020002003100000001d7f0016301000000800000200000000080000030000000", 0x20, 0xb1800}, {&(0x7f0000019000)="020002003200000001d7f0016401000000800000200000000080000030000000", 0x20, 0xb2000}, {&(0x7f0000019100)="020002003300000001d7f0016501000000800000200000000080000030000000", 0x20, 0xb2800}, {&(0x7f0000019200)="020002003400000001d7f0016601000000800000200000000080000030000000", 0x20, 0xb3000}, {&(0x7f0000019300)="020002003500000001d7f0016701000000800000200000000080000030000000", 0x20, 0xb3800}, {&(0x7f0000019400)="020002003600000001d7f0016801000000800000200000000080000030000000", 0x20, 0xb4000}, {&(0x7f0000019500)="020002003700000001d7f0016901000000800000200000000080000030000000", 0x20, 0xb4800}, {&(0x7f0000019600)="020002003800000001d7f0016a01000000800000200000000080000030000000", 0x20, 0xb5000}, {&(0x7f0000019700)="020002003900000001d7f0016b01000000800000200000000080000030000000", 0x20, 0xb5800}, {&(0x7f0000019800)="020002003a00000001d7f0016c01000000800000200000000080000030000000", 0x20, 0xb6000}, {&(0x7f0000019900)="020002003b00000001d7f0016d01000000800000200000000080000030000000", 0x20, 0xb6800}, {&(0x7f0000019a00)="020002003c00000001d7f0016e01000000800000200000000080000030000000", 0x20, 0xb7000}, {&(0x7f0000019b00)="020002003d00000001d7f0016f01000000800000200000000080000030000000", 0x20, 0xb7800}, {&(0x7f0000019c00)="020002003e00000001d7f0017001000000800000200000000080000030000000", 0x20, 0xb8000}, {&(0x7f0000019d00)="020002003f00000001d7f0017101000000800000200000000080000030000000", 0x20, 0xb8800}, {&(0x7f0000019e00)="020002004000000001d7f0017201000000800000200000000080000030000000", 0x20, 0xb9000}, {&(0x7f0000019f00)="020002004100000001d7f0017301000000800000200000000080000030000000", 0x20, 0xb9800}, {&(0x7f000001a000)="020002004200000001d7f0017401000000800000200000000080000030000000", 0x20, 0xba000}, {&(0x7f000001a100)="020002004300000001d7f0017501000000800000200000000080000030000000", 0x20, 0xba800}, {&(0x7f000001a200)="020002004400000001d7f0017601000000800000200000000080000030000000", 0x20, 0xbb000}, {&(0x7f000001a300)="020002004500000001d7f0017701000000800000200000000080000030000000", 0x20, 0xbb800}, {&(0x7f000001a400)="020002004600000001d7f0017801000000800000200000000080000030000000", 0x20, 0xbc000}, {&(0x7f000001a500)="020002004700000001d7f0017901000000800000200000000080000030000000", 0x20, 0xbc800}, {&(0x7f000001a600)="020002004800000001d7f0017a01000000800000200000000080000030000000", 0x20, 0xbd000}, {&(0x7f000001a700)="020002004900000001d7f0017b01000000800000200000000080000030000000", 0x20, 0xbd800}, {&(0x7f000001a800)="020002004a00000001d7f0017c01000000800000200000000080000030000000", 0x20, 0xbe000}, {&(0x7f000001a900)="020002004b00000001d7f0017d01000000800000200000000080000030000000", 0x20, 0xbe800}, {&(0x7f000001aa00)="020002004c00000001d7f0017e01000000800000200000000080000030000000", 0x20, 0xbf000}, {&(0x7f000001ab00)="020002004d00000001d7f0017f01000000800000200000000080000030000000", 0x20, 0xbf800}, {&(0x7f000001ac00)="020002004e00000001d7f0018001000000800000200000000080000030000000", 0x20, 0xc0000}, {&(0x7f000001ad00)="020002004f00000001d7f0018101000000800000200000000080000030000000", 0x20, 0xc0800}, {&(0x7f000001ae00)="020002005000000001d7f0018201000000800000200000000080000030000000", 0x20, 0xc1000}, {&(0x7f000001af00)="020002005100000001d7f0018301000000800000200000000080000030000000", 0x20, 0xc1800}, {&(0x7f000001b000)="020002005200000001d7f0018401000000800000200000000080000030000000", 0x20, 0xc2000}, {&(0x7f000001b100)="020002005300000001d7f0018501000000800000200000000080000030000000", 0x20, 0xc2800}, {&(0x7f000001b200)="020002005400000001d7f0018601000000800000200000000080000030000000", 0x20, 0xc3000}, {&(0x7f000001b300)="020002005500000001d7f0018701000000800000200000000080000030000000", 0x20, 0xc3800}, {&(0x7f000001b400)="020002005600000001d7f0018801000000800000200000000080000030000000", 0x20, 0xc4000}, {&(0x7f000001b500)="020002005700000001d7f0018901000000800000200000000080000030000000", 0x20, 0xc4800}, {&(0x7f000001b600)="020002005800000001d7f0018a01000000800000200000000080000030000000", 0x20, 0xc5000}, {&(0x7f000001b700)="020002005900000001d7f0018b01000000800000200000000080000030000000", 0x20, 0xc5800}, {&(0x7f000001b800)="020002005a00000001d7f0018c01000000800000200000000080000030000000", 0x20, 0xc6000}, {&(0x7f000001b900)="020002005b00000001d7f0018d01000000800000200000000080000030000000", 0x20, 0xc6800}, {&(0x7f000001ba00)="020002005c00000001d7f0018e01000000800000200000000080000030000000", 0x20, 0xc7000}, {&(0x7f000001bb00)="020002005d00000001d7f0018f01000000800000200000000080000030000000", 0x20, 0xc7800}, {&(0x7f000001bc00)="020002005e00000001d7f0019001000000800000200000000080000030000000", 0x20, 0xc8000}, {&(0x7f000001bd00)="020002005f00000001d7f0019101000000800000200000000080000030000000", 0x20, 0xc8800}, {&(0x7f000001be00)="020002006000000001d7f0019201000000800000200000000080000030000000", 0x20, 0xc9000}, {&(0x7f000001bf00)="020002006100000001d7f0019301000000800000200000000080000030000000", 0x20, 0xc9800}, {&(0x7f000001c000)="020002006200000001d7f0019401000000800000200000000080000030000000", 0x20, 0xca000}, {&(0x7f000001c100)="020002006300000001d7f0019501000000800000200000000080000030000000", 0x20, 0xca800}, {&(0x7f000001c200)="020002006400000001d7f0019601000000800000200000000080000030000000", 0x20, 0xcb000}, {&(0x7f000001c300)="020002006500000001d7f0019701000000800000200000000080000030000000", 0x20, 0xcb800}, {&(0x7f000001c400)="020002006600000001d7f0019801000000800000200000000080000030000000", 0x20, 0xcc000}, {&(0x7f000001c500)="020002006700000001d7f0019901000000800000200000000080000030000000", 0x20, 0xcc800}, {&(0x7f000001c600)="020002006800000001d7f0019a01000000800000200000000080000030000000", 0x20, 0xcd000}, {&(0x7f000001c700)="020002006900000001d7f0019b01000000800000200000000080000030000000", 0x20, 0xcd800}, {&(0x7f000001c800)="020002006a00000001d7f0019c01000000800000200000000080000030000000", 0x20, 0xce000}, {&(0x7f000001c900)="020002006b00000001d7f0019d01000000800000200000000080000030000000", 0x20, 0xce800}, {&(0x7f000001ca00)="020002006c00000001d7f0019e01000000800000200000000080000030000000", 0x20, 0xcf000}, {&(0x7f000001cb00)="020002006d00000001d7f0019f01000000800000200000000080000030000000", 0x20, 0xcf800}, {&(0x7f000001cc00)="020002006e00000001d7f001a001000000800000200000000080000030000000", 0x20, 0xd0000}, {&(0x7f000001cd00)="020002006f00000001d7f001a101000000800000200000000080000030000000", 0x20, 0xd0800}, {&(0x7f000001ce00)="020002007000000001d7f001a201000000800000200000000080000030000000", 0x20, 0xd1000}, {&(0x7f000001cf00)="020002007100000001d7f001a301000000800000200000000080000030000000", 0x20, 0xd1800}, {&(0x7f000001d000)="020002007200000001d7f001a401000000800000200000000080000030000000", 0x20, 0xd2000}, {&(0x7f000001d100)="020002007300000001d7f001a501000000800000200000000080000030000000", 0x20, 0xd2800}, {&(0x7f000001d200)="020002007400000001d7f001a601000000800000200000000080000030000000", 0x20, 0xd3000}, {&(0x7f000001d300)="020002007500000001d7f001a701000000800000200000000080000030000000", 0x20, 0xd3800}, {&(0x7f000001d400)="020002007600000001d7f001a801000000800000200000000080000030000000", 0x20, 0xd4000}, {&(0x7f000001d500)="020002007700000001d7f001a901000000800000200000000080000030000000", 0x20, 0xd4800}, {&(0x7f000001d600)="020002007800000001d7f001aa01000000800000200000000080000030000000", 0x20, 0xd5000}, {&(0x7f000001d700)="020002007900000001d7f001ab01000000800000200000000080000030000000", 0x20, 0xd5800}, {&(0x7f000001d800)="020002007a00000001d7f001ac01000000800000200000000080000030000000", 0x20, 0xd6000}, {&(0x7f000001d900)="020002007b00000001d7f001ad01000000800000200000000080000030000000", 0x20, 0xd6800}, {&(0x7f000001da00)="020002007c00000001d7f001ae01000000800000200000000080000030000000", 0x20, 0xd7000}, {&(0x7f000001db00)="020002007d00000001d7f001af01000000800000200000000080000030000000", 0x20, 0xd7800}, {&(0x7f000001dc00)="020002007e00000001d7f001b001000000800000200000000080000030000000", 0x20, 0xd8000}, {&(0x7f000001dd00)="020002007f00000001d7f001b101000000800000200000000080000030000000", 0x20, 0xd8800}, {&(0x7f000001de00)="020002008000000001d7f001b201000000800000200000000080000030000000", 0x20, 0xd9000}, {&(0x7f000001df00)="020002008100000001d7f001b301000000800000200000000080000030000000", 0x20, 0xd9800}, {&(0x7f000001e000)="020002008200000001d7f001b401000000800000200000000080000030000000", 0x20, 0xda000}, {&(0x7f000001e100)="020002008300000001d7f001b501000000800000200000000080000030000000", 0x20, 0xda800}, {&(0x7f000001e200)="020002008400000001d7f001b601000000800000200000000080000030000000", 0x20, 0xdb000}], 0x0, &(0x7f000001e300)=ANY=[@ANYBLOB='\f'])
getdents(r0, &(0x7f0000000040)=""/18, 0x12)

22:55:49 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
r4 = syz_open_procfs(0x0, &(0x7f0000000640)='net/bnep\x00')
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000840}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000780), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  171.664406] capability: warning: `syz-executor.7' uses deprecated v2 capabilities in a way that may be insecure
[  172.044714] UDC core: couldn't find an available UDC or it's busy: -19
[  172.045466] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  172.048996] UDC core: couldn't find an available UDC or it's busy: -19
[  172.049841] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
22:56:02 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2}, 0xe)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x200300, 0x0)
setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000000), 0x4)

22:56:02 executing program 4:
sysfs$1(0x1, &(0x7f0000000000)='$$[\x00')
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
syz_emit_ethernet(0x41, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@llc_tr={0x11, {@llc={0xe, 0x2, 'NK', "e9209189ae1985074d3dcc2976ada0783aacd57966ee5fc46d79404dfd5983af37ad08966b6af64c4f524fe9145de7"}}}}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x0, 0x0)
ioctl$CDROMSTOP(r0, 0x5307)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
munlockall()
syz_emit_ethernet(0x115, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @val={@val={0x9100, 0x4, 0x0, 0x4}, {0x8100, 0x1, 0x1, 0x1}}, {@x25={0x805, {0x1, 0xd, 0x9, "292df37064183e49dd3697bd9058f5f8d096c62552bdb6d9c61b2b2ab9392406fe98c646d5d3ebce25a183a8efca70f16f8d8ff185cdbd7045bb2b56dee7263f56fc584e7788ef1c571a85f3f93c236ad72dd208a7428548f07ae95e5af137ae02fd279953e64c70ecdc36e9f72f8242d96d2d5b233cf856277d78c7767f1621048024e6339c677029071aa85557eadb384002465685a561bc88d02c39826acaa969cf12df0f0bcb3680447f27bf8f65c9855bcbfd64a985e951b96c9adb4dcd8b084a3eb24ee2466b09023a7def1a308d9a70ffcdc0b885fac29c1f9aa9c5cd4de0a5864aada105919691b3249175a7b986f98f4266d35d3224cb07"}}}}, &(0x7f0000000180)={0x0, 0x2, [0xb39, 0xd5d, 0x284, 0xd9b]})
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000480))
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000700), r0)

22:56:02 executing program 0:
signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
r0 = syz_open_dev$evdev(&(0x7f0000000980), 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000980), 0x0, 0x0)
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r1=>0x0})
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000040)=""/120)
pselect6(0x40, &(0x7f0000000100)={0x5e}, &(0x7f0000000140)={0x3}, 0x0, &(0x7f0000000200)={r1}, 0x0)
r2 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x7, 0xc0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000180)=ANY=[@ANYBLOB="060009000000000080000000000016000100000000000000", @ANYRES32=r2, @ANYBLOB="000000000400"/28])

22:56:02 executing program 7:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB='\\\x00g!', @ANYRESOCT=r0, @ANYBLOB="010000000000000000000e0000000800028004000280"], 0x1c}}, 0x8000)
fcntl$notify(r0, 0x402, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fspick(r1, &(0x7f00000005c0)='./file0\x00', 0x0)
ioctl$CDROM_GET_CAPABILITY(r1, 0x5331)

22:56:02 executing program 5:
r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x20, 0x1, &(0x7f0000000240)=[{&(0x7f0000000200)="4a6582e265708da2c7e81a39e4b09ce62a454ad380fc673418f7760960c594a2c4db61eb4a7317ac026138220ec38819b3165005f23496", 0x37, 0x6}], 0x4, &(0x7f0000000280)={[{@overriderock}, {@check_strict}, {@overriderock}, {@nocompress}, {@map_off}], [{@fsmagic={'fsmagic', 0x3d, 0x2}}]})
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

22:56:02 executing program 2:
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'ip6_vti0\x00', 0x0, 0x2f, 0xe1, 0x5, 0x8, 0x2, @empty, @loopback, 0x20, 0x700, 0x0, 0x7}})
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000140))
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r3, 0x301, 0x70bd27, 0x25dfdbfb}, 0x14}}, 0xa5c291c0617831ec)
sendmsg$IEEE802154_LIST_IFACE(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, r3, 0x2, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040040}, 0x4)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast1, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r6, 0xee00}, {0x400, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bbe, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@local, 0x3502, 0x0, 0x2, 0xf9, 0xfffffff9, 0xffffffff, 0x7fffffff}}, 0xe8)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'gretap0\x00', &(0x7f0000000180)={'ip_vti0\x00', r6, 0x8, 0x10, 0x0, 0x0, {{0x44, 0x4, 0x3, 0x39, 0x110, 0x64, 0x0, 0x81, 0x2f, 0x0, @remote, @local, {[@timestamp_prespec={0x44, 0x1c, 0xd1, 0x3, 0x2, [{@broadcast}, {@private=0xa010100, 0x6}, {@dev={0xac, 0x14, 0x14, 0x1e}, 0x7}]}, @ssrr={0x89, 0xb, 0xf9, [@multicast1, @local]}, @timestamp_addr={0x44, 0x14, 0xf5, 0x1, 0x6, [{@empty, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @cipso={0x86, 0x66, 0x3, [{0x6, 0x7, "a3bfed3044"}, {0x3, 0x8, "6fc04a64c061"}, {0x6, 0xc, "b80c084bf689e421a621"}, {0x2, 0xf, "8ecd7e2638f84334354a6058a3"}, {0x7, 0xb, "94770832c464c66ed6"}, {0x7, 0x5, "ec93e9"}, {0x0, 0xb, "02e61e9abed463d449"}, {0x7, 0xb, "a90f46eac4accae859"}, {0x0, 0x6, "a6543b73"}, {0x1, 0xa, "80c1d4643ccec7da"}]}, @timestamp={0x44, 0x10, 0x53, 0x0, 0xd, [0x7fff, 0x8, 0x1]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x44, 0x6c, 0x1, 0x4, [{@rand_addr=0x64010101, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@multicast2, 0xffff7fff}, {@remote, 0x3c}, {@loopback, 0x3}, {@multicast2, 0x8}, {@rand_addr=0x64010102, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4c77}]}]}}}}})
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

