? mark_lock+0xf5/0x2df0 [ 3193.972488] ? vm_area_alloc+0x110/0x110 [ 3193.973033] ? __lock_acquire+0x1657/0x5b00 [ 3193.973630] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3193.974330] ? SOFTIRQ_verbose+0x10/0x10 [ 3193.974872] ? vmacache_find+0x55/0x2a0 [ 3193.975402] __split_vma+0xa8/0x570 [ 3193.975895] __do_munmap+0x365/0x1260 [ 3193.976422] mmap_region+0x776/0x1590 [ 3193.976945] ? get_unmapped_area+0x2f0/0x420 [ 3193.977532] do_mmap+0xcdb/0x11e0 [ 3193.978011] vm_mmap_pgoff+0x198/0x1f0 [ 3193.978550] ? randomize_page+0xb0/0xb0 [ 3193.979104] ksys_mmap_pgoff+0x41c/0x560 [ 3193.979646] ? find_mergeable_anon_vma+0x250/0x250 [ 3193.980317] do_syscall_64+0x33/0x40 [ 3193.980813] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3193.981487] RIP: 0033:0x7f214574ab62 [ 3193.981980] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3193.984397] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3193.985401] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3193.990363] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3193.991303] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3193.992238] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3193.993176] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:25:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617404000801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:25:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740a020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3194.089036] FAT-fs (loop7): bogus number of reserved sectors [ 3194.089936] FAT-fs (loop7): Can't find a valid FAT filesystem 14:25:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0xffffffff, 0x0, 0x0, r1, 0x0}]) 14:25:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617402020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3194.184059] FAT-fs (loop5): bogus logical sector size 522 [ 3194.184864] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3194.207246] FAT-fs (loop0): bogus logical sector size 514 [ 3194.208063] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3194.216498] FAT-fs (loop5): bogus logical sector size 522 [ 3194.217271] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x300, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:48 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740b020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:25:48 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617403020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:25:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x64000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:25:48 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0xeffd}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:25:48 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 62) 14:25:48 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 68) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:25:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 3208.651468] FAT-fs (loop7): bogus number of reserved sectors [ 3208.652460] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3208.656202] FAULT_INJECTION: forcing a failure. [ 3208.656202] name failslab, interval 1, probability 0, space 0, times 0 [ 3208.657802] CPU: 1 PID: 17099 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3208.658752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3208.659890] Call Trace: [ 3208.660225] dump_stack+0x107/0x167 [ 3208.660685] should_fail.cold+0x5/0xa [ 3208.661165] ? ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3208.661767] should_failslab+0x5/0x20 [ 3208.662247] kmem_cache_alloc_trace+0x55/0x320 [ 3208.662822] ? ext4_get_group_desc+0x2a0/0x560 [ 3208.663397] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3208.663992] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3208.664656] ? do_swap+0x134/0x210 [ 3208.665101] ? sort_r+0x239/0x360 [ 3208.665531] ? ext4_file_open+0xa50/0xa50 [ 3208.666050] ext4_getfsmap+0x695/0x990 [ 3208.666534] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3208.667216] ? ext4_fsmap_to_internal+0x260/0x260 [ 3208.667816] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3208.668480] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3208.669163] ext4_ioc_getfsmap+0x2b0/0x620 [ 3208.669687] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3208.670260] ? find_held_lock+0x2c/0x110 [ 3208.670771] ? avc_has_extended_perms+0x675/0xf40 [ 3208.671424] ? lock_downgrade+0x6d0/0x6d0 [ 3208.671943] __ext4_ioctl+0x8ad/0x4190 [ 3208.672440] ? ext4_reset_inode_seed+0x450/0x450 [ 3208.673027] ? perf_trace_lock+0xac/0x490 [ 3208.673556] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3208.674270] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3208.674925] ? do_vfs_ioctl+0x283/0x10d0 [ 3208.675429] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3208.676080] ? generic_block_fiemap+0x60/0x60 [ 3208.676638] ? lock_downgrade+0x6d0/0x6d0 [ 3208.677157] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3208.677757] ? wait_for_completion_io+0x270/0x270 [ 3208.678362] ? selinux_file_ioctl+0xb6/0x270 [ 3208.678930] ? __ext4_ioctl+0x4190/0x4190 [ 3208.679453] __x64_sys_ioctl+0x19a/0x210 [ 3208.679959] do_syscall_64+0x33/0x40 [ 3208.680421] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3208.681056] RIP: 0033:0x7f4e27e8db19 [ 3208.681519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3208.683820] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3208.684763] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3208.685645] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3208.686525] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3208.687420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3208.688302] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3208.701278] FAULT_INJECTION: forcing a failure. [ 3208.701278] name failslab, interval 1, probability 0, space 0, times 0 [ 3208.702848] CPU: 1 PID: 17098 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3208.703776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3208.704876] Call Trace: [ 3208.705240] dump_stack+0x107/0x167 [ 3208.705744] should_fail.cold+0x5/0xa [ 3208.706268] ? create_object.isra.0+0x3a/0xa20 [ 3208.706910] should_failslab+0x5/0x20 [ 3208.707430] kmem_cache_alloc+0x5b/0x310 [ 3208.707997] create_object.isra.0+0x3a/0xa20 [ 3208.708586] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3208.709278] kmem_cache_alloc+0x159/0x310 [ 3208.709857] vm_area_dup+0x78/0x290 [ 3208.710349] ? rwlock_bug.part.0+0x90/0x90 [ 3208.710960] ? mark_lock+0xf5/0x2df0 [ 3208.711474] ? tracing_generic_entry_update+0x1ed/0x270 [ 3208.712198] ? lock_chain_count+0x20/0x20 [ 3208.712763] ? perf_tp_event+0x5ce/0xc00 [ 3208.713339] ? perf_event_switch_output+0x7d0/0x7d0 [ 3208.714011] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3208.714693] ? mark_lock+0xf5/0x2df0 [ 3208.715237] ? vm_area_alloc+0x110/0x110 [ 3208.715804] ? __lock_acquire+0x1657/0x5b00 [ 3208.716442] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3208.717149] ? SOFTIRQ_verbose+0x10/0x10 [ 3208.717696] ? vmacache_find+0x55/0x2a0 [ 3208.718235] __split_vma+0xa8/0x570 [ 3208.718740] __do_munmap+0x365/0x1260 [ 3208.719301] mmap_region+0x776/0x1590 [ 3208.719845] ? get_unmapped_area+0x2f0/0x420 [ 3208.720459] do_mmap+0xcdb/0x11e0 [ 3208.720960] vm_mmap_pgoff+0x198/0x1f0 [ 3208.721508] ? randomize_page+0xb0/0xb0 [ 3208.722091] ksys_mmap_pgoff+0x41c/0x560 [ 3208.722660] ? find_mergeable_anon_vma+0x250/0x250 [ 3208.723375] do_syscall_64+0x33/0x40 [ 3208.723898] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3208.724587] RIP: 0033:0x7f214574ab62 [ 