program:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$BLKZEROOUT(r0, 0xc0c0128e, &(0x7f0000000240)={0x4000000000002000, 0x2}) (fail_nth: 34)

[   85.992317][ T5325] Bluetooth: hci0: command tx timeout
[   86.069356][ T5349] FAULT_INJECTION: forcing a failure.
[   86.069356][ T5349] name failslab, interval 1, probability 0, space 0, times 1
[   86.074881][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.074897][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.074904][ T5349] Call Trace:
[   86.074910][ T5349]  <TASK>
[   86.074916][ T5349]  dump_stack_lvl+0x189/0x250
[   86.075029][ T5349]  ? __pfx____ratelimit+0x10/0x10
[   86.075072][ T5349]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.075079][ T5349]  ? __pfx__printk+0x10/0x10
[   86.075091][ T5349]  ? __pfx___might_resched+0x10/0x10
[   86.075100][ T5349]  ? fs_reclaim_acquire+0x7d/0x100
[   86.075149][ T5349]  should_fail_ex+0x414/0x560
[   86.075166][ T5349]  should_failslab+0xa8/0x100
[   86.075181][ T5349]  __kmalloc_noprof+0xcb/0x800
[   86.075192][ T5349]  ? tracepoint_add_func+0x35e/0xa10
[   86.075208][ T5349]  ? __pfx_blk_add_trace_rq_merge+0x10/0x10
[   86.075217][ T5349]  tracepoint_add_func+0x35e/0xa10
[   86.075236][ T5349]  ? __pfx_blk_add_trace_rq_merge+0x10/0x10
[   86.075244][ T5349]  tracepoint_probe_register+0x5d/0x90
[   86.075256][ T5349]  ? __pfx_blk_add_trace_rq_merge+0x10/0x10
[   86.075268][ T5349]  get_probe_ref+0xa9/0x470
[   86.075277][ T5349]  blk_trace_ioctl+0x626/0x6e0
[   86.075292][ T5349]  ? __pfx_blk_trace_ioctl+0x10/0x10
[   86.075310][ T5349]  ? kasan_quarantine_put+0xdd/0x220
[   86.075322][ T5349]  ? lockdep_hardirqs_on+0x98/0x140
[   86.075370][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.075388][ T5349]  ? do_vfs_ioctl+0xbe8/0x1430
[   86.075400][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.075414][ T5349]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   86.075445][ T5349]  blkdev_ioctl+0x4a2/0x710
[   86.075456][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.075464][ T5349]  ? __fget_files+0x3a0/0x420
[   86.075478][ T5349]  ? __fget_files+0x2a/0x420
[   86.075494][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[   86.075507][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.075518][ T5349]  __se_sys_ioctl+0xfc/0x170
[   86.075531][ T5349]  do_syscall_64+0xfa/0xf80
[   86.075542][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.075552][ T5349]  ? clear_bhb_loop+0x60/0xb0
[   86.075565][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.075575][ T5349] RIP: 0033:0x7fa21218f7c9
[   86.075586][ T5349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.075594][ T5349] RSP: 002b:00007fa212f4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.075606][ T5349] RAX: ffffffffffffffda RBX: 00007fa2123e5fa0 RCX: 00007fa21218f7c9
[   86.075613][ T5349] RDX: 0000200000000240 RSI: 00000000c0c0128e RDI: 0000000000000003
[   86.075619][ T5349] RBP: 00007fa212f4c090 R08: 0000000000000000 R09: 0000000000000000
[   86.075624][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.075629][ T5349] R13: 00007fa2123e6038 R14: 00007fa2123e5fa0 R15: 00007ffce62034f8
[   86.075647][ T5349]  </TASK>
[   86.075738][ T5349] ------------[ cut here ]------------
[   86.199923][ T5349] WARNING: kernel/trace/blktrace.c:1334 at get_probe_ref+0x393/0x470, CPU#0: syz.0.0/5349
[   86.203855][ T5349] Modules linked in:
[   86.205516][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.209327][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.213534][ T5349] RIP: 0010:get_probe_ref+0x393/0x470