22:56:02 executing program 3:
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000005, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x5423, &(0x7f0000000000))
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000007c0)=0x3)
ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f00000000c0)={0x1, 0x2, 0xcf, &(0x7f0000000240)=""/207})
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010a00)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000b9010000000001b9252f45000000000000000000000000000000000000000000000000000000000001000001010000010008", 0x82, 0x8800}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6d6f64653d30783030303030303030303030060000002b2c00cd9190"])
r4 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x8, 0x4, &(0x7f0000000640)=[{&(0x7f0000000340)="7afd15adec77f9c834bf53ea9b2dfc73529366a6be113d46d58919bb7f3f17ce43af799aac268092b26834691f87d308003374f7117c633f8f5c697a31953068eb190f2d0cf6411742a625f182ee5fe0f47ffc68f0b4833c578f06c134", 0x5d, 0x7}, {&(0x7f00000003c0)="8facdcfb09f0f85bae78f13ff283fef9b2c637c40ac977aedb192e8876a57b2c06c5ab6045b60874845571e894631624a826066187e1365b4ba01c4ee88cd43b35b069981db8ab385787bc3482f04b3db57c066c8b8c53e3b61fa2eb28dc916fd6cc50aa54e32fb379f6c3b4d6a0bd389e2ccb014da66672f001f5b9bc9c79d49a6912e95c43ebf9e3fb61b862bfd9dd3cb438c8491bde50de0a65d1b55760fcab59b844e20519b7d7d010667221e4c9d332ba4e638e0a970fc7bbfd7fff69707e6b633b189630cb06529292", 0xcc, 0x9}, {&(0x7f00000004c0)="abb2686cded61e5858a1f06bcc285972059874c59da8f7fb1349db459eae950dec38a16db03e09fbe6eb9c5d54c4849779f4d130b828f405ba800a14bb5233b9bc2102d2efa7e5cb75759fb481f28ed86350ebc8051501bd5e91530be9d0e481e4064b5d4db26f5e37d05132ccc3451756d8773948a9a6bc7e2729e76e114943d092cf6344899dd597cac13cf5f8e989083d4980a4bfd8d6aeca0acaf22236d92eca03d4183d6e6ca787248598ae58d55d0f762a381c54594e35e61181a168dd59f3e216", 0xc4, 0x100000000}, {&(0x7f00000005c0)="ce89c7e98e8c1e08c979071f9f2582374991987257a8d12cc9fe44df948c5abc2ebd1bbf8c0c65cfce848b888f10f4e7d07db72250776c97388540912205e660099214e716dc4c67d82bd1b86aa2ecd5cd13e6bf123caefd69c45475115e883116a85d41ac8b8b08de3a7c4e7a51421c6602", 0x72, 0x6b4}], 0x42000, &(0x7f00000006c0)={[{@fat=@tz_utc}, {@dots}, {@fat=@sys_immutable}], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'iso9660\x00'}}]})
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000800)='bic\x00', 0x4)
r5 = open$dir(&(0x7f0000000740)='./file0\x00', 0x40, 0x1)
renameat(r4, &(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000780)='./file1\x00')

22:56:02 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
r4 = syz_open_procfs(0x0, &(0x7f0000000640)='net/bnep\x00')
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000840}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000780), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:02 executing program 0:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xec, r2, 0x8, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x0, 0x1b}}}}, [@NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x1, 0x3}, {0xfc, 0x3}, {0x2}, {0x5, 0x7}, {0x20, 0x7}, {0x7f, 0x6}, {0x2, 0x6}, {0x80, 0x4}, {0x4, 0x4}, {0x38, 0x5}, {0x3f, 0x4}, {0x1, 0x3}, {0x6, 0x2}, {0x3, 0x3}, {0x1, 0x6}, {0xfd, 0x5}, {0x3f, 0x4}, {0xa5, 0x2}, {0x0, 0x5}], "558192394a0877e9"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x3f, 0x7}, {0x8, 0x2}, {0x2, 0x99}, {0x7f}, {0x40}, {0x5, 0x6}, {0x17, 0x4}, {0x6, 0x4}, {0x7, 0x5}, {0xff}, {0xc1, 0x5}, {0x0, 0x7}, {0x6, 0x2}], "000c2bcacdef9fca"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x1, 0x6}, {0x6, 0x4}, {0x1, 0x2}, {0x20, 0x7}, {0x6, 0x7}, {0xfd, 0x3}, {0x80}, {0x0, 0x1}, {0x9, 0x3}, {0x2, 0x5}, {0x3, 0x7}, {0x9, 0x7}, {0x40, 0x6}, {0xfe}, {0x2, 0x2}, {0x1, 0x7}, {0x27, 0x6}, {0x8, 0x2}], "48fe488e11bb68fb"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x1b, 0x3}, {0xa, 0x7}, {0x5, 0x2}, {0x6, 0x3}, {0x7, 0x2}, {0x0, 0x2}, {0xce, 0x7}, {0x80, 0x7}], "fe2cc586dc527e45"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x0, 0x6}, {0x7, 0x6}, {0x12, 0x1}, {0x9, 0x2}, {0xf8, 0x4}], "8176d482248eeecb"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "9c70e91f6cf90308"}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4810}, 0x40)

22:56:02 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40305839, &(0x7f0000000080)=ANY=[@ANYBLOB="0600000000000000010000000000a4531805"])
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000180)={0xe00, 0x7fffffff, 0x0, 0x7fe, 0x8, [{0x4b3a105e, 0x9cf2, 0x7, '\x00', 0x8}, {0x81, 0x0, 0x7, '\x00', 0x4d9abf547794d604}, {0x4, 0xd3, 0x7, '\x00', 0x484}, {0x5, 0x499, 0x1}, {0x7fff, 0x100, 0xfffffffffffffffb, '\x00', 0x1}, {0x3f, 0x3ff, 0x1ff, '\x00', 0x408}, {0x953b, 0x80000001, 0x9}, {0x10001, 0x9, 0x401, '\x00', 0x1000}]})

22:56:02 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x6, 0x7b, 0x0, 0x7fff0000}, {0xfff8, 0x0, 0x80, 0x4}, {0x6, 0xfd, 0x2c, 0x6}]})

22:56:02 executing program 1:
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000540)='nv\x00', 0x3)
r0 = accept(0xffffffffffffffff, &(0x7f0000000580)=@pptp={0x18, 0x2, {0x0, @private}}, &(0x7f0000000600)=0x80)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000700)={{0x1, 0x1, 0x18, r0, @out_args}, './file0/file0\x00'})
sendmmsg$sock(r2, &(0x7f0000001f40)=[{{&(0x7f0000000080)=@in={0xa, 0x4e23, @local}, 0x80, 0x0, 0x0, &(0x7f0000001740)=[@timestamping={{0x14, 0x4}}], 0x18}}], 0x1, 0x0)
r3 = dup(r2)
recvmmsg(r3, &(0x7f00000004c0)=[{{&(0x7f0000000000)=@ieee802154, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/147, 0x93}, {&(0x7f00000001c0)=""/255, 0xff}], 0x2, &(0x7f0000000300)=""/4, 0x4}, 0x1c0d}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)=""/121, 0x79}, {&(0x7f00000003c0)=""/43, 0x2b}], 0x2, &(0x7f0000000440)=""/116, 0x74}}], 0x2, 0x40012040, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000680), &(0x7f00000006c0)=0x14)

22:56:02 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000025c0), 0x20040, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6e3d397032306cc39430302e752c7ee2cc9432e3740c00"])

22:56:02 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
clone3(&(0x7f0000000600)={0x4a0f0800, &(0x7f0000000200)=<r5=>0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x34}, &(0x7f00000004c0)=""/133, 0x85, &(0x7f0000000580)=""/69, &(0x7f00000002c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r9, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000680)=[{0xffffffffffffffff, 0xa004}, {r2, 0x4444}, {r3, 0x43}, {r0, 0x130}, {r5, 0x5000}, {r6, 0x1000}, {r8, 0x4000}, {r0, 0x2028}, {r0, 0x2}, {r10, 0x84}], 0xa, 0x5)
r11 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r11, 0x4006}], 0x2, 0xffff)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x3, 0x9, 0x7, 0xdc6a, 0x3, 0xa00})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000080)="bf4bf217e9b85ec1820a9cf815b83b8a20cc091940646af3b030b6aeeb10389dacb42f8a5adba039881b2830", 0x2c}], 0x1)

[  184.339570] =======================================================
[  184.339570] WARNING: The mand mount option has been deprecated and
[  184.339570]          and is ignored by this kernel. Remove the mand
[  184.339570]          option from the mount to silence this warning.
[  184.339570] =======================================================
22:56:02 executing program 0:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fallocate(r0, 0x0, 0x0, 0x9)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xec, r2, 0x8, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x0, 0x1b}}}}, [@NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x1, 0x3}, {0xfc, 0x3}, {0x2}, {0x5, 0x7}, {0x20, 0x7}, {0x7f, 0x6}, {0x2, 0x6}, {0x80, 0x4}, {0x4, 0x4}, {0x38, 0x5}, {0x3f, 0x4}, {0x1, 0x3}, {0x6, 0x2}, {0x3, 0x3}, {0x1, 0x6}, {0xfd, 0x5}, {0x3f, 0x4}, {0xa5, 0x2}, {0x0, 0x5}], "558192394a0877e9"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x3f, 0x7}, {0x8, 0x2}, {0x2, 0x99}, {0x7f}, {0x40}, {0x5, 0x6}, {0x17, 0x4}, {0x6, 0x4}, {0x7, 0x5}, {0xff}, {0xc1, 0x5}, {0x0, 0x7}, {0x6, 0x2}], "000c2bcacdef9fca"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x1, 0x6}, {0x6, 0x4}, {0x1, 0x2}, {0x20, 0x7}, {0x6, 0x7}, {0xfd, 0x3}, {0x80}, {0x0, 0x1}, {0x9, 0x3}, {0x2, 0x5}, {0x3, 0x7}, {0x9, 0x7}, {0x40, 0x6}, {0xfe}, {0x2, 0x2}, {0x1, 0x7}, {0x27, 0x6}, {0x8, 0x2}], "48fe488e11bb68fb"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x1b, 0x3}, {0xa, 0x7}, {0x5, 0x2}, {0x6, 0x3}, {0x7, 0x2}, {0x0, 0x2}, {0xce, 0x7}, {0x80, 0x7}], "fe2cc586dc527e45"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x0, 0x6}, {0x7, 0x6}, {0x12, 0x1}, {0x9, 0x2}, {0xf8, 0x4}], "8176d482248eeecb"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "9c70e91f6cf90308"}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4810}, 0x40)

[  184.354049] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:02 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
r4 = syz_open_procfs(0x0, &(0x7f0000000640)='net/bnep\x00')
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000840}, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  184.361228] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  184.368328] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  184.385619] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  184.388287] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:02 executing program 2:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
r4 = syz_open_procfs(0x0, &(0x7f0000000640)='net/bnep\x00')
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000840}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000780), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  184.399403] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:16 executing program 7:
syz_io_uring_setup(0x15328, &(0x7f0000000040)={0x0, 0xfffffffd, 0x36, 0x0, 0x3ae}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15)

22:56:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8001}, 0x1c)