3208.725104] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3208.727587] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3208.728621] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3208.729588] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3208.730553] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3208.731537] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3208.732503] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:25:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x500, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3208.758678] FAT-fs (loop0): bogus logical sector size 515 [ 3208.759502] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3208.768299] FAT-fs (loop5): bogus logical sector size 523 [ 3208.769276] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0xfdef}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3208.814017] FAT-fs (loop0): bogus logical sector size 515 [ 3208.816041] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3208.817466] FAT-fs (loop5): bogus logical sector size 523 [ 3208.818606] FAT-fs (loop5): Can't find a valid FAT filesystem 14:25:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0}]) [ 3208.865123] FAT-fs (loop7): bogus number of reserved sectors [ 3208.867054] FAT-fs (loop7): Can't find a valid FAT filesystem 14:25:49 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 63) 14:25:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x66a20000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3208.952869] FAULT_INJECTION: forcing a failure. [ 3208.952869] name failslab, interval 1, probability 0, space 0, times 0 [ 3208.956576] CPU: 0 PID: 17129 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3208.958515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3208.961233] Call Trace: [ 3208.961962] dump_stack+0x107/0x167 [ 3208.963023] should_fail.cold+0x5/0xa [ 3208.964089] ? anon_vma_clone+0xdc/0x590 [ 3208.965225] should_failslab+0x5/0x20 [ 3208.966216] kmem_cache_alloc+0x5b/0x310 [ 3208.967109] anon_vma_clone+0xdc/0x590 [ 3208.967691] __split_vma+0x17c/0x570 [ 3208.968228] __do_munmap+0x365/0x1260 [ 3208.968801] mmap_region+0x776/0x1590 [ 3208.969361] ? get_unmapped_area+0x2f0/0x420 [ 3208.969988] do_mmap+0xcdb/0x11e0 [ 3208.970504] vm_mmap_pgoff+0x198/0x1f0 [ 3208.971093] ? randomize_page+0xb0/0xb0 [ 3208.971696] ksys_mmap_pgoff+0x41c/0x560 [ 3208.972281] ? find_mergeable_anon_vma+0x250/0x250 [ 3208.973000] do_syscall_64+0x33/0x40 [ 3208.973524] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3208.974246] RIP: 0033:0x7f214574ab62 [ 3208.974780] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3208.977356] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3208.978422] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3208.979455] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3208.980456] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3208.981458] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3208.982462] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:26:03 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x80000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:03 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 64) 14:26:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x81020000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:03 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740d020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:26:03 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x503, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:03 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617404020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:26:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x0, r1, 0x0}]) 14:26:03 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 69) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3223.351488] FAT-fs (loop7): bogus number of reserved sectors [ 3223.352379] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3223.373047] FAULT_INJECTION: forcing a failure. [ 3223.373047] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.374589] CPU: 1 PID: 17166 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3223.375507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.375645] FAULT_INJECTION: forcing a failure. [ 3223.375645] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.376543] Call Trace: [ 3223.378422] dump_stack+0x107/0x167 [ 3223.378894] should_fail.cold+0x5/0xa [ 3223.379396] ? create_object.isra.0+0x3a/0xa20 [ 3223.379995] should_failslab+0x5/0x20 [ 3223.380475] kmem_cache_alloc+0x5b/0x310 [ 3223.381005] create_object.isra.0+0x3a/0xa20 [ 3223.381555] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3223.382212] kmem_cache_alloc+0x159/0x310 [ 3223.382741] anon_vma_clone+0xdc/0x590 [ 3223.383259] __split_vma+0x17c/0x570 [ 3223.383760] __do_munmap+0x365/0x1260 [ 3223.384265] mmap_region+0x776/0x1590 [ 3223.384752] ? get_unmapped_area+0x2f0/0x420 [ 3223.385324] do_mmap+0xcdb/0x11e0 [ 3223.385771] vm_mmap_pgoff+0x198/0x1f0 [ 3223.386280] ? randomize_page+0xb0/0xb0 [ 3223.386797] ksys_mmap_pgoff+0x41c/0x560 [ 3223.387324] ? find_mergeable_anon_vma+0x250/0x250 [ 3223.387989] do_syscall_64+0x33/0x40 [ 3223.388460] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3223.389115] RIP: 0033:0x7f214574ab62 [ 3223.389584] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3223.391937] RSP: 002b:00007f2142c9f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3223.392906] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3223.393808] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3223.394727] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3223.395776] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3223.396682] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3223.397612] CPU: 0 PID: 17155 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3223.398556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.399696] Call Trace: [ 3223.400056] dump_stack+0x107/0x167 [ 3223.400575] should_fail.cold+0x5/0xa [ 3223.401102] ? create_object.isra.0+0x3a/0xa20 [ 3223.401742] ? create_object.isra.0+0x3a/0xa20 [ 3223.402386] should_failslab+0x5/0x20 [ 3223.402914] kmem_cache_alloc+0x5b/0x310 [ 3223.403507] create_object.isra.0+0x3a/0xa20 [ 3223.404115] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3223.404837] kmem_cache_alloc_trace+0x151/0x320 [ 3223.405485] ext4_getfsmap_datadev+0x6d7/0x25d0 [ 3223.406152] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.406897] ? do_swap+0x134/0x210 [ 3223.407374] ? sort_r+0x239/0x360 [ 3223.407861] ? ext4_file_open+0xa50/0xa50 [ 3223.408435] ext4_getfsmap+0x695/0x990 [ 3223.408947] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.409688] ? ext4_fsmap_to_internal+0x260/0x260 [ 3223.410318] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3223.411014] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.411737] ext4_ioc_getfsmap+0x2b0/0x620 [ 3223.412285] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3223.412878] ? find_held_lock+0x2c/0x110 [ 3223.413410] ? avc_has_extended_perms+0x675/0xf40 [ 3223.414073] ? lock_downgrade+0x6d0/0x6d0 [ 3223.414613] __ext4_ioctl+0x8ad/0x4190 [ 3223.415128] ? ext4_reset_inode_seed+0x450/0x450 [ 3223.415758] ? perf_trace_lock+0xac/0x490 [ 3223.416312] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3223.417056] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3223.417722] ? do_vfs_ioctl+0x283/0x10d0 [ 3223.418248] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3223.418927] ? generic_block_fiemap+0x60/0x60 [ 3223.419525] ? lock_downgrade+0x6d0/0x6d0 [ 3223.420067] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3223.420698] ? wait_for_completion_io+0x270/0x270 [ 3223.421329] ? selinux_file_ioctl+0xb6/0x270 [ 3223.421903] ? __ext4_ioctl+0x4190/0x4190 [ 3223.422440] __x64_sys_ioctl+0x19a/0x210 [ 3223.422971] do_syscall_64+0x33/0x40 [ 3223.423469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3223.424132] RIP: 0033:0x7f4e27e8db19 [ 