[   86.215811][ T5349] Code: fa 8d 5b e9 6f 30 87 09 e8 da a2 f7 ff 90 0f 0b 90 e9 e8 fc ff ff e8 cc a2 f7 ff 90 0f 0b 90 e9 07 fd ff ff e8 be a2 f7 ff 90 <0f> 0b 90 e9 26 fd ff ff e8 b0 a2 f7 ff 90 0f 0b 90 e9 45 fd ff ff
[   86.223832][ T5349] RSP: 0018:ffffc9000d427a90 EFLAGS: 00010293
[   86.226512][ T5349] RAX: ffffffff81c9b862 RBX: 00000000fffffff4 RCX: ffff88801eeb24c0
[   86.229746][ T5349] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
[   86.233159][ T5349] RBP: ffffc9000d427dd0 R08: ffffc9000d4279c7 R09: 1ffff92001a84f38
[   86.236803][ T5349] R10: dffffc0000000000 R11: fffff52001a84f39 R12: ffffc9000d427c40
[   86.240441][ T5349] R13: ffffc9000d427d40 R14: ffff888034e054b8 R15: 1ffff92001a84f58
[   86.243955][ T5349] FS:  00007fa212f4c6c0(0000) GS:ffff88808d683000(0000) knlGS:0000000000000000
[   86.248262][ T5349] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.251113][ T5349] CR2: 00007fa212f1d9b8 CR3: 0000000042bd1000 CR4: 0000000000352ef0
[   86.254667][ T5349] Call Trace:
[   86.256184][ T5349]  <TASK>
[   86.258026][ T5349]  blk_trace_ioctl+0x626/0x6e0
[   86.260177][ T5349]  ? __pfx_blk_trace_ioctl+0x10/0x10
[   86.262583][ T5349]  ? kasan_quarantine_put+0xdd/0x220
[   86.264894][ T5349]  ? lockdep_hardirqs_on+0x98/0x140
[   86.267282][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.269694][ T5349]  ? do_vfs_ioctl+0xbe8/0x1430
[   86.271828][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.274309][ T5349]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   86.276590][ T5349]  blkdev_ioctl+0x4a2/0x710
[   86.278595][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.280675][ T5349]  ? __fget_files+0x3a0/0x420
[   86.282696][ T5349]  ? __fget_files+0x2a/0x420
[   86.284832][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[   86.287061][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.289182][ T5349]  __se_sys_ioctl+0xfc/0x170
[   86.291151][ T5349]  do_syscall_64+0xfa/0xf80
[   86.293012][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.295648][ T5349]  ? clear_bhb_loop+0x60/0xb0
[   86.297863][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.300395][ T5349] RIP: 0033:0x7fa21218f7c9
[   86.302370][ T5349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.310543][ T5349] RSP: 002b:00007fa212f4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.314214][ T5349] RAX: ffffffffffffffda RBX: 00007fa2123e5fa0 RCX: 00007fa21218f7c9
[   86.317656][ T5349] RDX: 0000200000000240 RSI: 00000000c0c0128e RDI: 0000000000000003
[   86.320974][ T5349] RBP: 00007fa212f4c090 R08: 0000000000000000 R09: 0000000000000000
[   86.324396][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.327854][ T5349] R13: 00007fa2123e6038 R14: 00007fa2123e5fa0 R15: 00007ffce62034f8
[   86.331199][ T5349]  </TASK>
[   86.332548][ T5349] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   86.335554][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.339361][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.343791][ T5349] Call Trace:
[   86.345238][ T5349]  <TASK>
[   86.346541][ T5349]  dump_stack_lvl+0x99/0x250
[   86.348513][ T5349]  ? __asan_memcpy+0x40/0x70
[   86.350404][ T5349]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.352546][ T5349]  ? __pfx__printk+0x10/0x10
[   86.354506][ T5349]  vpanic+0x237/0x6d0
[   86.356246][ T5349]  ? __pfx_vpanic+0x10/0x10
[   86.358238][ T5349]  ? is_bpf_text_address+0x292/0x2b0
[   86.360464][ T5349]  ? is_bpf_text_address+0x26/0x2b0
[   86.362713][ T5349]  panic+0xb9/0xc0
[   86.364306][ T5349]  ? __pfx_panic+0x10/0x10