22:56:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup2(r0, r1)
mmap$usbmon(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x0)
ioctl$HIDIOCSUSAGES(r2, 0x501c4814, &(0x7f0000000000)={{0x2, 0x200, 0x4, 0xb08, 0x2, 0x8000}, 0x21c, [0xffffffe1, 0x878, 0x5, 0x4, 0xb07, 0xfffeffff, 0x0, 0x390, 0x6, 0x5, 0xa0c, 0xab, 0xff, 0x6, 0xfffffca9, 0x40, 0x27110628, 0x2c45, 0xdd60, 0xfff, 0xff, 0x69e, 0x0, 0x4, 0x5, 0x6, 0x0, 0x4, 0x2, 0x5, 0x800, 0x4, 0x63, 0xfffffffa, 0x0, 0x6, 0xff, 0x9, 0x28c, 0x7, 0x4, 0x62e, 0xf79b, 0x2, 0x0, 0x42, 0x4, 0x5, 0x3, 0x5, 0x8001, 0x200, 0x6, 0x1, 0x1, 0x888000, 0x4, 0x3, 0x7, 0x1, 0x66a, 0x0, 0x7, 0x7, 0x4, 0x0, 0x3f, 0x0, 0x3, 0x1, 0x9, 0xf05, 0x7b88, 0x0, 0x401, 0x2, 0x5e5, 0x3f, 0x7fff, 0x0, 0x3, 0xda, 0x7ff, 0x9, 0x5, 0xffffffff, 0x9f, 0xe812, 0x4, 0x2, 0x0, 0x2, 0x0, 0x7f, 0xca0d, 0x0, 0xfff, 0x1993, 0x10000, 0x2, 0x5, 0x40, 0x1000, 0x7, 0x5, 0xa75, 0x40, 0x80, 0x5, 0x6, 0xffffff44, 0x4320000, 0x7, 0xe7, 0x7, 0xc8, 0x559, 0x3, 0x4, 0x1ff, 0x5a, 0xfff, 0x2, 0x1, 0x499, 0x2, 0x9, 0x6, 0x3a, 0x1, 0x9, 0x2, 0x8, 0x7, 0x3, 0x4, 0xa5e, 0x200000, 0x9, 0x1ff, 0x5, 0x40, 0x99, 0xefdd, 0x81, 0x4, 0xdbd, 0x8001, 0x3, 0x1, 0x4, 0xfff, 0x5, 0x10000, 0x3, 0x8, 0x3, 0x400, 0x1, 0x8, 0x1, 0xe0, 0x2, 0xff, 0x0, 0x3, 0x40, 0x6, 0xfffffffc, 0x81, 0x9, 0x8, 0x5, 0x400, 0x10000, 0x101, 0x8001, 0x87ed24, 0x401, 0x2fa99958, 0x8, 0x5, 0xffffffff, 0x5409, 0x2, 0x7, 0x0, 0x8, 0x8001, 0x3, 0x0, 0xff, 0x3, 0xffffff01, 0x1, 0x1f, 0x7ff, 0xfffffeff, 0x800, 0xbf, 0x6, 0x5c, 0x26, 0x7, 0x1cc, 0x8, 0xd7, 0xe1, 0xa96, 0xdb9b, 0x5, 0x3f, 0x2, 0xc8c, 0xffffffbc, 0x8, 0xfffffff8, 0x2, 0xff, 0x4, 0xffffb6e1, 0xd46, 0x51a7, 0x9b, 0x0, 0x6, 0x0, 0xaf, 0xd3d, 0x7, 0x5, 0x8312, 0x8, 0x4802, 0x8, 0x4, 0x8, 0x8, 0x2b4, 0x8, 0x9, 0x400, 0x4, 0x5, 0x101, 0x2, 0x401, 0x7, 0x2, 0x9, 0x1, 0x81, 0x3, 0x0, 0x7, 0x1, 0x0, 0x1, 0x1, 0x6, 0x6, 0x800, 0x0, 0x8, 0x0, 0x4, 0x4, 0x4, 0x3, 0xbe, 0xcf, 0x9e0, 0x668b7490, 0x7, 0x5, 0x9, 0x5, 0x1, 0x2, 0x101, 0x3, 0x10001, 0x9, 0x401, 0xa829, 0x6, 0x2, 0x8001, 0x7, 0x7, 0x40, 0x6, 0xa394, 0x78, 0x5, 0x3, 0x2, 0xd4c, 0x200, 0x9, 0x2, 0x3, 0xf18, 0x3ff, 0x36ed, 0x1f, 0x7ff, 0xc00, 0x5, 0x0, 0x9, 0x7, 0x1, 0x9, 0x2, 0x8001, 0x1f, 0xfff, 0x0, 0x1f, 0x6, 0x0, 0x2d9, 0x1, 0x3, 0x271, 0x7f, 0x0, 0x200, 0x4, 0x7af51350, 0xab7, 0x8, 0x8001, 0x5, 0x100, 0x2, 0x8, 0x1f, 0x40, 0xffffffff, 0x4, 0x6, 0x7, 0x3, 0x0, 0xc8, 0x1, 0x6, 0x4, 0x6, 0x80000000, 0xc4, 0x7, 0x20, 0x9, 0x6, 0x6, 0x2, 0x80000001, 0x5, 0x5, 0x1, 0x8, 0x7, 0xee, 0x2, 0xfffffff9, 0x2, 0x400, 0x3f, 0x5, 0x5, 0x0, 0x1, 0x2, 0x5, 0x7, 0x400, 0x0, 0x1, 0xab, 0x0, 0xffffffff, 0x9, 0x6, 0x20, 0x2, 0x7, 0x7ff, 0x9, 0x1, 0x4, 0x6, 0x2, 0xfc8d, 0x7, 0x7ff, 0x5, 0x0, 0x200, 0x8, 0xfb9, 0x4, 0x1, 0x400, 0x1ff, 0x8, 0x4, 0xfffffffd, 0x6e6, 0xbc8, 0x9, 0xa948, 0x1, 0x7, 0x8000, 0x3, 0x3, 0x1a0, 0x7ff, 0x800, 0x6, 0x3, 0x3, 0x4, 0x4, 0x3ff, 0x0, 0x7, 0x4, 0x7fffffff, 0xfffffc01, 0x3f, 0x0, 0x20000000, 0x1f, 0x7, 0x2, 0x4, 0x4, 0x80000001, 0x852, 0x0, 0x6, 0x200, 0x81, 0x7fff, 0x0, 0xfffffffa, 0x7, 0x7, 0x2, 0x4, 0x7, 0x478d, 0xc2, 0x2, 0x3, 0x4, 0x200, 0x200, 0x6, 0x9, 0x9, 0x69b, 0x100, 0x88d1, 0x80, 0x401, 0xbb, 0x8000, 0xffffff00, 0x4, 0x9, 0x1, 0x3, 0x10001, 0x7f, 0xfffffff7, 0x9, 0x3fe0000, 0x1c0000, 0xffff, 0xffff8acd, 0x1, 0x5, 0xb01, 0x5, 0x3ff, 0x9117, 0x40, 0x6, 0x48000, 0x1000, 0xf76, 0x800, 0x800, 0x2, 0x4, 0x1948, 0x1, 0x9, 0x9, 0xfffffff7, 0x6f549a71, 0xffff, 0xc8d, 0x7ff, 0x2, 0x8, 0x0, 0x400, 0x5, 0x7, 0xfffffff9, 0x6, 0x1, 0x10000, 0x1, 0x800, 0x401, 0xffffffff, 0x8000, 0x400, 0xffff7fff, 0x80, 0x201ea8, 0x8001, 0x4, 0x0, 0x1f, 0x7, 0x10001, 0x4, 0x8, 0x1, 0x1000, 0x4, 0x5490, 0x9, 0x85, 0x4, 0xffff7fff, 0x7, 0x4, 0x2871, 0xe4dd, 0xfff, 0x9, 0x2, 0x8, 0x6, 0x6, 0xfbf0, 0x80a, 0x9, 0x80000000, 0x1000, 0x8, 0x200, 0x5, 0x3, 0x80000001, 0x6, 0x12000, 0x6, 0x8, 0x2, 0x5, 0x4, 0xdcfe, 0x0, 0x6, 0x2, 0x46b, 0x8, 0x9e, 0x8, 0x4, 0x1b, 0x800, 0x80000000, 0xfff, 0x5b, 0x9, 0xff, 0x5, 0x5, 0x1, 0x2, 0x9, 0x6, 0xd9, 0x6, 0x1000, 0x80, 0x8, 0x2000, 0x4, 0x1, 0x8, 0x81, 0x3, 0x3, 0x4838, 0x2, 0x8, 0x80, 0x3f, 0x1, 0xfff, 0x6, 0x7218, 0x40, 0xe3e9, 0x100, 0xffffffff, 0x5, 0xdb6, 0x8, 0x8, 0x3, 0x7fffffff, 0x9, 0x10001, 0x3, 0x1f, 0x14a, 0xff, 0x7543e7b5, 0x3, 0x6, 0x81, 0x59, 0x40, 0x5, 0x8001, 0x5cd7a63c, 0x7fff, 0x100, 0x6, 0x8001, 0x40, 0xff, 0x0, 0x5, 0x81, 0x5, 0x0, 0xa4, 0x8, 0x3, 0x3, 0x1, 0xffff, 0x2640, 0x1208, 0x1ff, 0x5, 0x6, 0x7, 0x7, 0xea6a, 0x9, 0x2, 0x10001, 0x9642, 0x7f, 0x80, 0x2, 0x0, 0xfffffffd, 0x7, 0xa8e2, 0x80000000, 0x1f, 0x1f, 0x4, 0xffff8000, 0x1f, 0x3, 0x9, 0x7, 0x5, 0xffff, 0x4, 0x7fffffff, 0x4, 0x1f, 0x2, 0x1, 0xffffffff, 0x10001, 0x93, 0xf7de, 0x7ff, 0x9, 0x23, 0x2, 0x3, 0x871, 0x5a4, 0x9, 0x6, 0x4, 0x200, 0x80, 0x7fffffff, 0x0, 0x6, 0x4000000, 0x3, 0x9, 0x3ff, 0xfffffffc, 0x8, 0x622, 0x6, 0x4, 0xce, 0x98, 0xcc, 0x8, 0xc8, 0x3, 0x8001, 0xff, 0xffffffff, 0x0, 0xa00, 0x93, 0x0, 0x3f, 0x0, 0x9da4, 0x9, 0x78, 0xdf5, 0x0, 0x2, 0x7fffffff, 0x7, 0x6, 0x1, 0x81, 0x7, 0x5, 0x4, 0x7, 0xb5a, 0x2, 0x1000000, 0x6, 0x10000, 0x0, 0x4f06, 0x51e6, 0x1, 0x4, 0xa1, 0xc350, 0x8, 0x1, 0x80000000, 0xddd, 0x80000000, 0x0, 0x76, 0x3, 0xfff, 0x8c, 0x7fff, 0x4, 0x1, 0x1, 0x0, 0x316, 0x9, 0xef, 0x0, 0x101, 0x7ff, 0x20, 0x0, 0x51c, 0xa4f6, 0xc50, 0x3, 0x80000001, 0x4, 0x0, 0x1, 0x8001, 0x6, 0x7f, 0x5, 0x1f8400, 0x4, 0x3, 0x4, 0xec, 0x8, 0xfffffffd, 0xffffffff, 0x1, 0x3, 0x8001, 0xffffffe0, 0x40, 0x7, 0x401, 0x1, 0x2, 0x0, 0x8, 0x2, 0x1, 0x7, 0x10001, 0x1ff, 0x5, 0x8, 0x1000, 0x1ff, 0x800, 0xc0fd, 0x1, 0x10000, 0x7, 0x6, 0x4, 0x200, 0x10000, 0x1b5, 0x7, 0x7, 0x8047, 0x48, 0x7fffffff, 0x7fff, 0x2, 0x8, 0x8001, 0x1, 0x1f, 0x5, 0x9, 0x5, 0x7, 0x9, 0x1, 0x9, 0xff, 0x0, 0xffffffff, 0x2, 0xcc30, 0x7ff, 0x5, 0xc00000, 0x20, 0x7, 0x8d, 0x4, 0xffffffff, 0x8, 0x8001, 0x1, 0x3d9ab467, 0x80, 0x4, 0x3, 0x24000, 0x4, 0x1, 0x50, 0x8d, 0xf85, 0x1, 0x4, 0x2, 0xb4, 0xffffffff, 0x80000001, 0x451, 0x2, 0x7f, 0xfffffff9, 0x8001, 0x1, 0xfffffff8, 0x4, 0x10001, 0x3, 0x9, 0x1, 0x7, 0x5, 0x8, 0x7fffffff, 0x4, 0x1, 0x5, 0x1, 0x7, 0x0, 0x0, 0x81, 0x3, 0xe8, 0x5, 0x9, 0x1, 0x0, 0x7fff, 0xff5, 0x6, 0x7fffffff, 0x0, 0x100, 0x7f, 0x5, 0x86, 0x2861, 0x7, 0x3, 0x0, 0x4, 0x93, 0xfffffbff, 0x811, 0x9, 0xd7c6, 0x4, 0x1000, 0x3, 0x7, 0x6, 0xfffffff8, 0x1, 0x3, 0x10000, 0xac2, 0x3, 0x7, 0x2, 0x4, 0x100, 0xff, 0x1, 0x0, 0x4, 0x7, 0x7, 0x0, 0x0, 0x80000000, 0x1, 0x3, 0x3, 0x4, 0x5, 0x7f, 0x74, 0x2, 0x10001, 0x0, 0xd88a, 0x3, 0x48d, 0x105, 0x4, 0x0, 0xa69, 0x2, 0x0, 0x1, 0x4, 0xffffffc0, 0x400, 0x5, 0x7, 0x7, 0x3, 0x3d9, 0x6, 0x4, 0xb87, 0x80000000, 0xfffffffc, 0x9, 0xfffffe01, 0x48, 0x8000, 0x81, 0x40000000, 0x8, 0xfffeffff, 0x1, 0x43, 0x0, 0x8, 0x9, 0x4, 0x1, 0x0, 0x2, 0xd5, 0x4, 0x4, 0xfffffe00, 0xffffffff, 0x7fff, 0x6, 0x1ff, 0x6, 0x14, 0x0, 0x101, 0x100, 0x9, 0x81, 0x7]})
ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0xd8cd3)

22:56:16 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003040), 0x0, 0x0)

22:56:16 executing program 4:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)

22:56:16 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
clone3(&(0x7f0000000600)={0x4a0f0800, &(0x7f0000000200)=<r5=>0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280), {0x34}, &(0x7f00000004c0)=""/133, 0x85, &(0x7f0000000580)=""/69, &(0x7f00000002c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r9, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000680)=[{0xffffffffffffffff, 0xa004}, {r2, 0x4444}, {r3, 0x43}, {r0, 0x130}, {r5, 0x5000}, {r6, 0x1000}, {r8, 0x4000}, {r0, 0x2028}, {r0, 0x2}, {r10, 0x84}], 0xa, 0x5)
r11 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r11, 0x4006}], 0x2, 0xffff)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x3, 0x9, 0x7, 0xdc6a, 0x3, 0xa00})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000080)="bf4bf217e9b85ec1820a9cf815b83b8a20cc091940646af3b030b6aeeb10389dacb42f8a5adba039881b2830", 0x2c}], 0x1)

22:56:16 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
syz_open_procfs(0x0, &(0x7f0000000640)='net/bnep\x00')
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:16 executing program 1:
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000540)='nv\x00', 0x3)
r0 = accept(0xffffffffffffffff, &(0x7f0000000580)=@pptp={0x18, 0x2, {0x0, @private}}, &(0x7f0000000600)=0x80)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000700)={{0x1, 0x1, 0x18, r0, @out_args}, './file0/file0\x00'})
sendmmsg$sock(r2, &(0x7f0000001f40)=[{{&(0x7f0000000080)=@in={0xa, 0x4e23, @local}, 0x80, 0x0, 0x0, &(0x7f0000001740)=[@timestamping={{0x14, 0x4}}], 0x18}}], 0x1, 0x0)
r3 = dup(r2)
recvmmsg(r3, &(0x7f00000004c0)=[{{&(0x7f0000000000)=@ieee802154, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/147, 0x93}, {&(0x7f00000001c0)=""/255, 0xff}], 0x2, &(0x7f0000000300)=""/4, 0x4}, 0x1c0d}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)=""/121, 0x79}, {&(0x7f00000003c0)=""/43, 0x2b}], 0x2, &(0x7f0000000440)=""/116, 0x74}}], 0x2, 0x40012040, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000680), &(0x7f00000006c0)=0x14)

[  198.638200] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  198.649237] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  198.654364] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  198.656252] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:16 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="000000002e2f6669c253a8976c653000"])
futimesat(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={{0x77359400}})
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01000007000000000000000000000800028004000280"], 0x1c}}, 0x0)
fremovexattr(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="4c72bebdaedf32b15f00000000002609ed8ca3c87c590a98f600e2c7596249b403e33ecfad09c758bb748a9447915107f4a2b381f158ad8c1c284ed18c9f94b28d6ff41599b871379fef712a04f725864a1d5499a5107f7a5321af16cfd2c1a2f4ebefbcf96e"])
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="de166bcc228dd1d2ae87224913071a109cee"])

22:56:16 executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x47f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, &(0x7f0000000740)={0x24, &(0x7f00000005c0)={0x0, 0x22, 0xa1, {0xa1, 0x4, "a030981bd065528f4391cfcff1ba5a1e1205f242685682db6fa96393e606597610bf89dc9b6844250526a6e738ec86140e401ba00c13283d2031222102e4f2bd00b88f7a0bda07acc3464aeb66293024aa401e2a6e90e8ace8b48a3455f919a1a501d715eba7ef81b16726229ee7fe7f9c9044c3b969923d850c2214bf34e44caec2d086aa9d9c7e64e6b9994bdbb344c3a6e76a2c6fb110cefb1211418712"}}, &(0x7f0000000680)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x424}}, &(0x7f00000006c0)={0x0, 0x22, 0xb, {[@main=@item_4={0x3, 0x0, 0xa, "2e5991e4"}, @main=@item_012={0x2, 0x0, 0x9, "4ce3"}, @main=@item_012={0x2, 0x0, 0xa, "90ee"}]}}, &(0x7f0000000700)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x7, 0x1, {0x22, 0xd00}}}}, &(0x7f0000000a00)={0x2c, &(0x7f0000000780)={0x0, 0x0, 0xa3, "8ae015349fdcce0f09e0a3be244fbf30f883aff9c5abb7c1071d1a6a7f9a4f9e01ada5bcd0957e0edfeaef1998c03ed43f3d7709afddecc9ba4ab50d2f32d745af96b9df1c098a35a4e569651f36a52293c4f46a3f2d54506355cb018211e536c18e73388867d2774c4aba101cf59123ae7948efb062674c851d99ff8db1f118110ed2aea3a8417cdb77df079315dead098e583c78d4e12310c8012550e9d336145578"}, &(0x7f0000000840)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000880)={0x0, 0x8, 0x1, 0x6}, &(0x7f00000008c0)={0x20, 0x1, 0xf3, "19810a2c37154599ab9c1cf7c68258e383303b9d792892f2c9dec8974d6fbaecbe254864f63d7d736782d596a285f6f60450818937b69396cdf02161e182ae2ceb541e23968095ce9b647a5cf4b2bab2a40dde135abb63f7cd52a46b3b905278fc27ab79978b6048cdc9fd3c9fd6531a27b2586d38a2f51b18d27e0ca2948e400708d652769b4a39a34c2c8841e7a19d1a56381ff511608aae7b83674dd328bc34d31ba00f066a5a2f685a7a47fc8bbd67835be8797ecd2f4b4b7342f25ccf2690d2045d555951bced7a532cec5be3b3f10b17bea21dc16b98238b41f60873f380b7354289ae9af3eb3769e32e7d22d30eb5ff"}, &(0x7f00000009c0)={0x20, 0x3, 0x1, 0x6}})
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, &(0x7f00000000c0)={0x0, 0x30, 0x21, {0x21, 0xf, "76cfb7f241f54529ad6635175645b1746758fd1064661618d3729b2b6a187b"}}, &(0x7f00000001c0)={0x0, 0x3, 0x16, @string={0x16, 0x3, "4d93c6a9802526c6ee1d0d27e25d3e62923dc8c2"}}, &(0x7f0000000340)={0x0, 0x22, 0xc, {[@main=@item_4={0x3, 0x0, 0xc, "88c0a50f"}, @global=@item_4={0x3, 0x1, 0x3, "5c3dd475"}, @local=@item_012={0x1, 0x2, 0x1, '}'}]}}, &(0x7f0000000380)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x9, 0x1, {0x22, 0x510}}}}, &(0x7f0000000580)={0x2c, &(0x7f0000000400)={0x20, 0xd, 0x12, "4bd679c2b592a73d11a1d8c5aa565cd53b4c"}, &(0x7f0000000440)={0x0, 0xa, 0x1}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x81}, &(0x7f00000004c0)={0x20, 0x1, 0x5f, "7e9a6e79e62530c1d4c8c5531747a6850ebe95d66257bac172469544f7af9138c4e85a7d7b8793e92e2fa97472f73e5a10b463a222fa3ea2065a3196a506cb2ac3623c6ea92663c8db19c115453473c0f431ce591ea15177853d62c1f3fddf"}, &(0x7f0000000540)={0x20, 0x3, 0x1, 0x3}})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x508c0457}}, './file0\x00'})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000000140)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000000080)="00000000000000000000000019", 0xd, 0x4dd}, {&(0x7f0000010400)="031c089fd318fc0005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d1f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1500}, {0x0, 0x0, 0x20001f00}], 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d72656d6f751ebe663f99a748507071756f74612c000aadabca2336308b366d6cd09e4d9ca1f8fe1e4edc1e79efd0b1c0f6af8ce95b743570ea6143318fd3a0ac429adeb18243cb1a1292ec25652528429bf44997db37fd0f0de6dc0234db2544ceff56e86b1d81f6d9454fdbccedc0039650ab9798347b9c84a33e4a8ad5322372c00a7c7554a21db2c8ad0000000000"])