3223.424617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3223.426979] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3223.427981] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3223.428907] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3223.429830] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3223.430747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3223.431683] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:26:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xf4ffffff, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0x0, r1, 0x0}]) [ 3223.451336] FAT-fs (loop0): bogus logical sector size 516 [ 3223.452118] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3223.521504] FAT-fs (loop5): bogus logical sector size 525 [ 3223.522309] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:03 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x140002}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3223.567641] FAT-fs (loop0): bogus logical sector size 516 [ 3223.568459] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3223.593679] FAT-fs (loop5): bogus logical sector size 525 [ 3223.594454] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:03 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 65) 14:26:03 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617405020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) [ 3223.689275] FAT-fs (loop7): bogus number of reserved sectors [ 3223.690109] FAT-fs (loop7): Can't find a valid FAT filesystem 14:26:03 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661740f020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3223.726278] FAULT_INJECTION: forcing a failure. [ 3223.726278] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.727962] CPU: 0 PID: 17191 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3223.728874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.729964] Call Trace: [ 3223.730320] dump_stack+0x107/0x167 [ 3223.730807] should_fail.cold+0x5/0xa [ 3223.731315] ? vm_area_dup+0x78/0x290 [ 3223.731851] should_failslab+0x5/0x20 [ 3223.732354] kmem_cache_alloc+0x5b/0x310 [ 3223.732902] vm_area_dup+0x78/0x290 [ 3223.733392] ? find_held_lock+0x2c/0x110 [ 3223.733938] ? __vma_adjust+0x612/0x25b0 [ 3223.734475] ? lock_downgrade+0x6d0/0x6d0 [ 3223.735021] ? find_held_lock+0x2c/0x110 [ 3223.739611] ? up_write+0x191/0x550 [ 3223.740102] ? downgrade_write+0x3a0/0x3a0 [ 3223.740659] ? anon_vma_interval_tree_remove+0x6b8/0xf30 [ 3223.741371] ? vm_area_alloc+0x110/0x110 [ 3223.741915] ? __vma_adjust+0xc11/0x25b0 [ 3223.742475] ? vmacache_find+0x55/0x2a0 [ 3223.743004] __split_vma+0xa8/0x570 [ 3223.743530] __do_munmap+0xf40/0x1260 [ 3223.744054] mmap_region+0x776/0x1590 [ 3223.744569] ? get_unmapped_area+0x2f0/0x420 [ 3223.745153] do_mmap+0xcdb/0x11e0 [ 3223.745628] vm_mmap_pgoff+0x198/0x1f0 [ 3223.746148] ? randomize_page+0xb0/0xb0 [ 3223.746695] ksys_mmap_pgoff+0x41c/0x560 [ 3223.747234] ? find_mergeable_anon_vma+0x250/0x250 [ 3223.747924] do_syscall_64+0x33/0x40 [ 3223.748417] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3223.749093] RIP: 0033:0x7f214574ab62 [ 3223.749584] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3223.752012] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3223.753013] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3223.753949] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3223.754888] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3223.755852] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3223.756794] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:26:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x506, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 14:26:04 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 70) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:26:04 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x1000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3223.887549] FAT-fs (loop0): bogus logical sector size 517 [ 3223.888393] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3223.908675] FAT-fs (loop5): bogus logical sector size 527 [ 3223.909468] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xf5ffffff, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3223.935172] FAULT_INJECTION: forcing a failure. [ 3223.935172] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.936726] CPU: 1 PID: 17209 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3223.937613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.938660] Call Trace: [ 3223.939012] dump_stack+0x107/0x167 [ 3223.939508] should_fail.cold+0x5/0xa [ 3223.939991] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 3223.940598] should_failslab+0x5/0x20 [ 3223.941078] kmem_cache_alloc_trace+0x55/0x320 [ 3223.941648] ? ext4_bg_num_gdb+0x172/0x250 [ 3223.942180] ext4_getfsmap_datadev+0x86d/0x25d0 [ 3223.942775] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.943471] ? do_swap+0x134/0x210 [ 3223.943943] ? sort_r+0x239/0x360 [ 3223.944378] ? ext4_file_open+0xa50/0xa50 [ 3223.944900] ext4_getfsmap+0x695/0x990 [ 3223.945395] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.946063] ? ext4_fsmap_to_internal+0x260/0x260 [ 3223.946666] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3223.947334] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3223.948059] ext4_ioc_getfsmap+0x2b0/0x620 [ 3223.948593] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3223.949164] ? find_held_lock+0x2c/0x110 [ 3223.949677] ? avc_has_extended_perms+0x675/0xf40 [ 3223.950312] ? lock_downgrade+0x6d0/0x6d0 [ 3223.950835] __ext4_ioctl+0x8ad/0x4190 [ 3223.951338] ? ext4_reset_inode_seed+0x450/0x450 [ 3223.951974] ? perf_trace_lock+0xac/0x490 [ 3223.952492] ? SOFTIRQ_verbose+0x10/0x10 [ 3223.953014] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3223.953732] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3223.954383] ? do_vfs_ioctl+0x283/0x10d0 [ 3223.954887] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3223.955579] ? generic_block_fiemap+0x60/0x60 [ 3223.956141] ? lock_downgrade+0x6d0/0x6d0 [ 3223.956661] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3223.957268] ? wait_for_completion_io+0x270/0x270 [ 3223.957878] ? selinux_file_ioctl+0xb6/0x270 [ 3223.958429] ? __ext4_ioctl+0x4190/0x4190 [ 3223.958947] __x64_sys_ioctl+0x19a/0x210 [ 3223.959495] do_syscall_64+0x33/0x40 [ 3223.959966] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3223.960587] RIP: 0033:0x7f4e27e8db19 [ 3223.961041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3223.963267] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3223.964249] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3223.965143] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3223.966036] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3223.966923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3223.967849] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3223.976196] FAT-fs (loop7): bogus number of reserved sectors [ 3223.976966] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3223.978895] FAT-fs (loop0): bogus logical sector size 517 [ 3223.979714] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3223.997648] FAT-fs (loop5): bogus logical sector size 527 [ 3223.998522] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:04 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x2000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x0, r1, 0x0}]) 14:26:04 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 71) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:26:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x509, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3224.186564] FAULT_INJECTION: forcing a failure. [ 3224.186564] name failslab, interval 1, probability 0, space 0, times 0 [ 3224.188178] CPU: 1 PID: 17226 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3224.189089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3224.190181] Call