[   86.366244][ T5349]  __warn+0x317/0x4b0
[   86.367988][ T5349]  ? get_probe_ref+0x393/0x470
[   86.370097][ T5349]  ? get_probe_ref+0x393/0x470
[   86.372121][ T5349]  __report_bug+0x288/0x500
[   86.374094][ T5349]  ? __pfx__printk+0x10/0x10
[   86.376078][ T5349]  ? get_probe_ref+0x393/0x470
[   86.378128][ T5349]  ? __pfx___report_bug+0x10/0x10
[   86.380189][ T5349]  ? tracepoint_probe_register+0x7a/0x90
[   86.382479][ T5349]  ? __mutex_unlock_slowpath+0x1a1/0x730
[   86.384494][ T5349]  ? rcu_is_watching+0x15/0xb0
[   86.386329][ T5349]  ? get_probe_ref+0x393/0x470
[   86.388247][ T5349]  report_bug+0x16a/0x220
[   86.390002][ T5349]  ? get_probe_ref+0x393/0x470
[   86.391854][ T5349]  ? get_probe_ref+0x395/0x470
[   86.393686][ T5349]  handle_bug+0x98/0x200
[   86.395296][ T5349]  exc_invalid_op+0x1a/0x50
[   86.397169][ T5349]  asm_exc_invalid_op+0x1a/0x20
[   86.399246][ T5349] RIP: 0010:get_probe_ref+0x393/0x470
[   86.401362][ T5349] Code: fa 8d 5b e9 6f 30 87 09 e8 da a2 f7 ff 90 0f 0b 90 e9 e8 fc ff ff e8 cc a2 f7 ff 90 0f 0b 90 e9 07 fd ff ff e8 be a2 f7 ff 90 <0f> 0b 90 e9 26 fd ff ff e8 b0 a2 f7 ff 90 0f 0b 90 e9 45 fd ff ff
[   86.409113][ T5349] RSP: 0018:ffffc9000d427a90 EFLAGS: 00010293
[   86.411648][ T5349] RAX: ffffffff81c9b862 RBX: 00000000fffffff4 RCX: ffff88801eeb24c0
[   86.414942][ T5349] RDX: 0000000000000000 RSI: 00000000fffffff4 RDI: 0000000000000000
[   86.418433][ T5349] RBP: ffffc9000d427dd0 R08: ffffc9000d4279c7 R09: 1ffff92001a84f38
[   86.421755][ T5349] R10: dffffc0000000000 R11: fffff52001a84f39 R12: ffffc9000d427c40
[   86.425534][ T5349] R13: ffffc9000d427d40 R14: ffff888034e054b8 R15: 1ffff92001a84f58
[   86.429946][ T5349]  ? get_probe_ref+0x392/0x470
[   86.432455][ T5349]  blk_trace_ioctl+0x626/0x6e0
[   86.435023][ T5349]  ? __pfx_blk_trace_ioctl+0x10/0x10
[   86.437833][ T5349]  ? kasan_quarantine_put+0xdd/0x220
[   86.440707][ T5349]  ? lockdep_hardirqs_on+0x98/0x140
[   86.443132][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.445369][ T5349]  ? do_vfs_ioctl+0xbe8/0x1430
[   86.447434][ T5349]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   86.449860][ T5349]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   86.451999][ T5349]  blkdev_ioctl+0x4a2/0x710
[   86.454053][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.456254][ T5349]  ? __fget_files+0x3a0/0x420
[   86.458258][ T5349]  ? __fget_files+0x2a/0x420
[   86.460222][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[   86.462380][ T5349]  ? __pfx_blkdev_ioctl+0x10/0x10
[   86.464565][ T5349]  __se_sys_ioctl+0xfc/0x170
[   86.467215][ T5349]  do_syscall_64+0xfa/0xf80
[   86.469095][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.471718][ T5349]  ? clear_bhb_loop+0x60/0xb0
[   86.473544][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.475977][ T5349] RIP: 0033:0x7fa21218f7c9
[   86.477877][ T5349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.485882][ T5349] RSP: 002b:00007fa212f4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.489460][ T5349] RAX: ffffffffffffffda RBX: 00007fa2123e5fa0 RCX: 00007fa21218f7c9
[   86.492898][ T5349] RDX: 0000200000000240 RSI: 00000000c0c0128e RDI: 0000000000000003
[   86.495836][ T5349] RBP: 00007fa212f4c090 R08: 0000000000000000 R09: 0000000000000000
[   86.499131][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.502382][ T5349] R13: 00007fa2123e6038 R14: 00007fa2123e5fa0 R15: 00007ffce62034f8
[   86.505422][ T5349]  </TASK>
[   86.507119][ T5349] Kernel Offset: disabled
[   86.508986][ T5349] Rebooting in 86400 seconds..