22:56:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2a, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b000000800000000800000052470000620100000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e33313930313834363600"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000005566cbb705fc4d7ea1c5dfc95b00bfe3010000000c00000000000000d1f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500110000000000000000000000040000003c00000000000000", 0x20, 0x560}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010500)="fffffffffcff0700000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x480, 0xc00}, {&(0x7f0000010a00)="0b0000000c0001022e00000002000000f40302022e2e00"/32, 0x20, 0x1400}, {&(0x7f0000010b00)="00000000000400"/32, 0x20, 0x1800}, {&(0x7f0000010c00)="00000000000400"/32, 0x20, 0x1c00}, {&(0x7f0000010d00)="00000000000400"/32, 0x20, 0x2000}, {&(0x7f0000010e00)="00000000000400"/32, 0x20, 0x2400}, {&(0x7f0000010f00)="00000000000400"/32, 0x20, 0x2800}, {&(0x7f0000011000)="00000000000400"/32, 0x20, 0x2c00}, {&(0x7f0000011100)="00000000000400"/32, 0x20, 0x3000}, {&(0x7f0000011200)="00000000000400"/32, 0x20, 0x3400}, {&(0x7f0000011300)="00000000000400"/32, 0x20, 0x3800}, {&(0x7f0000011400)="00000000000400"/32, 0x20, 0x3c00}, {&(0x7f0000011500)="00000000000400"/32, 0x20, 0x4000}, {&(0x7f0000011600)="504d4d00504d4dffd2f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033300075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x4400}, {&(0x7f0000011700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x4800}, {&(0x7f0000011800)="ffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300"/1056, 0x420, 0x4c00}, {&(0x7f0000011d00)="0400000000000000000000000000000000000600"/32, 0x20, 0x5400}, {&(0x7f0000011e00)="0500"/32, 0x20, 0x5800}, {&(0x7f0000011f00)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000007000"/96, 0x60, 0x5c00}, {&(0x7f0000012000)="0200"/32, 0x20, 0x6000}, {&(0x7f0000012100)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x6400}, {&(0x7f0000012200)="0300"/32, 0x20, 0x6800}, {&(0x7f0000012300)="0400"/32, 0x20, 0x6c00}, {&(0x7f0000012400)="0500"/32, 0x20, 0x7000}, {&(0x7f0000012500)="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000007000"/96, 0x60, 0x7400}, {&(0x7f0000012600)="0200"/32, 0x20, 0x7800}, {&(0x7f0000012700)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d803050766696c653100"/64, 0x40, 0x7c00}, {&(0x7f0000012800)="000002ea0100000001000000270f240c000000000000000000000000000000000601f8030000000006000000779b539778617474723100000601f00300000000060000007498539778617474723200"/96, 0x60, 0x8000}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x83e0}, {&(0x7f0000012a00)="0000000000000000d1f4655fd1f4655fd1f4655f00"/32, 0x20, 0x8c00}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004000000", 0x40, 0x8c80}, {&(0x7f0000012c00)="8081000000180000d1f4655fd1f4655fd1f4655f00000000000001000c00000010000800000000000af303000400000000000000000000000100000012000000010000000100000018000000020000000400000014000000000000000000000000000000000000000000000000000000000000000000000000000000000000008081000000180000d1f4655fd1f4655fd1f4655f00000000000001000c00000010000800000000000af30300040000000000000000000000010000001900000001000000010000001e00000002000000040000001a00"/224, 0xe0, 0x8d00}, {&(0x7f0000012d00)="c041000000300000d1f4655fd1f4655fd1f4655f00000000000002001800000000000800000000000af301000400000000000000000000000c00000005000000", 0x40, 0x9100}, {&(0x7f0000012e00)="ed41000000040000d2f4655fd2f4655fd2f4655f00000000000002000200000000000800030000000af30100040000000000000000000000010000001f00000000000000000000000000000000000000000000000000000000000000000000000000000027951c99000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af30100040000000000000000000000020000002700000000000000000000000000000000000000000000000000000000000000000000000000000077475a5c000000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3331393031383436362f66696c65302f66696c6530000000000000000000000000000000000000000000002247ea9f000000000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000029000000000000000000000000000000000000000000000000000000000000000000000000000000401f9fd3200000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f00000000000002001200000000000800010000000af30100040000000000000000000000090000002a0000000000000000000000000000000000000000000000000000000000000000000000000000001dd000b4000000000000000000000000000000000000000000000000ed81000064000000d2f4655fd2f4655fd2f4655f00000000000001000200000000000800010000000af3010004000000000000000000000001000000330000000000000000000000000000000000000000000000000000000000000000000000000000006b8b381d00"/768, 0x300, 0x9180}, {&(0x7f0000013100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x9c00}, {&(0x7f0000013600)='syzkallers\x00'/32, 0x20, 0xa400}, {&(0x7f0000013700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0xcc00}], 0x0, &(0x7f0000013800))
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000040)=@IORING_OP_NOP={0x0, 0x1}, 0x101)

[  198.703213] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  198.719858] UDC core: couldn't find an available UDC or it's busy: -19
[  198.720631] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
22:56:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8001}, 0x1c)

[  198.742677] loop1: detected capacity change from 0 to 264192
[  198.744254] ext4: Bad value for 'errors'
22:56:16 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}]}, 0x24}}, 0x4004841)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  198.747449] loop3: detected capacity change from 0 to 512
[  198.749370] program syz-executor.2 is using a deprecated SCSI ioctl, please convert it to SG_IO
22:56:16 executing program 7:
openat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x162ffce3eba72a21, 0x14)
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x81cc0, &(0x7f0000000180)=ANY=[])
syz_mount_image$nfs(0x0, 0x0, 0x0, 0x1, &(0x7f0000000640)=[{0x0, 0x0, 0x4c88}], 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x0)

[  198.784749] program syz-executor.2 is using a deprecated SCSI ioctl, please convert it to SG_IO
22:56:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8001}, 0x1c)

22:56:16 executing program 5:
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder0\x00', 0x802, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x4, 0x4000000000000, 0x7})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x0, 0x0)

22:56:16 executing program 4:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)

[  198.806558] loop7: detected capacity change from 0 to 76
[  198.831546] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  198.839244] ext4 filesystem being mounted at /syzkaller-testdir172533113/syzkaller.wYv2TU/15/file0 supports timestamps until 2038 (0x7fffffff)
[  198.843248] loop7: detected capacity change from 0 to 76
22:56:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8001}, 0x1c)

22:56:16 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000540)={'wpan4\x00'})
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:16 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)

[  198.876265] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  198.916703] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:16 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x40000, 0x2a)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r1, 0x0, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x5d, 0x9, 0x4, 0x81}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20004005}, 0x20008040)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat(r2, &(0x7f0000000200)='./file0\x00', 0x4a0202, 0x131)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x39b}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
ioctl$TUNDETACHFILTER(r4, 0x401054d6, 0x0)

22:56:16 executing program 7:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000004c0), 0x80c00, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
close(r0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')

22:56:16 executing program 3:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = signalfd(r0, &(0x7f0000000000)={[0x7ff]}, 0x8)
r2 = fcntl$dupfd(r1, 0x406, r0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000380)={{0x1, 0x1, 0x18, r1}, './cgroup/cgroup.procs\x00'})
r4 = accept4(r2, &(0x7f0000000440)=@hci, &(0x7f00000003c0)=0x80, 0x800)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r4)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$int_out(r3, 0x0, &(0x7f0000000340))
lsetxattr$security_evm(&(0x7f0000002540)='./cgroup/cgroup.procs\x00', &(0x7f0000002580), 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x926, 0x1, 0x4, 0xa40, 0x9, 0x400, 0x100}, &(0x7f0000000200)={0x100000000, 0x40, 0x1e9, 0x80, 0x9, 0x19, 0x4, 0x30}, &(0x7f0000000240)={0x2121, 0x5, 0x2, 0x0, 0xfffffffffffffbff, 0x5, 0x450a, 0xb6f}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x4]}, 0x8})
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), r4)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r4, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, r6, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x6, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x88810}, 0x4000000)
r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r7}, {r8, 0x4006}], 0x2, 0xffff)
fchmodat(r7, &(0x7f00000004c0)='./cgroup/cgroup.procs\x00', 0x2e0)

22:56:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)
socket$inet6_icmp(0xa, 0x2, 0x3a)

22:56:16 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x400, 0x63}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x64}}, 0x4)
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000d9f4655fd9f4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000440)="ed41000000080000d9f4655fd9f4655fd9f4655f000000000000040004000000000000000500000008000000000000000000000000000000000000000000000081", 0x41, 0x2100}, {0x0, 0x0, 0x4000000000002a00}], 0x0, &(0x7f0000012c00))
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0)

[  198.985376] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  199.016421] loop4: detected capacity change from 0 to 4138
[  199.039712] EXT4-fs error (device loop4): __ext4_iget:4940: inode #2: block 129: comm syz-executor.4: invalid block
[  199.042441] EXT4-fs (loop4): get root inode failed
[  199.042967] EXT4-fs (loop4): mount failed
[  199.061503] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  199.065678] loop4: detected capacity change from 0 to 4138
[  199.082035] EXT4-fs error (device loop4): __ext4_iget:4940: inode #2: block 129: comm syz-executor.4: invalid block
[  199.084538] EXT4-fs (loop4): get root inode failed
[  199.085068] EXT4-fs (loop4): mount failed
[  199.279449] UDC core: couldn't find an available UDC or it's busy: -19
[  199.281303] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  199.289428] loop1: detected capacity change from 0 to 264192
[  199.290487] ext4: Bad value for 'errors'
[  200.103517] Bluetooth: hci1: command 0x0406 tx timeout
[  200.104737] Bluetooth: hci2: command 0x0406 tx timeout
[  200.105861] Bluetooth: hci7: command 0x0406 tx timeout
[  200.106959] Bluetooth: hci6: command 0x0406 tx timeout
[  200.108085] Bluetooth: hci0: command 0x0406 tx timeout
[  200.109191] Bluetooth: hci5: command 0x0406 tx timeout
[  200.115528] Bluetooth: hci4: command 0x0406 tx timeout
[  200.116649] Bluetooth: hci3: command 0x0406 tx timeout
[  211.716947] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
22:56:29 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1e}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0xfffffffffffffd69, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)

22:56:29 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)

22:56:29 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x400, 0x63}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x64}}, 0x4)
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000d9f4655fd9f4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000440)="ed41000000080000d9f4655fd9f4655fd9f4655f000000000000040004000000000000000500000008000000000000000000000000000000000000000000000081", 0x41, 0x2100}, {0x0, 0x0, 0x4000000000002a00}], 0x0, &(0x7f0000012c00))
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0)

22:56:29 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:56:29 executing program 3:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = signalfd(r0, &(0x7f0000000000)={[0x7ff]}, 0x8)
r2 = fcntl$dupfd(r1, 0x406, r0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000380)={{0x1, 0x1, 0x18, r1}, './cgroup/cgroup.procs\x00'})
r4 = accept4(r2, &(0x7f0000000440)=@hci, &(0x7f00000003c0)=0x80, 0x800)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r4)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$int_out(r3, 0x0, &(0x7f0000000340))
lsetxattr$security_evm(&(0x7f0000002540)='./cgroup/cgroup.procs\x00', &(0x7f0000002580), 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x926, 0x1, 0x4, 0xa40, 0x9, 0x400, 0x100}, &(0x7f0000000200)={0x100000000, 0x40, 0x1e9, 0x80, 0x9, 0x19, 0x4, 0x30}, &(0x7f0000000240)={0x2121, 0x5, 0x2, 0x0, 0xfffffffffffffbff, 0x5, 0x450a, 0xb6f}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x4]}, 0x8})
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), r4)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r4, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, r6, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x6, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x88810}, 0x4000000)
r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r7}, {r8, 0x4006}], 0x2, 0xffff)
fchmodat(r7, &(0x7f00000004c0)='./cgroup/cgroup.procs\x00', 0x2e0)

22:56:29 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = signalfd(r0, &(0x7f0000000000)={[0x7ff]}, 0x8)
r2 = fcntl$dupfd(r1, 0x406, r0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000380)={{0x1, 0x1, 0x18, r1}, './cgroup/cgroup.procs\x00'})
r4 = accept4(r2, &(0x7f0000000440)=@hci, &(0x7f00000003c0)=0x80, 0x800)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r4)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$int_out(r3, 0x0, &(0x7f0000000340))
lsetxattr$security_evm(&(0x7f0000002540)='./cgroup/cgroup.procs\x00', &(0x7f0000002580), 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x926, 0x1, 0x4, 0xa40, 0x9, 0x400, 0x100}, &(0x7f0000000200)={0x100000000, 0x40, 0x1e9, 0x80, 0x9, 0x19, 0x4, 0x30}, &(0x7f0000000240)={0x2121, 0x5, 0x2, 0x0, 0xfffffffffffffbff, 0x5, 0x450a, 0xb6f}, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x4]}, 0x8})
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), r4)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r4, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, r6, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x6, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x88810}, 0x4000000)
r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r7}, {r8, 0x4006}], 0x2, 0xffff)
fchmodat(r7, &(0x7f00000004c0)='./cgroup/cgroup.procs\x00', 0x2e0)

22:56:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x18, r5, 0x1, 0x100000, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x18}}, 0x0)
sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x18, r5, 0x400, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_INITIATOR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000040}, 0x48044)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a00)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}]}, 0x28}}, 0x0)

[  211.740005] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  211.744173] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  211.755145] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
[  211.769839] loop4: detected capacity change from 0 to 4138
22:56:29 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000540)="1ad8f34fe06d", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

[  211.782134] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  211.782408] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:29 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1000000017000007002e3066696c653172dbe96e1ba426499bca1f07d3864eb022c803a33293192fe4c1735caf4438e0e509"], 0x10)
truncate(&(0x7f0000000080)='./file0\x00', 0x2)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, @in_args={0x1}}, './file1\x00'})
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0x6}}, './file1\x00'})
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendfile(r1, r1, 0x0, 0xffffffff000)

[  211.794096] netlink: 'syz-executor.7': attribute type 2 has an invalid length.
[  211.806331] EXT4-fs error (device loop4): __ext4_iget:4940: inode #2: block 129: comm syz-executor.4: invalid block
[  211.807809] EXT4-fs (loop4): get root inode failed
[  211.808440] EXT4-fs (loop4): mount failed
[  211.871053] loop1: detected capacity change from 0 to 256
[  211.892423] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  211.944624] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
22:56:41 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1000000017000007002e3066696c653172dbe96e1ba426499bca1f07d3864eb022c803a33293192fe4c1735caf4438e0e509"], 0x10)
truncate(&(0x7f0000000080)='./file0\x00', 0x2)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, @in_args={0x1}}, './file1\x00'})
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0x6}}, './file1\x00'})
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0)
sendfile(r1, r1, 0x0, 0xffffffff000)

22:56:41 executing program 4:
r0 = clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = getpid()
pidfd_open(r1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r2=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r2, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r3 = getpid()
r4 = pidfd_open(r3, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r5}, {r4, 0x1662}], 0x2, 0xffff)
clone3(&(0x7f0000000280)={0x90030400, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x38}, &(0x7f0000000140)=""/121, 0x79, &(0x7f00000001c0)=""/93, &(0x7f0000000240)=[r1, 0xffffffffffffffff, r0, r3], 0x4, {r5}}, 0x58)

22:56:41 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:41 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)

22:56:41 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:56:41 executing program 7:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/88, 0x58}], 0x1, 0x1000, 0x0)