Trace: [ 3224.190540] dump_stack+0x107/0x167 [ 3224.191027] should_fail.cold+0x5/0xa [ 3224.191558] ? ext4_getfsmap_datadev+0x86d/0x25d0 [ 3224.192207] should_failslab+0x5/0x20 [ 3224.192715] kmem_cache_alloc_trace+0x55/0x320 [ 3224.193325] ? ext4_bg_num_gdb+0x172/0x250 [ 3224.193889] ext4_getfsmap_datadev+0x86d/0x25d0 [ 3224.194524] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3224.195236] ? do_swap+0x134/0x210 [ 3224.195734] ? sort_r+0x239/0x360 [ 3224.196194] ? ext4_file_open+0xa50/0xa50 [ 3224.196753] ext4_getfsmap+0x695/0x990 [ 3224.197271] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3224.197984] ? ext4_fsmap_to_internal+0x260/0x260 [ 3224.198628] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3224.199347] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3224.200104] ext4_ioc_getfsmap+0x2b0/0x620 [ 3224.200666] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3224.201273] ? find_held_lock+0x2c/0x110 [ 3224.201827] ? avc_has_extended_perms+0x675/0xf40 [ 3224.202508] ? lock_downgrade+0x6d0/0x6d0 [ 3224.203072] __ext4_ioctl+0x8ad/0x4190 [ 3224.203623] ? ext4_reset_inode_seed+0x450/0x450 [ 3224.204249] ? perf_trace_lock+0xac/0x490 [ 3224.204825] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3224.205586] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3224.206273] ? do_vfs_ioctl+0x283/0x10d0 [ 3224.206812] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3224.207525] ? generic_block_fiemap+0x60/0x60 [ 3224.208124] ? lock_downgrade+0x6d0/0x6d0 [ 3224.208677] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3224.209327] ? wait_for_completion_io+0x270/0x270 [ 3224.209978] ? selinux_file_ioctl+0xb6/0x270 [ 3224.210567] ? __ext4_ioctl+0x4190/0x4190 [ 3224.211120] __x64_sys_ioctl+0x19a/0x210 [ 3224.211684] do_syscall_64+0x33/0x40 [ 3224.212179] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3224.212858] RIP: 0033:0x7f4e27e8db19 [ 3224.213354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3224.215793] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3224.216801] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3224.217743] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3224.218686] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3224.219646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3224.220588] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:26:19 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617406020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:26:19 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617411020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:26:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x50a, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:19 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 72) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:26:19 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x2001400}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0x0, r1, 0x0}]) 14:26:19 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfbffffff, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:19 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 66) [ 3239.211070] FAULT_INJECTION: forcing a failure. [ 3239.211070] name failslab, interval 1, probability 0, space 0, times 0 [ 3239.228625] FAULT_INJECTION: forcing a failure. [ 3239.228625] name failslab, interval 1, probability 0, space 0, times 0 [ 3239.229876] CPU: 0 PID: 17243 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3239.229887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3239.229893] Call Trace: [ 3239.229914] dump_stack+0x107/0x167 [ 3239.229934] should_fail.cold+0x5/0xa [ 3239.229954] ? create_object.isra.0+0x3a/0xa20 [ 3239.229978] should_failslab+0x5/0x20 [ 3239.241903] kmem_cache_alloc+0x5b/0x310 [ 3239.243178] create_object.isra.0+0x3a/0xa20 [ 3239.244562] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3239.246144] kmem_cache_alloc+0x159/0x310 [ 3239.247446] vm_area_dup+0x78/0x290 [ 3239.248593] ? find_held_lock+0x2c/0x110 [ 3239.249864] ? __vma_adjust+0x612/0x25b0 [ 3239.251124] ? lock_downgrade+0x6d0/0x6d0 [ 3239.252408] ? find_held_lock+0x2c/0x110 [ 3239.253690] ? up_write+0x191/0x550 [ 3239.254821] ? downgrade_write+0x3a0/0x3a0 [ 3239.256147] ? anon_vma_interval_tree_remove+0x6b8/0xf30 [ 3239.257823] ? vm_area_alloc+0x110/0x110 [ 3239.259093] ? __vma_adjust+0xc11/0x25b0 [ 3239.260399] ? vmacache_find+0x55/0x2a0 [ 3239.261635] __split_vma+0xa8/0x570 [ 3239.262773] __do_munmap+0xf40/0x1260 [ 3239.263993] mmap_region+0x776/0x1590 [ 3239.265209] ? get_unmapped_area+0x2f0/0x420 [ 3239.266579] do_mmap+0xcdb/0x11e0 [ 3239.267688] vm_mmap_pgoff+0x198/0x1f0 [ 3239.268984] ? randomize_page+0xb0/0xb0 [ 3239.270295] ksys_mmap_pgoff+0x41c/0x560 [ 3239.271571] ? find_mergeable_anon_vma+0x250/0x250 [ 3239.273146] do_syscall_64+0x33/0x40 [ 3239.274309] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3239.275898] RIP: 0033:0x7f214574ab62 [ 3239.277063] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3239.282781] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3239.285152] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3239.287375] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3239.289596] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3239.291818] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3239.294052] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3239.296342] CPU: 1 PID: 17253 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3239.297344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3239.298512] Call Trace: [ 3239.298893] dump_stack+0x107/0x167 [ 3239.299411] should_fail.cold+0x5/0xa [ 3239.299961] ? ext4_getfsmap_datadev+0xabb/0x25d0 [ 3239.300647] should_failslab+0x5/0x20 [ 3239.301190] kmem_cache_alloc_trace+0x55/0x320 [ 3239.301834] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3239.302555] ext4_getfsmap_datadev+0xabb/0x25d0 [ 3239.303984] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3239.304767] ? do_swap+0x134/0x210 [ 3239.305806] ? sort_r+0x239/0x360 [ 3239.306843] ? ext4_file_open+0xa50/0xa50 [ 3239.308057] ext4_getfsmap+0x695/0x990 [ 3239.309186] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3239.310752] ? ext4_fsmap_to_internal+0x260/0x260 [ 3239.312167] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3239.313701] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3239.315309] ext4_ioc_getfsmap+0x2b0/0x620 [ 3239.316546] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3239.317896] ? find_held_lock+0x2c/0x110 [ 3239.319110] ? avc_has_extended_perms+0x675/0xf40 [ 3239.320576] ? lock_downgrade+0x6d0/0x6d0 [ 3239.321782] __ext4_ioctl+0x8ad/0x4190 [ 3239.322922] ? ext4_reset_inode_seed+0x450/0x450 [ 3239.324301] ? perf_trace_lock+0xac/0x490 [ 3239.325496] ? SOFTIRQ_verbose+0x10/0x10 [ 3239.326684] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3239.328358] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3239.329872] ? do_vfs_ioctl+0x283/0x10d0 [ 3239.331038] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3239.332573] ? generic_block_fiemap+0x60/0x60 [ 3239.333872] ? lock_downgrade+0x6d0/0x6d0 [ 3239.335076] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3239.336484] ? wait_for_completion_io+0x270/0x270 [ 3239.337885] ? selinux_file_ioctl+0xb6/0x270 [ 3239.339154] ? __ext4_ioctl+0x4190/0x4190 [ 3239.340370] __x64_sys_ioctl+0x19a/0x210 [ 3239.341552] do_syscall_64+0x33/0x40 [ 3239.342631] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3239.344132] RIP: 0033:0x7f4e27e8db19 [ 3239.345207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3239.350581] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3239.352829] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3239.354929] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3239.357050] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3239.359176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3239.361279] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:26:19 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 67) [ 3239.401297] FAT-fs (loop0): bogus logical sector size 518 [ 3239.402148] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3239.407571] FAT-fs (loop7): bogus number of reserved sectors [ 3239.408488] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3239.426244] FAT-fs (loop5): bogus logical sector size 529 [ 3239.428124] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3239.445074] FAULT_INJECTION: forcing a failure. [ 3239.445074] name failslab, interval 1, probability 0, space 0, times 0 [ 3239.446880] CPU: 1 PID: 17272 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3239.447897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3239.449107] Call Trace: [ 3239.449506] dump_stack+0x107/0x167 [ 3239.450056] should_fail.cold+0x5/0xa [ 3239.450620] ? anon_vma_clone+0xdc/0x590 [ 3239.451230] should_failslab+0x5/0x20 [ 3239.451790] kmem_cache_alloc+0x5b/0x310 [ 3239.452402] anon_vma_clone+0xdc/0x590 [ 3239.453006] __split_vma+0x17c/0x570 [ 3239.453565] __do_munmap+0xf40/0x1260 [ 3239.454148] mmap_region+0x776/0x1590 [ 3239.454725] ? get_unmapped_area+0x2f0/0x420 [ 3239.455388] do_mmap+0xcdb/0x11e0 [ 3239.455922] vm_mmap_pgoff+0x198/0x1f0 [ 3239.456499] ? randomize_page+0xb0/0xb0 [ 3239.457117] ksys_mmap_pgoff+0x41c/0x560 [ 3239.457720] ? find_mergeable_anon_vma+0x250/0x250 [ 3239.458472] do_syscall_64+0x33/0x40 [ 3239.459030] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3239.459783] RIP: 0033:0x7f214574ab62 [ 3239.460329] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3239.463047] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3239.464185] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3239.465251] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3239.466304] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3239.467357] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3239.468409] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:26:19 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x3000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x600, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3239.508204] FAT-fs (loop0): bogus logical sector size 518 [ 3239.509351] FAT-fs (loop0): Can't find a valid FAT filesystem 14:26:19 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 68) [ 3239.617282] FAULT_INJECTION: forcing a failure. [ 3239.617282] name failslab, interval 1, probability 0, space 0, times 0 [ 3239.618781] CPU: 1 PID: 17284 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3239.619656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3239.620725] Call Trace: [ 3239.621069] dump_stack+0x107/0x167 [ 3239.621537] should_fail.cold+0x5/0xa [ 3239.622027] ? create_object.isra.0+0x3a/0xa20 [ 3239.622610] should_failslab+0x5/0x20 [ 3239.623095] kmem_cache_alloc+0x5b/0x310 [ 3239.623619] create_object.isra.0+0x3a/0xa20 [ 3239.624194] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3239.624842] kmem_cache_alloc+0x159/0x310 [ 3239.625380] anon_vma_clone+0xdc/0x590 [ 3239.625890] __split_vma+0x17c/0x570 [ 3239.626370] __do_munmap+0xf40/0x1260 [ 3239.626873] mmap_region+0x776/0x1590 [ 3239.627369] ? get_unmapped_area+0x2f0/0x420 [ 3239.627932] do_mmap+0xcdb/0x11e0 [ 3239.628404] vm_mmap_pgoff+0x198/0x1f0 [ 3239.628906] ? randomize_page+0xb0/0xb0 [ 3239.629432] ksys_mmap_pgoff+0x41c/0x560 [ 3239.629952] ? find_mergeable_anon_vma+0x250/0x250 [ 3239.630592] do_syscall_64+0x33/0x40 [ 3239.631066] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3239.631713] RIP: 0033:0x7f214574ab62 [ 3239.632203] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3239.634517] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3239.635487] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3239.636405] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3239.637334] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3239.638546] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3239.639619] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3239.647169] FAT-fs (loop7): bogus number of reserved sectors [ 3239.648970] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3254.311810] FAULT_INJECTION: forcing a failure. [ 3254.311810] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.315031] CPU: 0 PID: 17293 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3254.316885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3254.319011] Call Trace: [ 3254.319679] dump_stack+0x107/0x167 [ 3254.320666] should_fail.cold+0x5/0xa [ 3254.321673] ? vm_area_alloc+0x1c/0x110 [ 3254.322672] should_failslab+0x5/0x20 [ 3254.323625] kmem_cache_alloc+0x5b/0x310 [ 3254.328647] vm_area_alloc+0x1c/0x110 [ 3254.329154] mmap_region+0x819/0x1590 [ 3254.329675] ? get_unmapped_area+0x2f0/0x420 [ 3254.330261] do_mmap+0xcdb/0x11e0 [ 3254.330735] vm_mmap_pgoff+0x198/0x1f0 [ 3254.331258] ? randomize_page+0xb0/0xb0 [ 3254.331809] ksys_mmap_pgoff+0x41c/0x560 [ 3254.332351] ? find_mergeable_anon_vma+0x250/0x250 [ 3254.333043] do_syscall_64+0x33/0x40 [ 3254.333535] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3254.334211] RIP: 0033:0x7f214574ab62 [ 3254.334710] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3254.337173] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3254.338201] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3254.339157] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 14:26:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 69) 14:26:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0xfe, 0x0, r1, 0x0}]) 14:26:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x700, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:34 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617416020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:26:34 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617407020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:26:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xfeffffff, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x4000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:34 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 73) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3254.340123] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3254.341097] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3254.342057] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3254.352319] FAULT_INJECTION: forcing a failure. [ 3254.352319] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.355047] CPU: 1 PID: 17307 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3254.355914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3254.356962] Call Trace: [ 3254.357300] dump_stack+0x107/0x167 [ 3254.357761] should_fail.cold+0x5/0xa [ 3254.358244] ? create_object.isra.0+0x3a/0xa20 [ 3254.358822] should_failslab+0x5/0x20 [ 3254.359300] kmem_cache_alloc+0x5b/0x310 [ 3254.359815] create_object.isra.0+0x3a/0xa20 [ 3254.360365] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3254.361065] kmem_cache_alloc_trace+0x151/0x320 [ 3254.361658] ext4_getfsmap_datadev+0xabb/0x25d0 [ 3254.362259] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.362931] ? do_swap+0x134/0x210 [ 3254.363380] ? sort_r+0x239/0x360 [ 3254.363818] ? ext4_file_open+0xa50/0xa50 [ 3254.364342] ext4_getfsmap+0x695/0x990 [ 3254.365307] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.366905] ? ext4_fsmap_to_internal+0x260/0x260 [ 3254.368358] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3254.369901] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.371470] ext4_ioc_getfsmap+0x2b0/0x620 [ 3254.372710] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3254.374063] ? find_held_lock+0x2c/0x110 [ 3254.375255] ? avc_has_extended_perms+0x675/0xf40 [ 3254.376704] ? lock_downgrade+0x6d0/0x6d0 [ 3254.377914] __ext4_ioctl+0x8ad/0x4190 [ 3254.379050] ? ext4_reset_inode_seed+0x450/0x450 [ 3254.380439] ? perf_trace_lock+0xac/0x490 [ 3254.381690] ? SOFTIRQ_verbose+0x10/0x10 [ 3254.382928] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3254.384660] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3254.386156] ? do_vfs_ioctl+0x283/0x10d0 [ 3254.387331] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3254.388863] ? generic_block_fiemap+0x60/0x60 [ 3254.390162] ? lock_downgrade+0x6d0/0x6d0 [ 3254.391365] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3254.392778] ? wait_for_completion_io+0x270/0x270 [ 3254.394184] ? selinux_file_ioctl+0xb6/0x270 [ 3254.395460] ? __ext4_ioctl+0x4190/0x4190 [ 3254.396673] __x64_sys_ioctl+0x19a/0x210 [ 3254.397851] do_syscall_64+0x33/0x40 [ 3254.398930] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3254.400408] RIP: 0033:0x7f4e27e8db19 [ 3254.401320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3254.406227] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3254.408171] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3254.410218] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3254.412042] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3254.414110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3254.415939] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:26:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 70) [ 3254.442494] FAT-fs (loop5): bogus logical sector size 534 [ 3254.443667] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3254.459878] FAT-fs (loop7): bogus number of reserved sectors [ 3254.461838] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3254.464638] FAT-fs (loop0): bogus logical sector size 519 [ 3254.466433] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3254.491533] FAULT_INJECTION: forcing a failure. [ 3254.491533] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.494827] CPU: 1 PID: 17325 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3254.496567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3254.497636] Call Trace: [ 3254.498002] dump_stack+0x107/0x167 [ 3254.498495] should_fail.cold+0x5/0xa [ 3254.498992] ? create_object.isra.0+0x3a/0xa20 [ 3254.499586] should_failslab+0x5/0x20 [ 3254.500078] kmem_cache_alloc+0x5b/0x310 [ 3254.500640] create_object.isra.0+0x3a/0xa20 [ 3254.501203] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3254.501871] kmem_cache_alloc+0x159/0x310 [ 3254.502434] vm_area_alloc+0x1c/0x110 [ 3254.502929] mmap_region+0x819/0x1590 [ 3254.503455] ? get_unmapped_area+0x2f0/0x420 [ 3254.504040] do_mmap+0xcdb/0x11e0 [ 3254.504526] vm_mmap_pgoff+0x198/0x1f0 [ 3254.505067] ? randomize_page+0xb0/0xb0 [ 3254.505628] ksys_mmap_pgoff+0x41c/0x560 [ 3254.506867] ? find_mergeable_anon_vma+0x250/0x250 [ 3254.508363] do_syscall_64+0x33/0x40 [ 3254.509506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3254.511013] RIP: 0033:0x7f214574ab62 [ 3254.512106] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3254.517631] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3254.519948] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3254.522136] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 00000000200a0000 [ 3254.524363] RBP: 00000000200a0000 R08: 0000000000000005 R09: 0000000000000000 [ 3254.526478] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3254.528597] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:26:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x300, 0x0, r1, 0x0}]) 14:26:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x5000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x900, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3254.621237] FAT-fs (loop0): bogus logical sector size 519 [ 3254.622884] FAT-fs (loop0): Can't find a valid FAT filesystem 14:26:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xff010000, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3254.645507] FAT-fs (loop7): bogus number of reserved sectors [ 3254.647563] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3254.655045] FAT-fs (loop5): bogus logical sector size 534 [ 3254.656801] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:34 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 71) 14:26:34 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 74) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) [ 3254.707184] FAULT_INJECTION: forcing a failure. [ 3254.707184] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.710686] CPU: 1 PID: 17339 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3254.712771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3254.715310] Call Trace: [ 3254.716103] dump_stack+0x107/0x167 [ 3254.717178] should_fail.cold+0x5/0xa [ 3254.718295] ? vm_area_alloc+0x1c/0x110 [ 3254.719497] should_failslab+0x5/0x20 [ 3254.720659] kmem_cache_alloc+0x5b/0x310 [ 3254.721897] vm_area_alloc+0x1c/0x110 [ 3254.723052] mmap_region+0x819/0x1590 [ 3254.724223] ? get_unmapped_area+0x2f0/0x420 [ 3254.725564] do_mmap+0xcdb/0x11e0 [ 3254.726620] vm_mmap_pgoff+0x198/0x1f0 [ 3254.727790] ? randomize_page+0xb0/0xb0 [ 3254.729011] ksys_mmap_pgoff+0x41c/0x560 [ 3254.730225] ? find_mergeable_anon_vma+0x250/0x250 [ 3254.731724] do_syscall_64+0x33/0x40 [ 3254.732825] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3254.734320] RIP: 0033:0x7f214574ab62 [ 3254.735425] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3254.740962] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3254.743179] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3254.745269] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffc000 [ 3254.747349] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000010000000 [ 3254.749441] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3254.751596] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 14:26:34 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x6000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3254.808590] FAT-fs (loop5): bogus logical sector size 536 [ 3254.810406] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3254.830855] FAT-fs (loop5): bogus logical sector size 536 [ 3254.832587] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:35 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617408020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:26:35 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617418020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) [ 3254.885713] FAT-fs (loop0): bogus logical sector size 520 [ 3254.887498] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3254.893665] FAULT_INJECTION: forcing a failure. [ 3254.893665] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.896702] CPU: 0 PID: 17351 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3254.897765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3254.899023] Call Trace: [ 3254.899446] dump_stack+0x107/0x167 [ 3254.900011] should_fail.cold+0x5/0xa [ 3254.900615] ? ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3254.901360] should_failslab+0x5/0x20 [ 3254.901947] kmem_cache_alloc_trace+0x55/0x320 [ 3254.902649] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3254.903429] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3254.904159] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.904995] ? do_swap+0x134/0x210 [ 3254.905545] ? sort_r+0x239/0x360 [ 3254.906078] ? ext4_file_open+0xa50/0xa50 [ 3254.906725] ext4_getfsmap+0x695/0x990 [ 3254.907321] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.908136] ? ext4_fsmap_to_internal+0x260/0x260 [ 3254.908881] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3254.909694] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3254.910449] ext4_ioc_getfsmap+0x2b0/0x620 [ 3254.911003] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3254.911604] ? find_held_lock+0x2c/0x110 [ 3254.912146] ? avc_has_extended_perms+0x675/0xf40 [ 3254.912822] ? lock_downgrade+0x6d0/0x6d0 [ 3254.913372] __ext4_ioctl+0x8ad/0x4190 [ 3254.913891] ? ext4_reset_inode_seed+0x450/0x450 [ 3254.914512] ? perf_trace_lock+0xac/0x490 [ 3254.915055] ? SOFTIRQ_verbose+0x10/0x10 [ 3254.915608] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3254.916363] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3254.917049] ? do_vfs_ioctl+0x283/0x10d0 [ 3254.917582] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3254.918270] ? generic_block_fiemap+0x60/0x60 [ 3254.918864] ? lock_downgrade+0x6d0/0x6d0 [ 3254.919411] ? __mutex_unlock_slowpath+0xe1/0x600 [ 3254.920048] ? wait_for_completion_io+0x270/0x270 [ 3254.920782] ? selinux_file_ioctl+0xb6/0x270 [ 3254.922083] ? __ext4_ioctl+0x4190/0x4190 [ 3254.922722] __x64_sys_ioctl+0x19a/0x210 [ 3254.923934] do_syscall_64+0x33/0x40 [ 3254.924532] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3254.926055] RIP: 0033:0x7f4e27e8db19 [ 3254.926649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3254.932198] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3254.934515] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3254.936699] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3254.938862] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3254.940987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3254.943168] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 [ 3254.996864] FAT-fs (loop0): bogus logical sector size 520 [ 3254.998647] FAT-fs (loop0): Can't find a valid FAT filesystem 14:26:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x500, 0x0, r1, 0x0}]) 14:26:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x7000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) 14:26:49 executing program 6: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) creat(&(0x7f0000000300)='./file0\x00', 0x15e) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) (fail_nth: 75) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c00000001000000030015c1e10000030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf6e5c2fd748b7382cb035aee7d07675"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8) unshare(0x48020200) 14:26:49 executing program 0: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617409020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x26b}}, './file0\x00'}) openat(0xffffffffffffffff, 0x0, 0x0, 0x140) 14:26:49 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 72) 14:26:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0xffffff7f, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) 14:26:49 executing program 5: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e6661742e020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x1010000, &(0x7f0000000240)=ANY=[]) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x181200, 0x0) 14:26:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0xa00, &(0x7f0000000800)=[&(0x7f0000000140)={0x500, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000340)="d0", 0x1, 0x8000}]) [ 3269.359240] FAT-fs (loop0): bogus logical sector size 521 [ 3269.360018] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3269.364004] FAT-fs (loop7): bogus number of reserved sectors [ 3269.364752] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3269.389511] FAULT_INJECTION: forcing a failure. [ 3269.389511] name failslab, interval 1, probability 0, space 0, times 0 [ 3269.391256] CPU: 0 PID: 17386 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3269.392233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3269.393413] Call Trace: [ 3269.393798] dump_stack+0x107/0x167 [ 3269.394321] should_fail.cold+0x5/0xa [ 3269.394871] ? create_object.isra.0+0x3a/0xa20 [ 3269.395530] should_failslab+0x5/0x20 [ 3269.396071] kmem_cache_alloc+0x5b/0x310 [ 3269.396664] create_object.isra.0+0x3a/0xa20 [ 3269.397310] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3269.397715] FAULT_INJECTION: forcing a failure. [ 3269.397715] name failslab, interval 1, probability 0, space 0, times 0 [ 3269.398043] kmem_cache_alloc+0x159/0x310 [ 3269.398078] vm_area_alloc+0x1c/0x110 [ 3269.398097] mmap_region+0x819/0x1590 [ 3269.398137] ? get_unmapped_area+0x2f0/0x420 [ 3269.401771] do_mmap+0xcdb/0x11e0 [ 3269.402294] vm_mmap_pgoff+0x198/0x1f0 [ 3269.402864] ? randomize_page+0xb0/0xb0 [ 3269.403464] ksys_mmap_pgoff+0x41c/0x560 [ 3269.404055] ? find_mergeable_anon_vma+0x250/0x250 [ 3269.404775] do_syscall_64+0x33/0x40 [ 3269.405331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3269.406061] RIP: 0033:0x7f214574ab62 [ 3269.406592] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3269.409185] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3269.410197] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3269.411149] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffc000 [ 3269.412093] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000010000000 [ 3269.413039] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3269.414069] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3269.417129] CPU: 1 PID: 17377 Comm: syz-executor.6 Not tainted 5.10.230 #1 [ 3269.418016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3269.419058] Call Trace: [ 3269.419396] dump_stack+0x107/0x167 [ 3269.419858] should_fail.cold+0x5/0xa [ 3269.420341] ? create_object.isra.0+0x3a/0xa20 [ 3269.420920] should_failslab+0x5/0x20 [ 3269.421428] kmem_cache_alloc+0x5b/0x310 [ 3269.421942] create_object.isra.0+0x3a/0xa20 [ 3269.422488] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3269.423125] kmem_cache_alloc_trace+0x151/0x320 [ 3269.423713] ext4_getfsmap_datadev+0xc2b/0x25d0 [ 3269.424308] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3269.424976] ? do_swap+0x134/0x210 [ 3269.425441] ? sort_r+0x239/0x360 [ 3269.425875] ? ext4_file_open+0xa50/0xa50 [ 3269.426398] ext4_getfsmap+0x695/0x990 [ 3269.426887] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3269.427555] ? ext4_fsmap_to_internal+0x260/0x260 [ 3269.428160] ? ext4_ioctl_check_immutable+0x200/0x200 [ 3269.428831] ? ext4_getfsmap_datadev_helper+0x8a0/0x8a0 [ 3269.429534] ext4_ioc_getfsmap+0x2b0/0x620 [ 3269.430062] ? ext4_ioctl_setflags+0xbe0/0xbe0 [ 3269.430634] ? find_held_lock+0x2c/0x110 [ 3269.431148] ? avc_has_extended_perms+0x675/0xf40 [ 3269.431794] __ext4_ioctl+0x8ad/0x4190 [ 3269.432289] ? ext4_reset_inode_seed+0x450/0x450 [ 3269.432882] ? perf_trace_lock+0xac/0x490 [ 3269.433414] ? SOFTIRQ_verbose+0x10/0x10 [ 3269.433937] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410 [ 3269.434659] ? __sanitizer_cov_trace_switch+0x45/0x80 [ 3269.435305] ? do_vfs_ioctl+0x283/0x10d0 [ 3269.435813] ? selinux_bprm_creds_for_exec+0xb60/0xb60 [ 3269.436467] ? generic_block_fiemap+0x60/0x60 [ 3269.437026] ? lock_downgrade+0x6d0/0x6d0 [ 3269.437569] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 3269.438220] ? trace_hardirqs_on+0x1b/0x180 [ 3269.438758] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3269.439434] ? selinux_file_ioctl+0xb6/0x270 [ 3269.439981] ? __ext4_ioctl+0x4190/0x4190 [ 3269.440496] __x64_sys_ioctl+0x19a/0x210 [ 3269.441002] do_syscall_64+0x33/0x40 [ 3269.441484] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3269.442119] RIP: 0033:0x7f4e27e8db19 [ 3269.442581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3269.444847] RSP: 002b:00007f4e25403188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3269.445803] RAX: ffffffffffffffda RBX: 00007f4e27fa0f60 RCX: 00007f4e27e8db19 [ 3269.446685] RDX: 0000000020000080 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 3269.447568] RBP: 00007f4e254031d0 R08: 0000000000000000 R09: 0000000000000000 [ 3269.448450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3269.449348] R13: 00007ffd0a8be17f R14: 00007f4e25403300 R15: 