22:56:41 executing program 2:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000140)=""/236, 0xec}], 0x1, &(0x7f0000000280)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}, 0x122)
sendmmsg$inet6(r1, &(0x7f0000002080)=[{{&(0x7f0000000340)={0xa, 0x4e22, 0xffffffff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x80000001}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000380)="e29c1087616407108cd5c7ee79216550d28f246fcf06d076a3c30e2d3869f7a60bf1d7cd296e51adb37e977b83fab9e01887417d3a41f41ad6979b244a40ae8443fcd0e5aeb9a12519ae2eb3a4634e5ba2e85f6daf14b0e5df522ac54cd196b1c15a5af4b278027a60df2f4ffaf29eaf5ff4852714fb02ec38cb163b8b72ef0581a139cb58453a1c181fb1f89687de0d6b272f8be3f7fcb736831cb52ac9fde59378e92f5c78462fea70e4ecbf5cf1b90ebb0698c9ef2a10e733a4ccf3ec4e91", 0xc0}, {&(0x7f0000000440)="46c1cd761174dd9eb9ef4f65c754133cc5677db47c930d18181e26f62f043877e6bf8285581e1d9e0a8524817a4885369fbb8a27c5de33f230f7f4cb661f5c448644a7eb2d6e18ba78fe2c9faaa37ee78f206bf0d7eb9cce1fe15cf5f8c095c2709f30aa37031510b96a07b88cf6259c4a03557003b6a9406752e4b4d012ed0a2c281f97c31b2115af56c6c09871324a98ae9907875702100a92e789c25ac1b506848566b5cfd9950db37ba7d583eb50cd3dd2a2d667876767421b04d7c0bf3ceb7540ba065f727f113cb248a2ab5bfd34f81646dce3201de67590fffe39a6b1fe156d9970bbb133848644ae2c44daa6740573709d7b51", 0xf7}, {&(0x7f0000000540)="a228dbf96080e7ac28b405aa7a1737bb4a9dc92d2dab23f131d2be0fbb", 0x1d}], 0x3}}, {{&(0x7f00000005c0)={0xa, 0x4e22, 0x0, @remote, 0x3d}, 0x1c, &(0x7f0000000840)=[{&(0x7f0000000600)="7a5bc0d678c481502d41b9b08ad1ab6d9229c25965cc01f4212c065c6c1bd323963d41dfba79baa1682f253ab97793a8d2b1b023d3a00edd24cef516303680cc4d59a33fc140d71de7c302f35e82c6bc11d778fda8bd91148881a1e215e20fdc6df9cd92a75d03ccf38287", 0x6b}, {&(0x7f0000000680)="b9acfdb5aa945d1ff0892bf7385b517f31850d54fc0a78de07cd77ab22b3c75bb97a3b8e7f5655fe02eb62fcfb1c5e013c762c6a5a919dfb96ca52eb378c9e7c40abed993b608a11d3c249c4eca2e798146113c55278c3e5767f551df56f869fcf58ec07eed07daaa13c84bc5288d07e8894e3ae15ecd0c0b6a2aaaa4f1e6a67f904", 0x82}, {&(0x7f0000000740)="ebdec0b3faa741c6dff448918ba556b3ed5d0295f292eae8982d272103e3c18baa475cb141ad1ffac86b9069745dbc3aa98d0998f5e070beea2e636295f00d4eb6bd5932a9f0cdf77a4df63cfa26", 0x4e}, {&(0x7f00000007c0)="31ebb82d041afdfa4ea81c404fd3b2c25c604a5d41693e4a7994218246389c56309aed890953e8c03e5968538358273bab61d502f8922c2a211c11da18ed8d95302c3ed1", 0x44}], 0x4}}, {{&(0x7f0000000880)={0xa, 0x4e24, 0xff, @mcast2, 0x1}, 0x1c, &(0x7f00000009c0)=[{&(0x7f00000008c0)="00966554d017cc0e09682d6596c42d75b2b2aaed901283a8bee914ef44f52193629b1c65aad38646649c9f98e67a7a225259f329fbfd", 0x36}, {&(0x7f0000000900)="d76c0c2b8fde5657e412e457889412470c69fed59eb4745e4fd2f355f24dfb79679cf11aaf07310cfba7288ba7400086a647a7f93ec76e9f90871b3741162d73d39c2677535e06fc88eecfe3d6faf429ec78159d12c2e424a44154", 0x5b}, {&(0x7f0000000980)="ec18da8753c7c3cb5e7120789563649b1080f5a497f6dd5f1424f9b4a5300acf3cebf513979c0faa2a87deb1789ffb19c81b2402b4ab08920222", 0x3a}], 0x3, &(0x7f0000000a00)=[@hopopts_2292={{0x20, 0x29, 0x36, {0x1, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x97}]}}}, @hopopts_2292={{0x20, 0x29, 0x36, {0x4, 0x0, '\x00', [@pad1]}}}], 0x40}}, {{0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000000a40)="71e13d2a59f74d3ff7a68035d723969a9f20b79348a93af391abeed671f9e1f018449a5f6356d4d2b57f9d6f17b5b8", 0x2f}, {&(0x7f0000000a80)="11a5ee8a7fb25325485de22ed7c69621adede284f3015a276ad51db0b9d51551a89aabe634545ad075e052a5f213848396682f2f516ff51a24de8c7feb77ba138a8b55109243dfbef1ec774a27999b085a6d4bb78b541510dc392db09ccc432c892e6524dbb19dc5738c365eca72b2815cc4b2fe92a5db47ebff8f9ba55312def07f15afa91f251b20d62a448f58128149eda9cabc", 0x95}, {&(0x7f0000000b40)="478f18a2fc630df8f75827baf18738205e9799c4855985996071e5b11f0cbb276f8074f9dfb83fa86d0ce07cf53ae70ef30b299819dcdeaeea6ab80c414cee6d0e7e9dd586c94cb13011dc1b54ae8a55e8ea73229d2abc2167f0309fdad5e11bb442be32383b596cc8f3869f0135a8b778309c42d7d43c52aefe3284bbabf1250b694ddb20ecb567d76579e1a47c99cbfc990d358a1d7bd220542ce1e6cbbaaea08cac60ae5b40e9195a96a4e10419e2aa3662353dd58ca9577fade9722d604568c472beafc43834eed4e76e09e4473f0bda2ca60c74394f57180dbb7bc0c4811cfb2048a5d7dcb056fb78", 0xeb}, {&(0x7f0000000c40)="77ce9dde4c8a150cef03f99f8747bba5c64da6c8162aca36a0b97b88b518694c9ed52389a54616d00033704bb72eb77a75080335928dee72d29b377233cad6c44e1067ecba6112b93f937030d73eee16b37d7258a639190f8076a4c7c9cd303b01949d184dd9c17cdce34e40bb07a2325f03f4e4033c3ec12d70cd6f8233c20c63f1d1c3f2120f4bb758fe8e2b67546638e6e996fc82e48b9920dd760f93bafab554c5e6a16e0b91cdf392315cc7219c231901d4bda3cf293e326668fe66d57876a98412868e51c7a0db487cb06a769783b752c2ec1a60b56b9e4e460a2c9bc652a8a24af34a8445e5e521d159db6f640bb114288be67c22c5e1ea02fe4110d59039626fa1135c295a7219852aca9552fc9bad2a5d3802d01f798f4fb0198b9a63b83a1e123ec3653efa26c73f406c7f5d7b0e503a421359fc8961d56f93df543fe9943a945d00a0f32e5fe971c66fb10c390ff6885fb424982f1285df805e1331d3549c9c36922b91ca634e9285e4ea274924b6bb4a3dce75d43c75fbac8edb53be9b8ea98995c35b8de1b221a23f7e34d37146bdd2ca4ef32565de0a21a13c752bf1132f165fc33a838a968351e0a868c4d263bc28375743fe046f4cb076acf20c0474f75acd8b4ba5229608d93cb6932beb4245bec9aa3468cece1bb2a01f4ffbe8ee04c3ef9d07199d81cbc5d88ceb5d12ef2613373aadbd4a9bb3fe580930074b215d1504f7f4e53617e3e40dcb8431c60fd04f6e9d1373ccaf290cceaf35a7d2105f9a0d8e7977f93c382347ebdfcb7caddcc102fc992dcf0e354925b4be68553af746b64ca953a16e91ea54a4d65ce5b5833934dc50492ad710cfa8e780a9185c819e6ca42891cf9acd9a262560d89b6bc6666d32e50c521966fbd282bf4ad2c9fcd11a3d01e51ff4a3b22704e457f42d1c97fb675f9200147cf7678e8e9bbf2ca7d08b0ae163553d1df83754bae784984c4926e039df4b5363b48ce13d05dc203d7da4143b913fbf76efe3d6b0e6f007b0351cfafc1815a5c9cae6a0a864eede555409810332f7fa367019d8053992e471e84f88bde590ac1585c08de1b044b45e31a5042d3feea663d59a7b2331dc08c42d3e42295a4e357eb85d847409434c9d21170e785cf07d19a0a452678869bf2bc050782dc8be0368d3e99994821670f76006e8e1bbfe28e9a5ad3065d391e02173687c2e9355a0b0a2c0e4de38cc86c8df638f4f6acf54a2a622a5822dd37594836e8c1db7e07fb4583589dd9af6aea98accab2d0bd3925ad37a30fdce9a0c0c102b16c663bb8e87830767ed7991888b1c37ef96be7c72dbeca973c79e92488b5cf42339f4e935be7b0b69280e8320cedf74b7aa9d2dddd9479eb32a61bc986b7a4b19e877073b6c05cb36944b75999146f97788ddca364709481a731aabacb020a3fda66910011bd7ad8f04f64cc2fbd0ac890c477b13fef52e2851b41300dc9589e90331af3b57d9828c8727a6d36292b989e74cf1560eba6ff0af5f4c880b66cc4b77472b0b30babff34e4f776e821a5d5891ca4a89c84060d4f7a7723d842e9bb3a52c57b12642aedd38b1f4eff6256a5d6164aa3985be6d4515a5479cd5377c77021b19f9617056584d553e3310a212e80417f418a2fb4415555a48d26fab8666d8fc1908db7f87399853099152c35cd46a68d24d79db28ddc4d32e14c2c0f98839c0968d4183d3291cdffa13e6f8001db5098eb6d0e4a16c41c47a4a873c1159c4fdb694d9acca5efefc2bb96985b84dfe086babed940aaf8d897991308dad580a89f2472eae97d6b63246527c3b2a8561fca62efa522c6777888f990b22b1e568589bdec88bd66b2e2ed4507e81aac47b42f1262b3aaf3273782f57087f8db5a1fcf1bb20f45a18559e3ea2dd14e8d07e6e41617c4992c52ce134e856d1a31a3e21765f0e89ce42843b5bd06f2a33c8f394d3ba87c1bdd10f15bab91c346794b7b09a29f2e242e14e59f1e5beed45f5d3f299339a05c3bde0b71469f3611a3fb0c21b5cec8b95d8976bca3f3376936821d72403ae89b0ed0c2a342a05bb3f8b68c00883ef3ac006169059f7f3255048f20815383363295657f0558f9754851ed59589420e056d7e07377224d453e73e65978f116754dcc72c980938c9959c7fb0ba96f32ef4fbf8281e1105ae687d441787fbcd33d7215f75487ad2ae705f647a4a3164a906bb5576faa95e7880d95c8295367526673f01cceac63fcbc99a933b827d5d2bf670447de812c19d02f616926c3338c4690fcd32004aeec280128e398e6f5c3929d997bb78a330b9025bb062b93575553db120f6973c3866f81336faa2cf2a94094d45f9b6e81d4cd5be4fe0a806a8e362d2f1419be1fd4c8b38bd3cfefec9ed59f9110d5725978450b9ac0afb4ce49d4d5f8c8009a94f6ece29399578894a455c67e99f01192a4f6f18a1ef13fa8d415c7fd6ab5e2d2f2f709d52640c0176a98abc77ab95236531aa3c8936c9ae2b3e531bc2d94f0ae1cf5ab9c03b7ea06b91ee8d751b362a5cfb266a07e8830710cf57d2bfcb5733d3c5a7f0b605ad143c5106013e3f6f5c60caaf8e146e080001484a72fd19f045309a8ada9d5939290f21f0c53dfef7a330c58417999ba72d6bf235a5fecdf779434e4b5a019f85b362e65c3fc5007852c62aed06738bdfbd6aaf669050204b12af526ae8c309fe98fd002ba8df4ecae8bab910bc8e79ebc8fa65433bc1be280df19cd98b604cd163279d3d7a278f7f3dbe12345bb62b7d5f7b13801f25f241407c69276bf7ce815b5b6d6b8fe4c8dbd91879a2971dcd6833100c032e76fe59bb365fb604d051893cec70843dce309d43eb1c74657045fd3f9b7c6c479c2ec0ff17c64ceaed4c51259ab7d32cb22ea48f3e5763c3db975f824ef442dc9a9f4f6030173bb1d2c7f006f64a8f5de950244e26f915f0e3be1ae648a07a5d582e95fff4b54fce63aaf74b0f07b6c979358c141a8381c93f35e94a9164fdb8f2d6072f6dc66204c853329a5c60ed2dce1cdefc28abcb9071889a52e73a08bcb50d7a4b01378a5180bdbc4466706bbb064bc9a98a2f2cc66a593f73be653f2d74ca150ab48454a3f811f749f4f1d687b9a9d0e9abf393ef1ecd80092890ac0aad27da6eff3f24c394459bda99a4ec17db9e9671f97ec4d8ceb104f6b0981e8c857c05133f108cd991bf9d93c7195949272ce776070c1e06e47858321f4f42757f69119a8f765531a26f44c72cf5757e54f35358836880f8f4e89835c3e7175facbcd7f3fd0c819d585421aac8aa5c2b7b9bb87aafa030dda1e5c17e4852ca6609477d547d97966854efc09190d25cf209ee52fa319ef1d9042c582389622278a2c9406ee4753d4204bed554dc80f172d32801632b943069ec4b5b426ab333adf8254fb2c1cf9c82951f9dd7a3ee3b47fc246adb15b1c59fbf89bebe8cb1e268d5f790f9431509ca20a4834f94af2a7c2b6c6e46d0389bed3fa03f623b2997d455b0231438f74d948ea380e2f085d0720a257aa099ec45974e74030589ff353d3726b045c4646788e1cc4902f6dc41feda5064bfcd50cd1b527d8897f80b551b07503ad812e0977e52b5dc7fcf5dca6a05ffa6d0adc4d10c5d20cfbfdbac149b709633d0c2abd378c77543f4a22e77fb288796ef6c9fa49f6ac18731b6ccd9d32ad556efd966a4002e2b22aeefcc909896a78b6970f2fd07ae522e5c0efd1af920c9ed69c17d89df255552f3da5c8ed4a746587ec6483818d9634023491e5c8c122388317a67450231dd52518df9111cfd1d7376abd7c07f40af06e5781e4b947591245e91657f2949b7d4cdc5437b5c9e620caa7dc5de48ff09ef14b391671c53329bdb0c333c6441713b9bc3295765f134ac4bbf0487bf1c29f6681df941858085707cd8243ec6550bb86975f5bb3c8800cf3b74f02bd2e1213f08673609b6c8f05b184421f4c62d4ac67c88cf930ec4d83ae6cca5d0b54cd2bf04107c687792df6da510d1876652f8fa6864c8c4ef3906082d4f8783a229cb6bf48cc1bafc782d9bd600f978355e07544f4b10150100124b5dfbf76d8879875d42fe31420f01a8421bdfc5249f76f31a5b52837b6fed742270d141767dc8be8a15dbf2bc3a917e3a568b48e5906dfb0e09cea64ad827cb9d38d1ab44e7e8f35c9ba457601b647b71f10e4240156f014196b8d5115483c88c55fd823e8455a2da5e30e7bc1d26ded0f01fbb07e206d55ecb94a5043a455495c76f3c9d29b09cb3a54ff6d6508a41e66d1b5c861ddfba009a5658403eaaea61862e9ec3fe4f13c9451b585e913318fa13507dbb4b766471d3b791b3342236362b51e00e33666cac02a620a3e8bee7ec72dd1a3a5f59cdb5b08ae0ee739c0d8007925569d6da55fd84689905fb16ea4ccc91b60f656e73cd62d0cdbf954cdced6826cd15cbb2e79f4d5aa02b1d523aeb5e3e9276bf3e56062d9fc89c480ea879efdfb1d281bf45b2f608661eec052144e41ca5ba3df30cb22d4452eee4c2276ea6f62fe74f51f42cc5d5a87975ad7eba769f75ac73120ba24b6835eff7c2efe4e2e40b49ee679d5d4f93d3ce311e70314dd3866264d9a796b4bbbfbc63647e5c963957d3e14647f8a8eaf131165dcd85102eb53fce0602ee419f6112d46dfeb79245dbdbc7cde5a078b8a1edb5cfce48f2ecadc70db524e18e8896b5fcf33fc378d82ec6ba55657925651eae0666be12435f8e4450a4a1086f2bfe85941c6a33ac7665d957884f35d2a9cc666ef90d89582bd01cbee193bf737a23d68dfce525c0bdbd88f187ad7c3499d9838786a8f531891a9442157964281cedaff0f58c20b7040f48c292fe5b17aa083f2e277c4d89c066182479baae17becc5658f30e4e936ba047e3095f003feefe4f66125dfd6fa06e644657a64378d5eba97987f9dbb56e0cfe26fa704da07cab44f19f040ac4a708aabfe182f9afd30f42bba640e1038f49042a2264bc71a777f94de29ed4e7de1ee841dc5451c74e34c959e1fa0657bb739c27c2629e9398007c764fdfefc5d485f04ac80e7b584ec9f6707d5c2446752b321caf8f83117644b4dbdac330e233e011cd90b3310dca6959f35afb85817ffcb7f4ed58475865014e0fd502d84e08fd82b81189e98b2be90a10595a94b7f6eecf6bd2aad8dacbd8b409a6f6f9753e7808fe56f88133c64c0da6bebdd44611984dfaaec27b0a48c0d56dd8e2fefed13e6ea19047aee5f7997bdc3ba783e0df2a3df379773f16b1c4c86c423fdbe0497b05b657d6c1d00dae949c42ffc6243db53a172df7f39d190108fcb472571a47e5cc3d7c019eed6819f3539919f3ea767a8a6a0594780116f1fb48dceb25fda84986f736d49200c4955cbc755045ca16c66e3a35091a266fc8aa76d79b71a5cc68e6af3264ad06c888f73e6634c1d4d01d7458e8265e0f2b1cfb14e1afa9f7ccd78f0bc446443ed032a71859375a693a07c25715885c1bfefc7fb7c1e00cb437bfcabdf7dc99e6b978d6bc0d8d951e29e4c44f9eb101a22d189fdadfa24d8065bdfc8490b339617180d4a849696ed1a404335e64cf1de65274537464d00033d556e9f29cb732a608cd54f2d80b8f7563ab95f6f1c51a58b15e0874e9c500afb1fbe81e8639eab9398751c45267ff989dd26c8d64d40b5baa91361b443830503ed1f84f91911f108ac8f1fe88d5295c2990a85e3bd71849f5a7471bd0e7a2b4518e9e0424b3ab37ce6d4aef572b7e919df02d8f56361381ff13fb6e1a73c0e5397b0cc5e07982ef111942316f", 0x1000}, {&(0x7f0000001c40)="b1cb8ee12080042ab10d7a974371f869dd7bdd56dae2d5311e6ed8a255c3b23840d102b17081b7ebb6ca808ab72e1e398823489eac6650aa50c85661b2c737c828d4e78c1f966f32e635ef269bfd5369a41a2f8c5e1909506c23891d3604e8c2ab98daab1413c5afa5255caf6b7a4ca2b2b5d1c31296dce850ac68ae70ea52802f8c4bd64ae30f98a857dd2af5b1599772e563a77fdb514541bc6f61cf7d7df69d8067bac95e13b691ee91f8bb4bdd3e11a6d0c285e507d1a7b837f4d8187f42e98ccba6120c9c67d06036c9e187d4fb9b973138a6eabc10e2718483c254c881", 0xe0}, {&(0x7f0000001d40)="187c63c95dfb96da8c2e320cc80ca3a684661807202f94af3d6de097fd9b749339bcd4179bf11a15f6a4c7cd98c57d090be3be6d6d43a56114b0375b6fe368e5e3eb53e3ec231ab7b58d7bc15b82c7c8388603817c801286f6dbfcf935fff65d7da8c68cbf72fa3e2dfc236d04300f8319f1cd9d37bade74555a5dd22387187218b3", 0x82}], 0x6, &(0x7f0000001e80)=[@rthdrdstopts={{0x58, 0x29, 0x37, {0x16, 0x7, '\x00', [@calipso={0x7, 0x20, {0x2, 0x6, 0x3, 0xfff, [0x6, 0x9, 0x1a8]}}, @enc_lim, @ra={0x5, 0x2, 0x7fff}, @ra={0x5, 0x2, 0xffff}, @hao={0xc9, 0x10, @private2}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x3a, 0x2, 0x2, 0x80, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}]}}}, @hoplimit={{0x14}}, @hopopts_2292={{0x140, 0x29, 0x36, {0x5e, 0x24, '\x00', [@generic={0x6, 0x25, "520fd470fc37a6318e23fdc0426e6eeae66d48c303797cc7ad0851661c03e44d5b2df42eca"}, @padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @generic={0x3, 0xb2, "66aff3769e31d5ce93c424cbdce5a264e3189eccce24f7286ddc45e3fb0762148bc031fc52ebadfd826c0996978ab2596d090ee00c0c5f4baf571f6f9a84818f7b81a1699be133b10cbc3df72ab69ed9b52caee04c031fd0bff0a49af5f84f453475b7c752c7af9f646f4dfa89ed46a4450a8d2e7f193c869cec141fa944086063d7f5e404006ba9f113b94d9c1902a33b3115f2c644c75e268769d92216b0feffa5afe80bf3739dacc3931b62d1eaa1e8ff"}, @calipso={0x7, 0x38, {0x2, 0xc, 0x5, 0x7ff, [0x4, 0x1, 0x3ff, 0x20, 0x6, 0x10001]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x80}]}}}], 0x1d8}}], 0x4, 0x8000)
sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00\x00\x00\x00', 0x4}], 0x1}}], 0x1, 0x0)