0000000000022000 14:26:49 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 73) 14:26:49 executing program 7: syz_mount_image$nfs(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x8000000}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) [ 3269.480621] FAT-fs (loop0): bogus logical sector size 521 [ 3269.485594] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3269.489595] FAT-fs (loop5): bogus logical sector size 558 [ 3269.490539] FAT-fs (loop5): Can't find a valid FAT filesystem 14:26:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x700, 0x0, r1, 0x0}]) [ 3269.558658] FAULT_INJECTION: forcing a failure. [ 3269.558658] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3269.560368] CPU: 0 PID: 17401 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3269.561342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3269.562438] Call Trace: [ 3269.562796] dump_stack+0x107/0x167 [ 3269.563282] should_fail.cold+0x5/0xa [ 3269.563799] __alloc_pages_nodemask+0x182/0x600 [ 3269.564421] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 3269.565266] ? walk_mem_res+0x170/0x170 [ 3269.565841] alloc_pages_current+0x187/0x280 [ 3269.566459] pte_alloc_one+0x16/0x1a0 [ 3269.566995] __pte_alloc+0x1d/0x330 [ 3269.567509] remap_pfn_range_internal+0x9a3/0xf60 [ 3269.568193] ? lookup_memtype+0x5b/0x200 [ 3269.568789] ? apply_to_existing_page_range+0x40/0x40 [ 3269.569546] remap_pfn_range+0xcd/0x160 [ 3269.570100] ? remap_pfn_range_notrack+0x70/0x70 [ 3269.570752] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 3269.571487] io_uring_mmap+0x398/0x530 [ 3269.572039] mmap_region+0xb5a/0x1590 [ 3269.572606] do_mmap+0xcdb/0x11e0 [ 3269.573118] vm_mmap_pgoff+0x198/0x1f0 [ 3269.573694] ? randomize_page+0xb0/0xb0 [ 3269.574277] ksys_mmap_pgoff+0x41c/0x560 [ 3269.574849] ? find_mergeable_anon_vma+0x250/0x250 [ 3269.575558] do_syscall_64+0x33/0x40 [ 3269.576075] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3269.576780] RIP: 0033:0x7f214574ab62 [ 3269.577317] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3269.579829] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3269.580887] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3269.581891] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffc000 [ 3269.582880] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000010000000 [ 3269.583857] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3269.584841] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3269.602046] FAT-fs (loop5): bogus logical sector size 558 [ 3269.602875] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3269.629895] FAT-fs (loop7): bogus number of reserved sectors [ 3269.630710] FAT-fs (loop7): Can't find a valid FAT filesystem [ 3269.686117] ------------[ cut here ]------------ [ 3269.686788] WARNING: CPU: 1 PID: 17401 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270 [ 3269.693939] Modules linked in: [ 3269.694368] CPU: 1 PID: 17401 Comm: syz-executor.3 Not tainted 5.10.230 #1 [ 3269.695269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3269.696348] RIP: 0010:get_pat_info+0x216/0x270 [ 3269.696953] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 01 88 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 ea 87 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 b5 7d 5a 00 e9 [ 3269.702285] RSP: 0018:ffff88804aecf8b0 EFLAGS: 00010216 [ 3269.703841] RAX: 000000000001edf6 RBX: ffff8880495e9200 RCX: ffffc90006a30000 [ 3269.706212] RDX: 0000000000040000 RSI: ffffffff81123696 RDI: 0000000000000007 [ 3269.708368] RBP: ffff88804aecf968 R08: 0000000000000000 R09: ffff88804aecf838 [ 3269.710542] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028 [ 3269.712687] R13: 1ffff110095d9f16 R14: 0000000000000000 R15: ffff8880495e9250 [ 3269.714832] FS: 00007f2142cc0700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 3269.717286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3269.719020] CR2: 000055556a01cc98 CR3: 0000000049002000 CR4: 0000000000350ee0 [ 3269.721114] DR0: fffffffffffffffe DR1: 0000000000000000 DR2: 0000000000000000 [ 3269.723344] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 3269.725489] Call Trace: [ 3269.726282] ? __warn+0xe2/0x1f0 [ 3269.727293] ? get_pat_info+0x216/0x270 [ 3269.728466] ? report_bug+0x1c1/0x210 [ 3269.729617] ? handle_bug+0x41/0x90 [ 3269.730688] ? exc_invalid_op+0x14/0x50 [ 3269.731875] ? asm_exc_invalid_op+0x12/0x20 [ 3269.733170] ? get_pat_info+0x216/0x270 [ 3269.734358] ? get_pat_info+0x216/0x270 [ 3269.735547] ? pgprot_writethrough+0xc0/0xc0 [ 3269.736828] ? finish_task_switch+0x126/0x5d0 [ 3269.738188] untrack_pfn+0xdc/0x240 [ 3269.739248] ? track_pfn_insert+0x150/0x150 [ 3269.740508] ? lock_downgrade+0x6d0/0x6d0 [ 3269.741762] ? uprobe_munmap+0x95/0x560 [ 3269.742947] unmap_single_vma+0x1bc/0x300 [ 3269.744221] zap_page_range_single+0x2ce/0x450 [ 3269.745569] ? unmap_single_vma+0x300/0x300 [ 3269.746823] ? remap_pfn_range_internal+0xc56/0xf60 [ 3269.748292] ? lookup_memtype+0x5b/0x200 [ 3269.749512] ? apply_to_existing_page_range+0x40/0x40 [ 3269.751046] remap_pfn_range+0x139/0x160 [ 3269.752255] ? remap_pfn_range_notrack+0x70/0x70 [ 3269.753661] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 3269.755214] io_uring_mmap+0x398/0x530 [ 3269.756385] mmap_region+0xb5a/0x1590 [ 3269.757549] do_mmap+0xcdb/0x11e0 [ 3269.758588] vm_mmap_pgoff+0x198/0x1f0 [ 3269.759767] ? randomize_page+0xb0/0xb0 [ 3269.760957] ksys_mmap_pgoff+0x41c/0x560 [ 3269.762166] ? find_mergeable_anon_vma+0x250/0x250 [ 3269.763617] do_syscall_64+0x33/0x40 [ 3269.764725] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 3269.766303] RIP: 0033:0x7f214574ab62 [ 3269.767399] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 3269.772909] RSP: 002b:00007f2142cc00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 3269.775195] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f214574ab62 [ 3269.777412] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffc000 [ 3269.779524] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000010000000 [ 3269.781644] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 3269.783775] R13: 0000000020ffc000 R14: 0000000020000200 R15: 00000000200a0000 [ 3269.785965] irq event stamp: 1441 [ 3269.786991] hardirqs last enabled at (1451): [] console_unlock+0x92d/0xb40 [ 3269.789503] hardirqs last disabled at (1460): [] console_unlock+0x839/0xb40 [ 3269.791995] softirqs last enabled at (822): [] asm_call_irq_on_stack+0x12/0x20 [ 3269.794715] softirqs last disabled at (785): [] asm_call_irq_on_stack+0x12/0x20 [ 3269.797328] ---[ end trace f468e449c187b940 ]--- VM DIAGNOSIS: 14:26:50 Registers: info registers vcpu 0 RAX=21c77c1268e67f00 RBX=1ffff11007ba0e91 RCX=ffffffff8126ebeb RDX=dffffc0000000000 RSI=ffff888018258970 RDI=ffff888018258000 RBP=0000000000000008 RSP=ffff88803dd07450 R8 =0000000000000000 R9 =ffffffff8686a74f R10=fffffbfff0d0d4e9 R11=0000000000000001 R12=ffff888018258000 R13=ffff888018258970 R14=ffff888018258948 R15=dffffc0000000000 RIP=ffffffff8126b2db RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055556e200400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f25a48532e0 CR3=000000003dcfe000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=000000000ddd062a EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff888045d4f790 RCX=000000000000000a RDX=0000000000000000 RSI=0000000000000000 RDI=ffff888045d4f718 RBP=ffff888016df4ec0 RSP=ffff888045d4f6b0 R8 =0000000000000001 R9 =ffff888045d4f708 R10=ffffed1008ba9eec R11=0000000000000001 R12=0000000000000000 R13=ffff888045d4f730 R14=ffff888016df4ec0 R15=ffff888045d4f708 RIP=ffffffff82033814 RFL=00000016 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555587a25400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555593d35c58 CR3=0000000045d98000 CR4=00350ee0 DR0=fffffffffffffffe DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000