22:56:41 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000540)="1ad8f34fe06d", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

[  223.929886] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  223.944679] loop1: detected capacity change from 0 to 256
22:56:41 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:41 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  223.980592] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
22:56:42 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  224.125335] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
22:56:55 executing program 4:
r0 = clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = getpid()
pidfd_open(r1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r2=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r2, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r3 = getpid()
r4 = pidfd_open(r3, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r5}, {r4, 0x1662}], 0x2, 0xffff)
clone3(&(0x7f0000000280)={0x90030400, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x38}, &(0x7f0000000140)=""/121, 0x79, &(0x7f00000001c0)=""/93, &(0x7f0000000240)=[r1, 0xffffffffffffffff, r0, r3], 0x4, {r5}}, 0x58)

22:56:55 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:55 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:55 executing program 3:
r0 = timerfd_create(0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/rcu_normal', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x1000000000000003)

22:56:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)
ioctl$LOOP_SET_FD(r8, 0x4c00, r7)

22:56:55 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r0, 0x5606, 0x7)
r1 = syz_open_pts(r0, 0x0)
dup2(r1, r0)

22:56:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:56:55 executing program 2:
ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000000)={0x5, 0x7})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x26, &(0x7f0000000040)=0x400, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = fork()
r2 = syz_open_procfs(r1, &(0x7f0000000280)='net/anycast6\x00')
r3 = fork()
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x84, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {}, [{@nsim={{0xffffffffffffff95}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000400))
setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000180)=0x63, 0x2)
ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000100)={0x1df, 0xb, &(0x7f0000000640)})
sendmsg$NL80211_CMD_GET_MPATH(r2, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6400ee578e7255ff0dba2f7a8c10a1764f44983e52d953ccad4fa079e41f2c37725cca95b3e849fbc93834754444fb752a285dae15dbf07927ea54148850a6409653af2156a1cd5abdbb8a179786206057497aede00298", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf251500000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900ff0000002c0000000a001a0008021100000000000a001a0008021100000000000a001a00ffffffffffff00000a00060008021100000000000a001a00ffffffffffff0000"], 0x64}, 0x1, 0x0, 0x0, 0x4801}, 0x4000)

[  237.089799] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
22:56:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:56:55 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:55 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:56:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r4 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r3}, {r4, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
recvmmsg$unix(r2, &(0x7f0000005c40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000180)=""/145, 0x91}, {&(0x7f0000000240)=""/165, 0xa5}], 0x4, &(0x7f0000000340)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x130}}, {{&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000000540)=""/146, 0x92}, {&(0x7f0000000700)=""/191, 0xbf}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000840)=""/77, 0x4d}, {&(0x7f00000008c0)=""/118, 0x76}, {&(0x7f0000000940)=""/25, 0x19}, {&(0x7f0000001a00)=""/123, 0x7b}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f0000001a80)=""/207, 0xcf}], 0xa, &(0x7f0000001c40)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d40)=@abs, 0x6e, &(0x7f0000003380)=[{&(0x7f0000001dc0)=""/37, 0x25}, {&(0x7f0000001e00)=""/96, 0x60}, {&(0x7f0000001e80)=""/169, 0xa9}, {&(0x7f0000005dc0)=""/212, 0xd4}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/247, 0xf7}, {&(0x7f0000003140)=""/227, 0xe3}, {&(0x7f0000003240)=""/250, 0xfa}, {&(0x7f0000003340)=""/47, 0x2f}], 0x9, &(0x7f0000003440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003580)=[{&(0x7f0000003500)=""/82, 0x52}], 0x1, &(0x7f00000035c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000003680), 0x6e, &(0x7f0000005b00)=[{&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/103, 0x67}, {&(0x7f0000004780)=""/32, 0x20}, {&(0x7f00000047c0)=""/155, 0x9b}, {&(0x7f0000004880)=""/174, 0xae}, {&(0x7f0000004940)=""/137, 0x89}, {&(0x7f0000004a00)=""/17, 0x11}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/14, 0xe}, {&(0x7f0000005a80)=""/104, 0x68}], 0xa, &(0x7f0000005bc0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}}], 0x5, 0x10040, 0x0)

22:56:55 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00')
pread64(r0, &(0x7f0000000000)=""/207, 0xcf, 0xf45e)

22:56:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$TUNSETTXFILTER(r5, 0x400454dc, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r7, @ANYRESHEX=r7, @ANYRESDEC=r4, @ANYRES32=r3])

22:56:55 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:56:55 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  237.319468] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  237.323578] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  237.343973] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
22:57:08 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)

22:57:08 executing program 4:
r0 = clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = getpid()
pidfd_open(r1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r2=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r2, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r3 = getpid()
r4 = pidfd_open(r3, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r5}, {r4, 0x1662}], 0x2, 0xffff)
clone3(&(0x7f0000000280)={0x90030400, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x38}, &(0x7f0000000140)=""/121, 0x79, &(0x7f00000001c0)=""/93, &(0x7f0000000240)=[r1, 0xffffffffffffffff, r0, r3], 0x4, {r5}}, 0x58)

22:57:08 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:08 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:08 executing program 0:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:08 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x18)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x40000c0)
pwrite64(r2, &(0x7f00000006c0)='y', 0x1, 0x482da)
truncate(&(0x7f0000000340)='./file1\x00', 0x3)

22:57:08 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:09 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$TUNSETTXFILTER(r5, 0x400454dc, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r7, @ANYRESHEX=r7, @ANYRESDEC=r4, @ANYRES32=r3])

[  251.041952] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  251.060221] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
22:57:09 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:09 executing program 0:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:09 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:09 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x31e}}, './file0\x00'})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:09 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$TUNSETTXFILTER(r5, 0x400454dc, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r7, @ANYRESHEX=r7, @ANYRESDEC=r4, @ANYRES32=r3])

22:57:09 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x18)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x40000c0)
pwrite64(r2, &(0x7f00000006c0)='y', 0x1, 0x482da)
truncate(&(0x7f0000000340)='./file1\x00', 0x3)

22:57:09 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)

[  251.248941] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
22:57:09 executing program 0:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:23 executing program 4:
r0 = clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = getpid()
pidfd_open(r1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r2=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r2, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r3 = getpid()
r4 = pidfd_open(r3, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r5}, {r4, 0x1662}], 0x2, 0xffff)
clone3(&(0x7f0000000280)={0x90030400, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x38}, &(0x7f0000000140)=""/121, 0x79, &(0x7f00000001c0)=""/93, &(0x7f0000000240)=[r1, 0xffffffffffffffff, r0, r3], 0x4, {r5}}, 0x58)

22:57:23 executing program 6:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:23 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:23 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$TUNSETTXFILTER(r5, 0x400454dc, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r7, @ANYRESHEX=r7, @ANYRESDEC=r4, @ANYRES32=r3])

22:57:23 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:23 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:23 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

22:57:23 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x18)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x40000c0)
pwrite64(r2, &(0x7f00000006c0)='y', 0x1, 0x482da)
truncate(&(0x7f0000000340)='./file1\x00', 0x3)

[  265.201255] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
22:57:23 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
setsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000005d80)=0x20, 0x4)

22:57:23 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:23 executing program 6:
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:23 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:23 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:23 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)

22:57:23 executing program 3:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x31e}}, './file0\x00'})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:23 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  265.415042] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
22:57:37 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:37 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:37 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)

22:57:37 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
r3 = pidfd_open(r2, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r4}, {r3, 0x1662}], 0x2, 0xffff)

22:57:37 executing program 3:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)

22:57:37 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010100}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x40080c0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)

22:57:37 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x31e}}, './file0\x00'})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xaf, 0x1d}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x200480c4}, 0x8041)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:37 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:37 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:37 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)

22:57:37 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x18)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x40000c0)
pwrite64(r2, &(0x7f00000006c0)='y', 0x1, 0x482da)
truncate(&(0x7f0000000340)='./file1\x00', 0x3)

22:57:37 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:57:52 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)

22:57:52 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x31e}}, './file0\x00'})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:52 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)

22:57:52 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:52 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
eventfd2(0x7, 0x1)

22:57:52 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:52 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)

22:57:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:52 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

22:57:52 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:57:52 executing program 2:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:52 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)

22:57:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:57:52 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
r3 = pidfd_open(r2, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r4}, {r3, 0x1662}], 0x2, 0xffff)

22:57:52 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

22:57:52 executing program 7:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 2:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:06 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0xc000, 0x6)

22:58:06 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
r3 = pidfd_open(r2, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r4}, {r3, 0x1662}], 0x2, 0xffff)

22:58:06 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)

22:58:06 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:06 executing program 7:
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)

22:58:06 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
getpid()

22:58:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:06 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:58:06 executing program 2:
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:06 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:06 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
write$selinux_attr(r4, &(0x7f00000000c0)='system_u:object_r:restorecond_exec_t:s0\x00', 0xffffffffffffff2a)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:21 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:21 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:21 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
r3 = pidfd_open(r2, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r4}, {r3, 0x1662}], 0x2, 0xffff)

22:58:21 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:21 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:21 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:21 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

22:58:21 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)

22:58:21 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)

22:58:21 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:21 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:21 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

22:58:21 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:21 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:21 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:21 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:36 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)

22:58:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:36 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:36 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

22:58:36 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)

22:58:36 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

22:58:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:36 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

22:58:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

22:58:36 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getpid()

22:58:36 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:58:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:36 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:58:36 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

22:58:36 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:36 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:54 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
r2 = getpid()
pidfd_open(r2, 0x0)

22:58:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:58:54 executing program 4:
clone3(0x0, 0x0)

22:58:54 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r2}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:58:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

22:58:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:58:54 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:58:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:58:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:54 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)
getpid()

22:58:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:54 executing program 4:
clone3(0x0, 0x0)

22:58:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:58:54 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:59:07 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x4, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:07 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r2}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:07 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:59:07 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

22:59:07 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)

22:59:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:59:07 executing program 4:
clone3(0x0, 0x0)

22:59:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:59:07 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:59:07 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)

22:59:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

22:59:07 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:59:07 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:59:07 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:22 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:22 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r2}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:22 executing program 0:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:59:22 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:59:22 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:22 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:59:22 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:22 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)

22:59:22 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:22 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getpid()

22:59:36 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  398.289715] Zero length message leads to an empty skb
22:59:36 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:36 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, 0x0, 0xd0)

22:59:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:36 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:59:36 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

22:59:36 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

22:59:36 executing program 5:
syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

22:59:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:36 executing program 3:
clone3(0x0, 0x0)

22:59:36 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:36 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:36 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:36 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:36 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:49 executing program 3:
clone3(0x0, 0x0)

22:59:49 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:49 executing program 0:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:49 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

22:59:49 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:49 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:49 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:49 executing program 5:
syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

22:59:49 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

22:59:49 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

22:59:49 executing program 3:
clone3(0x0, 0x0)

22:59:49 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:00:02 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:02 executing program 3:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:02 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

23:00:02 executing program 0:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x8, 0x1, '.-^\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x31e}}, './file0\x00'})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r1)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)

23:00:02 executing program 5:
syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x1269, r0)

23:00:02 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)

23:00:02 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:02 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 3:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

23:00:02 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

23:00:02 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x18)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r0}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x40000c0)
pwrite64(r2, &(0x7f00000006c0)='y', 0x1, 0x482da)
truncate(&(0x7f0000000340)='./file1\x00', 0x3)

23:00:02 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:02 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:02 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)
process_madvise(r1, &(0x7f0000001f00)=[{&(0x7f0000001d00)="20385d4fdb2d26420dbc20c6ddeb5bb7030272d0676cbf1e2a7baed96b6c56cc2f903ba48290e00580fef7a1e421d4dff332b61f3379b1fe1d3c68a1fff170732a5da6cb9ba8f4e72c7268916374df", 0x4f}, {&(0x7f0000001d80)="7ffe32e70cc40fa654662d31fee56f5c3df8b6612c2d12db7d5b5cfd644e9ff202a045c0207a2f07502d6c99d41c329483542d6b93bb", 0x36}, {&(0x7f0000001dc0)="ef28da06a69cc52f48d29758d10538d81fda494a903cb73610179b049e4b9a641760bc765016c81c63987e1672cbcd61e03354a174cb56d030c3f5a06c529a8ddec286895efdec3645fe38d681108a44c317ddab7131fa1a1bf7fd6ee7c170372042bb320a028d2c9ed197f03968a9c4bdea8c216d37b0aced94f6efd9773e3415f50945337680f9d7a1cc44126abfa7b2c90fc92ab13ceb72998656b7db897214ad84616af22a50c8684c2e850f1336155f642ea2babae7e4c590601fd95fc06bc0686a0bddb5689e354f201f1bded25b8ee5e35761abb79f998a", 0xdb}, {&(0x7f0000001ec0)="4fbddebe64f8e438f6a7be4280fa340cc596addc01acc8c97e8a23b311f05171e7ea3e7b1479749ad1f2cbf378e161cb2ef1d4c8694803492110110d", 0x3c}], 0x4, 0x15, 0x0)

23:00:14 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1)

23:00:14 executing program 3:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:14 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:14 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

23:00:14 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

23:00:14 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:14 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001bc0), 0x6e, &(0x7f0000001b00)=[{&(0x7f0000000540)=""/108, 0x6c}, {&(0x7f00000005c0)=""/221, 0xdd}, {&(0x7f00000006c0)}, {&(0x7f0000000700)=""/149, 0x95}, {&(0x7f00000007c0)=""/157, 0x9d}, {&(0x7f0000000880)=""/113, 0x71}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)}, {&(0x7f0000001940)=""/237, 0xed}, {&(0x7f0000001a40)=""/180, 0xb4}], 0xa, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c00000000000000010000000200000051e392e6f5da82014b597857ef77a74f308157898b343bcb28a2582333f16d02c8286ad3fd570ce0847c9d5bf4781151e795b6280dab27d768954a394ed30892318f08fb9182f989156f4fde5ad5624a36aa9f598f2bec10d0b8a7312f2a87873344b0c18233b54f8d7b40e32434908d5a8c3af5c8e40c39b24b475e2f81", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}, 0x42)

23:00:14 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 1)

23:00:14 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = getpid()
pidfd_open(r0, 0x0)

[  436.833687] FAULT_INJECTION: forcing a failure.
[  436.833687] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  436.836436] CPU: 0 PID: 5168 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  436.836466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  436.836482] Call Trace:
[  436.836490]  <TASK>
[  436.836499]  dump_stack_lvl+0x8b/0xb3
[  436.836547]  should_fail.cold+0x5/0xa
[  436.836590]  _copy_from_user+0x2e/0x170
[  436.836625]  copy_clone_args_from_user+0x147/0x780
[  436.836667]  ? lock_is_held_type+0xd7/0x130
[  436.836695]  ? user_worker_start+0x190/0x190
[  436.836732]  ? lock_release+0x3b2/0x6f0
[  436.836760]  ? ksys_write+0x212/0x250
[  436.836793]  ? lock_downgrade+0x6d0/0x6d0
[  436.836826]  ? lock_is_held_type+0xd7/0x130
[  436.836861]  __do_sys_clone3+0x93/0x2d0
[  436.836896]  ? __ia32_sys_clone+0x150/0x150
[  436.836938]  ? wait_for_completion_io+0x270/0x270
[  436.836983]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  436.837015]  ? vfs_write+0x188/0xae0
[  436.837048]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  436.848901] FAULT_INJECTION: forcing a failure.
[  436.848901] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  436.849450]  ? fput+0x2a/0x50
[  436.857504]  ? syscall_enter_from_user_mode+0x1d/0x50
[  436.858554]  do_syscall_64+0x3b/0x90
[  436.859325]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  436.860358] RIP: 0033:0x7f3d8a0d9b19
[  436.861099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  436.864772] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  436.866287] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  436.867719] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  436.869130] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  436.870530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.871939] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  436.873377]  </TASK>
[  436.873839] CPU: 1 PID: 5171 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  436.874714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  436.875906] Call Trace:
[  436.876181]  <TASK>
[  436.876429]  dump_stack_lvl+0x8b/0xb3
[  436.876839]  should_fail.cold+0x5/0xa
[  436.877251]  _copy_from_user+0x2e/0x170
[  436.877665]  move_addr_to_kernel.part.0+0x31/0x110
[  436.878177]  __sys_connect+0xda/0x190
[  436.878571]  ? __sys_connect_file+0x1a0/0x1a0
[  436.879045]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  436.879649]  ? vfs_write+0x188/0xae0
[  436.880052]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  436.880634]  ? fput+0x2a/0x50
[  436.880978]  __x64_sys_connect+0x6f/0xb0
[  436.881400]  ? syscall_enter_from_user_mode+0x1d/0x50
[  436.881952]  do_syscall_64+0x3b/0x90
[  436.882353]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  436.882893] RIP: 0033:0x7fbdcac79b19
23:00:14 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  436.883288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  436.885584] RSP: 002b:00007fbdc81ef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  436.886374] RAX: ffffffffffffffda RBX: 00007fbdcad8cf60 RCX: 00007fbdcac79b19
[  436.887113] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  436.887893] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  436.888640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.889581] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  436.890329]  </TASK>
23:00:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:14 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:28 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2)

23:00:28 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 2)

23:00:28 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getpid()

23:00:28 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)

23:00:28 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:28 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1)

23:00:28 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  450.230624] FAULT_INJECTION: forcing a failure.
[  450.230624] name failslab, interval 1, probability 0, space 0, times 1
[  450.232567] FAULT_INJECTION: forcing a failure.
[  450.232567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.233092] CPU: 0 PID: 5191 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  450.237058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.239332] Call Trace:
[  450.239845]  <TASK>
[  450.240285]  dump_stack_lvl+0x8b/0xb3
[  450.241048]  should_fail.cold+0x5/0xa
[  450.241806]  ? copy_process+0x2fb7/0x6d40
[  450.242620]  should_failslab+0x5/0x10
[  450.243346]  kmem_cache_alloc_node+0x55/0x490
[  450.244262]  copy_process+0x2fb7/0x6d40
[  450.245047]  ? lock_is_held_type+0xd7/0x130
[  450.245899]  ? find_held_lock+0x2c/0x110
[  450.246702]  ? lock_release+0x3b2/0x6f0
[  450.247495]  ? __might_fault+0xd1/0x170
[  450.248292]  ? __cleanup_sighand+0xb0/0xb0
[  450.249126]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  450.250198]  ? _copy_from_user+0x139/0x170
[  450.251029]  ? kernel_clone+0x2f8/0xa60
[  450.251825]  kernel_clone+0xe7/0xa60
[  450.252561]  ? lock_is_held_type+0xd7/0x130
[  450.253404]  ? copy_init_mm+0x20/0x20
[  450.254171]  ? lock_is_held_type+0xd7/0x130
[  450.255010]  __do_sys_clone3+0x1c9/0x2d0
[  450.255824]  ? __ia32_sys_clone+0x150/0x150
[  450.256693]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  450.257765]  ? vfs_write+0x188/0xae0
[  450.258500]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  450.259586]  ? fput+0x2a/0x50
[  450.260218]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.261231]  do_syscall_64+0x3b/0x90
[  450.261970]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.262973] RIP: 0033:0x7f3d8a0d9b19
[  450.263707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.267274] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  450.268774] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  450.270164] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  450.271549] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  450.272930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.274327] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  450.275767]  </TASK>
[  450.276226] CPU: 1 PID: 5198 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  450.277849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.280086] Call Trace:
[  450.280594]  <TASK>
[  450.281033]  dump_stack_lvl+0x8b/0xb3
[  450.281807]  should_fail.cold+0x5/0xa
[  450.282569]  _copy_from_user+0x2e/0x170
[  450.283373]  copy_clone_args_from_user+0x147/0x780
[  450.284366]  ? lock_is_held_type+0xd7/0x130
[  450.285222]  ? user_worker_start+0x190/0x190
[  450.286101]  ? lock_release+0x3b2/0x6f0
[  450.286888]  ? ksys_write+0x212/0x250
[  450.287661]  ? lock_downgrade+0x6d0/0x6d0
[  450.288488]  ? lock_is_held_type+0xd7/0x130
[  450.289343]  __do_sys_clone3+0x93/0x2d0
[  450.290137]  ? __ia32_sys_clone+0x150/0x150
[  450.290996]  ? wait_for_completion_io+0x270/0x270
[  450.291991]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  450.293078]  ? vfs_write+0x188/0xae0
[  450.293818]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  450.294901]  ? fput+0x2a/0x50
[  450.295545]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.296577]  do_syscall_64+0x3b/0x90
[  450.297325]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.298346] RIP: 0033:0x7f37c9f3ab19
[  450.299078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.302632] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  450.304096] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  450.305460] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  450.306825] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  450.306841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.306855] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  450.306895]  </TASK>
[  450.316550] FAULT_INJECTION: forcing a failure.
[  450.316550] name failslab, interval 1, probability 0, space 0, times 0
[  450.319147] CPU: 1 PID: 5197 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  450.320789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.323048] Call Trace:
[  450.323586]  <TASK>
[  450.324030]  dump_stack_lvl+0x8b/0xb3
[  450.324818]  should_fail.cold+0x5/0xa
[  450.325574]  ? lockdep_hardirqs_on+0x79/0x100
[  450.326477]  ? dst_alloc+0x9e/0x610
[  450.327224]  should_failslab+0x5/0x10
[  450.328041]  kmem_cache_alloc+0x5b/0x480
[  450.328858]  dst_alloc+0x9e/0x610
[  450.329566]  rt_dst_alloc+0x73/0x430
[  450.330319]  ip_route_output_key_hash_rcu+0x93d/0x2a20
[  450.331409]  ip_route_output_key_hash+0x18b/0x300
[  450.332380]  ? ip_route_output_key_hash_rcu+0x2a20/0x2a20
[  450.333491]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  450.334545]  __ip4_datagram_connect+0x77b/0x1340
[  450.335546]  __ip6_datagram_connect+0xa0d/0x1230
[  450.336502]  ? lock_release+0x3b2/0x6f0
[  450.337293]  ? ip6_datagram_connect+0x1d/0x40
[  450.338203]  ? ip6_datagram_release_cb+0x550/0x550
[  450.339185]  ? mark_held_locks+0x9e/0xe0
[  450.340010]  ? __local_bh_enable_ip+0xa0/0x120
[  450.340930]  ? ip6_datagram_connect+0x2b/0x40
[  450.341827]  ip6_datagram_connect+0x2b/0x40
[  450.342701]  inet_dgram_connect+0x137/0x220
[  450.343575]  ? inet_autobind+0x190/0x190
[  450.344392]  __sys_connect_file+0x157/0x1a0
[  450.345261]  __sys_connect+0x161/0x190
[  450.346033]  ? __sys_connect_file+0x1a0/0x1a0
[  450.346926]  ? vfs_write+0x188/0xae0
[  450.347693]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  450.348776]  ? fput+0x2a/0x50
[  450.349420]  __x64_sys_connect+0x6f/0xb0
[  450.350251]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.351264]  do_syscall_64+0x3b/0x90
[  450.352022]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.353035] RIP: 0033:0x7fbdcac79b19
[  450.353758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.357367] RSP: 002b:00007fbdc81ef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  450.358865] RAX: ffffffffffffffda RBX: 00007fbdcad8cf60 RCX: 00007fbdcac79b19
[  450.360270] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  450.361665] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  450.363055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.364464] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  450.365881]  </TASK>
23:00:28 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:28 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:28 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1) (fail_nth: 1)

23:00:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x0, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:28 executing program 1:
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:28 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  450.465518] FAULT_INJECTION: forcing a failure.
[  450.465518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.469310] CPU: 0 PID: 5214 Comm: syz-executor.5 Not tainted 5.16.0-rc5-next-20211217 #1
23:00:28 executing program 4:
clone3(0x0, 0x0)

[  450.471795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.474863] Call Trace:
[  450.475572]  <TASK>
[  450.476178]  dump_stack_lvl+0x8b/0xb3
[  450.477242]  should_fail.cold+0x5/0xa
[  450.478313]  _copy_to_user+0x2e/0x150
[  450.479384]  simple_read_from_buffer+0xcc/0x160
[  450.480656]  proc_fail_nth_read+0x194/0x220
[  450.481879]  ? proc_fault_inject_read+0x230/0x230
[  450.483205]  ? security_file_permission+0xb1/0xd0
[  450.484584]  ? proc_fault_inject_read+0x230/0x230
[  450.485919]  vfs_read+0x1b6/0x5f0
[  450.486920]  ksys_read+0x12d/0x250
[  450.487923]  ? __ia32_sys_pwrite64+0x230/0x230
[  450.489213]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.490643]  do_syscall_64+0x3b/0x90
[  450.491654]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.492722] RIP: 0033:0x7f0cf16db69c
[  450.493488] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  450.497402] RSP: 002b:00007f0ceec9e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
23:00:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  450.498976] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f0cf16db69c
[  450.500576] RDX: 000000000000000f RSI: 00007f0ceec9e1e0 RDI: 0000000000000005
[  450.502068] RBP: 00007f0ceec9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  450.503552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.505023] R13: 00007ffef4eafe4f R14: 00007f0ceec9e300 R15: 0000000000022000
[  450.506525]  </TASK>
23:00:28 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 3)

23:00:28 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3)

23:00:28 executing program 1:
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  450.621936] FAULT_INJECTION: forcing a failure.
[  450.621936] name failslab, interval 1, probability 0, space 0, times 0
[  450.624087] CPU: 1 PID: 5224 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  450.625565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.627656] Call Trace:
[  450.628129]  <TASK>
[  450.628550]  dump_stack_lvl+0x8b/0xb3
[  450.629260]  should_fail.cold+0x5/0xa
[  450.629998]  ? create_object.isra.0+0x3a/0xa20
[  450.630813]  should_failslab+0x5/0x10
[  450.631513]  kmem_cache_alloc+0x5b/0x480
[  450.632238]  ? find_held_lock+0x2c/0x110
[  450.632973]  create_object.isra.0+0x3a/0xa20
[  450.633755]  ? kasan_unpoison+0x23/0x50
[  450.634470]  kmem_cache_alloc+0x239/0x480
[  450.635208]  dst_alloc+0x9e/0x610
[  450.635843]  rt_dst_alloc+0x73/0x430
[  450.636504]  ip_route_output_key_hash_rcu+0x93d/0x2a20
[  450.637454]  ip_route_output_key_hash+0x18b/0x300
[  450.638307]  ? ip_route_output_key_hash_rcu+0x2a20/0x2a20
[  450.639293]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  450.640266]  __ip4_datagram_connect+0x77b/0x1340
[  450.641153]  __ip6_datagram_connect+0xa0d/0x1230
[  450.641999]  ? lock_release+0x3b2/0x6f0
[  450.642738]  ? ip6_datagram_connect+0x1d/0x40
[  450.643585]  ? ip6_datagram_release_cb+0x550/0x550
[  450.644459]  ? mark_held_locks+0x9e/0xe0
[  450.645181]  ? __local_bh_enable_ip+0xa0/0x120
[  450.646004]  ? ip6_datagram_connect+0x2b/0x40
[  450.646807]  ip6_datagram_connect+0x2b/0x40
[  450.647607]  inet_dgram_connect+0x137/0x220
[  450.648381]  ? inet_autobind+0x190/0x190
[  450.649104]  __sys_connect_file+0x157/0x1a0
[  450.649873]  __sys_connect+0x161/0x190
23:00:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  450.650711]  ? __sys_connect_file+0x1a0/0x1a0
[  450.650758]  ? vfs_write+0x188/0xae0
[  450.650787]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  450.650815]  ? fput+0x2a/0x50
[  450.650859]  __x64_sys_connect+0x6f/0xb0
[  450.650883]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.650910]  do_syscall_64+0x3b/0x90
[  450.650941]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.650964] RIP: 0033:0x7fbdcac79b19
[  450.650981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.651001] RSP: 002b:00007fbdc81ef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  450.651023] RAX: ffffffffffffffda RBX: 00007fbdcad8cf60 RCX: 00007fbdcac79b19
[  450.651038] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  450.651051] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  450.651064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.651077] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  450.651114]  </TASK>
[  450.721655] FAULT_INJECTION: forcing a failure.
[  450.721655] name failslab, interval 1, probability 0, space 0, times 0
[  450.721695] CPU: 0 PID: 5231 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  450.721723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  450.721741] Call Trace:
[  450.721749]  <TASK>
[  450.721758]  dump_stack_lvl+0x8b/0xb3
[  450.721808]  should_fail.cold+0x5/0xa
[  450.721849]  ? create_object.isra.0+0x3a/0xa20
[  450.721892]  should_failslab+0x5/0x10
[  450.721916]  kmem_cache_alloc+0x5b/0x480
[  450.721954]  create_object.isra.0+0x3a/0xa20
[  450.721991]  ? kasan_unpoison+0x23/0x50
[  450.722035]  kmem_cache_alloc_node+0x248/0x490
[  450.722073]  copy_process+0x2fb7/0x6d40
[  450.722116]  ? lock_is_held_type+0xd7/0x130
[  450.722145]  ? find_held_lock+0x2c/0x110
[  450.722178]  ? lock_release+0x3b2/0x6f0
[  450.722208]  ? __might_fault+0xd1/0x170
[  450.722260]  ? __cleanup_sighand+0xb0/0xb0
[  450.722308]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  450.722341]  ? _copy_from_user+0x139/0x170
[  450.722377]  ? kernel_clone+0x2f8/0xa60
[  450.722417]  kernel_clone+0xe7/0xa60
[  450.722454]  ? lock_is_held_type+0xd7/0x130
[  450.722483]  ? copy_init_mm+0x20/0x20
[  450.722538]  ? lock_is_held_type+0xd7/0x130
[  450.722574]  __do_sys_clone3+0x1c9/0x2d0
[  450.722612]  ? __ia32_sys_clone+0x150/0x150
[  450.722673]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  450.722706]  ? vfs_write+0x188/0xae0
[  450.722741]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  450.722775]  ? fput+0x2a/0x50
[  450.722820]  ? syscall_enter_from_user_mode+0x1d/0x50
[  450.722859]  do_syscall_64+0x3b/0x90
[  450.722898]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  450.722926] RIP: 0033:0x7f3d8a0d9b19
[  450.722946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.722970] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  450.722997] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  450.723015] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  450.723031] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  450.723047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.723063] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  450.723106]  </TASK>
23:00:41 executing program 1:
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:41 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:00:41 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  463.212016] FAULT_INJECTION: forcing a failure.
[  463.212016] name failslab, interval 1, probability 0, space 0, times 0
[  463.214624] CPU: 0 PID: 5243 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  463.216489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.219007] Call Trace:
[  463.219591]  <TASK>
[  463.220088]  dump_stack_lvl+0x8b/0xb3
[  463.220971]  should_fail.cold+0x5/0xa
[  463.221848]  ? copy_process+0x2fb7/0x6d40
[  463.222799]  should_failslab+0x5/0x10
[  463.223681]  kmem_cache_alloc_node+0x55/0x490
[  463.224710]  copy_process+0x2fb7/0x6d40
[  463.225619]  ? lock_is_held_type+0xd7/0x130
[  463.226599]  ? find_held_lock+0x2c/0x110
[  463.227531]  ? lock_release+0x3b2/0x6f0
[  463.228440]  ? __might_fault+0xd1/0x170
[  463.229385]  ? __cleanup_sighand+0xb0/0xb0
[  463.230356]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  463.231622]  ? _copy_from_user+0x139/0x170
[  463.232586]  ? kernel_clone+0x2f8/0xa60
[  463.233505]  kernel_clone+0xe7/0xa60
[  463.234362]  ? lock_is_held_type+0xd7/0x130
[  463.235351]  ? copy_init_mm+0x20/0x20
[  463.236258]  ? lock_is_held_type+0xd7/0x130
[  463.237263]  __do_sys_clone3+0x1c9/0x2d0
[  463.238195]  ? __ia32_sys_clone+0x150/0x150
[  463.239203]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  463.240464]  ? vfs_write+0x188/0xae0
[  463.241319]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  463.242568]  ? fput+0x2a/0x50
[  463.243296]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.244489]  do_syscall_64+0x3b/0x90
[  463.245334]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.246507] RIP: 0033:0x7f37c9f3ab19
[  463.246530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  463.251034] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  463.252738] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  463.254332] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  463.255933] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  463.257511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.259091] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  463.260706]  </TASK>
[  463.268025] FAULT_INJECTION: forcing a failure.
[  463.268025] name failslab, interval 1, probability 0, space 0, times 0
[  463.270535] CPU: 0 PID: 5251 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  463.272346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.274816] Call Trace:
[  463.275385]  <TASK>
[  463.275884]  dump_stack_lvl+0x8b/0xb3
[  463.276757]  should_fail.cold+0x5/0xa
[  463.277617]  ? __ip6_datagram_connect+0xa0d/0x1230
[  463.278724]  ? dst_alloc+0x9e/0x610
[  463.279531]  should_failslab+0x5/0x10
[  463.280407]  kmem_cache_alloc+0x5b/0x480
[  463.281315]  dst_alloc+0x9e/0x610
[  463.282096]  rt_dst_alloc+0x73/0x430
[  463.282928]  ip_route_output_key_hash_rcu+0x93d/0x2a20
[  463.284128]  ip_route_output_key_hash+0x18b/0x300
[  463.285203]  ? ip_route_output_key_hash_rcu+0x2a20/0x2a20
[  463.286421]  ? mark_held_locks+0x9e/0xe0
[  463.287342]  ? lockdep_hardirqs_on+0x79/0x100
[  463.288337]  ? call_rcu+0x585/0xa30
[  463.289162]  ip_route_output_flow+0x23/0x150
[  463.290143]  __ip4_datagram_connect+0x825/0x1340
[  463.291221]  __ip6_datagram_connect+0xa0d/0x1230
[  463.292289]  ? lock_release+0x3b2/0x6f0
[  463.293168]  ? ip6_datagram_connect+0x1d/0x40
[  463.294155]  ? ip6_datagram_release_cb+0x550/0x550
[  463.295239]  ? mark_held_locks+0x9e/0xe0
[  463.296157]  ? __local_bh_enable_ip+0xa0/0x120
[  463.297183]  ? ip6_datagram_connect+0x2b/0x40
[  463.298176]  ip6_datagram_connect+0x2b/0x40
[  463.299146]  inet_dgram_connect+0x137/0x220
[  463.300115]  ? inet_autobind+0x190/0x190
[  463.301023]  __sys_connect_file+0x157/0x1a0
[  463.301981]  __sys_connect+0x161/0x190
[  463.302844]  ? __sys_connect_file+0x1a0/0x1a0
[  463.303862]  ? vfs_write+0x188/0xae0
[  463.304688]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  463.305914]  ? fput+0x2a/0x50
[  463.306631]  __x64_sys_connect+0x6f/0xb0
[  463.307520]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.308653]  do_syscall_64+0x3b/0x90
[  463.309482]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.310601] RIP: 0033:0x7fbdcac79b19
[  463.311398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  463.315352] RSP: 002b:00007fbdc81ef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  463.317026] RAX: ffffffffffffffda RBX: 00007fbdcad8cf60 RCX: 00007fbdcac79b19
[  463.318572] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  463.320127] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  463.321666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.323197] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  463.324764]  </TASK>
[  463.327998] FAULT_INJECTION: forcing a failure.
[  463.327998] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  463.330571] CPU: 0 PID: 5255 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  463.332354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.334750] Call Trace:
[  463.335301]  <TASK>
[  463.335785]  dump_stack_lvl+0x8b/0xb3
[  463.336619]  should_fail.cold+0x5/0xa
[  463.337448]  prepare_alloc_pages+0x17b/0x500
[  463.338386]  ? find_held_lock+0x2c/0x110
[  463.339257]  __alloc_pages+0x131/0x4e0
[  463.340118]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[  463.341421]  ? rcu_read_lock_sched_held+0x3a/0x70
[  463.342474]  ? kmem_cache_alloc_node+0x344/0x490
[  463.343489]  copy_process+0x617/0x6d40
[  463.344346]  ? lock_is_held_type+0xd7/0x130
[  463.345272]  ? find_held_lock+0x2c/0x110
[  463.346155]  ? lock_release+0x3b2/0x6f0
[  463.347025]  ? __might_fault+0xd1/0x170
[  463.347923]  ? __cleanup_sighand+0xb0/0xb0
[  463.348850]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  463.350048]  ? _copy_from_user+0x139/0x170
[  463.350983]  ? kernel_clone+0x2f8/0xa60
[  463.351894]  kernel_clone+0xe7/0xa60
[  463.352734]  ? lock_is_held_type+0xd7/0x130
[  463.353688]  ? copy_init_mm+0x20/0x20
[  463.354554]  ? lock_is_held_type+0xd7/0x130
[  463.355521]  __do_sys_clone3+0x1c9/0x2d0
[  463.356443]  ? __ia32_sys_clone+0x150/0x150
[  463.357440]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  463.358668]  ? vfs_write+0x188/0xae0
[  463.359507]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  463.360757]  ? fput+0x2a/0x50
[  463.361477]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.362626]  do_syscall_64+0x3b/0x90
[  463.363468]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.364609] RIP: 0033:0x7f3d8a0d9b19
[  463.365420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  463.369476] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  463.371138] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  463.372717] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  463.374268] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  463.375830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.377384] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  463.378965]  </TASK>
23:00:41 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:41 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2)

23:00:41 executing program 4:
clone3(0x0, 0x0)

23:00:41 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4)

23:00:41 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 4)

23:00:41 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x0, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:41 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:55 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 5)

23:00:55 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5)

23:00:55 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3)

23:00:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
ioctl$LOOP_SET_FD(r2, 0x4c00, r0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast1, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r4, 0xee00}, {0x200, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bbe, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@local, 0x3502, 0x0, 0x2, 0xf9, 0xfffffff9, 0xffffffff, 0x7fffffff}}, 0xe8)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x55}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7fffffff}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x2c}}, 0x4)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r5}, {r6, 0x4006}], 0x2, 0xffff)
ioctl$BLKSECDISCARD(r5, 0x127d, &(0x7f0000000080)=0x2)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:55 executing program 4:
clone3(0x0, 0x0)

[  477.504961] FAULT_INJECTION: forcing a failure.
[  477.504961] name failslab, interval 1, probability 0, space 0, times 0
[  477.506280] CPU: 0 PID: 5269 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.507193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.508488] Call Trace:
[  477.508767]  <TASK>
[  477.509009]  dump_stack_lvl+0x8b/0xb3
[  477.509429]  should_fail.cold+0x5/0xa
[  477.509860]  ? create_object.isra.0+0x3a/0xa20
[  477.510351]  should_failslab+0x5/0x10
[  477.510774]  kmem_cache_alloc+0x5b/0x480
[  477.511225]  create_object.isra.0+0x3a/0xa20
[  477.511712]  ? kasan_unpoison+0x23/0x50
[  477.512188]  kmem_cache_alloc_node+0x248/0x490
[  477.512694]  copy_process+0x2fb7/0x6d40
[  477.513137]  ? lock_is_held_type+0xd7/0x130
[  477.513634]  ? find_held_lock+0x2c/0x110
[  477.514097]  ? lock_release+0x3b2/0x6f0
[  477.514552]  ? __might_fault+0xd1/0x170
[  477.515015]  ? __cleanup_sighand+0xb0/0xb0
[  477.515501]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  477.516135]  ? _copy_from_user+0x139/0x170
[  477.516584]  ? kernel_clone+0x2f8/0xa60
[  477.517037]  kernel_clone+0xe7/0xa60
[  477.517461]  ? lock_is_held_type+0xd7/0x130
[  477.517941]  ? copy_init_mm+0x20/0x20
[  477.518390]  ? lock_is_held_type+0xd7/0x130
[  477.518882]  __do_sys_clone3+0x1c9/0x2d0
[  477.519337]  ? __ia32_sys_clone+0x150/0x150
[  477.519855]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  477.520486]  ? vfs_write+0x188/0xae0
[  477.520918]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.521537]  ? fput+0x2a/0x50
[  477.521891]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.522470]  do_syscall_64+0x3b/0x90
[  477.522891]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.523476] RIP: 0033:0x7f37c9f3ab19
[  477.523871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.525940] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  477.526737] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  477.527534] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  477.528355] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  477.529177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.529984] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  477.530805]  </TASK>
[  477.543545] FAULT_INJECTION: forcing a failure.
[  477.543545] name failslab, interval 1, probability 0, space 0, times 0
[  477.544839] CPU: 0 PID: 5277 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.545769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.547048] Call Trace:
[  477.547336]  <TASK>
[  477.547590]  dump_stack_lvl+0x8b/0xb3
[  477.548043]  should_fail.cold+0x5/0xa
[  477.548477]  ? prepare_creds+0x2b/0x6f0
[  477.548932]  should_failslab+0x5/0x10
[  477.549361]  kmem_cache_alloc+0x5b/0x480
[  477.549829]  prepare_creds+0x2b/0x6f0
[  477.550261]  copy_creds+0x72/0x930
[  477.550671]  copy_process+0x10d5/0x6d40
[  477.551123]  ? lock_is_held_type+0xd7/0x130
[  477.551609]  ? find_held_lock+0x2c/0x110
[  477.552051]  ? lock_release+0x3b2/0x6f0
[  477.552495]  ? __might_fault+0xd1/0x170
[  477.552932]  ? __cleanup_sighand+0xb0/0xb0
[  477.553423]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  477.554018]  ? _copy_from_user+0x139/0x170
[  477.554498]  ? kernel_clone+0x2f8/0xa60
[  477.554917]  kernel_clone+0xe7/0xa60
[  477.555339]  ? lock_is_held_type+0xd7/0x130
[  477.555797]  ? copy_init_mm+0x20/0x20
[  477.556229]  ? lock_is_held_type+0xd7/0x130
[  477.556697]  __do_sys_clone3+0x1c9/0x2d0
[  477.557157]  ? __ia32_sys_clone+0x150/0x150
[  477.557630]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  477.558234]  ? vfs_write+0x188/0xae0
[  477.558642]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.559257]  ? fput+0x2a/0x50
[  477.559592]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.560183]  do_syscall_64+0x3b/0x90
[  477.560579]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.561169] RIP: 0033:0x7f3d8a0d9b19
[  477.561576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.563650] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  477.564502] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  477.565296] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  477.566087] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  477.566872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.567667] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  477.568487]  </TASK>
[  477.576245] FAULT_INJECTION: forcing a failure.
[  477.576245] name failslab, interval 1, probability 0, space 0, times 0
[  477.577452] CPU: 0 PID: 5279 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.578327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.579530] Call Trace:
[  477.579805]  <TASK>
[  477.580041]  dump_stack_lvl+0x8b/0xb3
[  477.580456]  should_fail.cold+0x5/0xa
[  477.580865]  ? create_object.isra.0+0x3a/0xa20
[  477.581358]  should_failslab+0x5/0x10
[  477.581767]  kmem_cache_alloc+0x5b/0x480
[  477.582205]  create_object.isra.0+0x3a/0xa20
[  477.582678]  ? kasan_unpoison+0x23/0x50
[  477.583119]  kmem_cache_alloc+0x239/0x480
[  477.583559]  dst_alloc+0x9e/0x610
[  477.583943]  rt_dst_alloc+0x73/0x430
[  477.584348]  ip_route_output_key_hash_rcu+0x93d/0x2a20
[  477.584909]  ip_route_output_key_hash+0x18b/0x300
[  477.585429]  ? ip_route_output_key_hash_rcu+0x2a20/0x2a20
[  477.586032]  ? mark_held_locks+0x9e/0xe0
[  477.586507]  ? lockdep_hardirqs_on+0x79/0x100
[  477.587025]  ? call_rcu+0x585/0xa30
[  477.587448]  ip_route_output_flow+0x23/0x150
[  477.587974]  __ip4_datagram_connect+0x825/0x1340
[  477.588533]  __ip6_datagram_connect+0xa0d/0x1230
[  477.589073]  ? lock_release+0x3b2/0x6f0
[  477.589529]  ? ip6_datagram_connect+0x1d/0x40
[  477.590054]  ? ip6_datagram_release_cb+0x550/0x550
[  477.590615]  ? mark_held_locks+0x9e/0xe0
[  477.591078]  ? __local_bh_enable_ip+0xa0/0x120
[  477.591605]  ? ip6_datagram_connect+0x2b/0x40
[  477.592131]  ip6_datagram_connect+0x2b/0x40
[  477.592624]  inet_dgram_connect+0x137/0x220
[  477.593117]  ? inet_autobind+0x190/0x190
[  477.593572]  __sys_connect_file+0x157/0x1a0
[  477.594064]  __sys_connect+0x161/0x190
[  477.594504]  ? __sys_connect_file+0x1a0/0x1a0
[  477.595021]  ? vfs_write+0x188/0xae0
[  477.595445]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.596091]  ? fput+0x2a/0x50
[  477.596459]  __x64_sys_connect+0x6f/0xb0
[  477.596921]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.597497]  do_syscall_64+0x3b/0x90
[  477.597925]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.598509] RIP: 0033:0x7fbdcac79b19
[  477.598924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.601029] RSP: 002b:00007fbdc81ef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  477.601887] RAX: ffffffffffffffda RBX: 00007fbdcad8cf60 RCX: 00007fbdcac79b19
[  477.602698] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  477.603449] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  477.604268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.605062] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  477.605884]  </TASK>
23:00:55 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:00:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0xd0)

23:00:55 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4)

23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x8000000000000000, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:00:55 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6)

[  477.741372] FAULT_INJECTION: forcing a failure.
[  477.741372] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  477.742717] CPU: 0 PID: 5296 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.743668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.744898] Call Trace:
[  477.745191]  <TASK>
[  477.745430]  dump_stack_lvl+0x8b/0xb3
[  477.745890]  should_fail.cold+0x5/0xa
[  477.746312]  prepare_alloc_pages+0x17b/0x500
[  477.746817]  ? find_held_lock+0x2c/0x110
[  477.747263]  __alloc_pages+0x131/0x4e0
[  477.747711]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[  477.748426]  ? rcu_read_lock_sched_held+0x3a/0x70
[  477.748997]  ? kmem_cache_alloc_node+0x344/0x490
[  477.749546]  copy_process+0x617/0x6d40
[  477.749999]  ? lock_is_held_type+0xd7/0x130
[  477.750490]  ? find_held_lock+0x2c/0x110
[  477.750965]  ? lock_release+0x3b2/0x6f0
[  477.751430]  ? __might_fault+0xd1/0x170
[  477.751928]  ? __cleanup_sighand+0xb0/0xb0
[  477.752422]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  477.753049]  ? _copy_from_user+0x139/0x170
[  477.753537]  ? kernel_clone+0x2f8/0xa60
[  477.753990]  kernel_clone+0xe7/0xa60
[  477.754424]  ? lock_is_held_type+0xd7/0x130
[  477.754918]  ? copy_init_mm+0x20/0x20
[  477.755366]  ? lock_is_held_type+0xd7/0x130
[  477.755889]  __do_sys_clone3+0x1c9/0x2d0
[  477.756385]  ? __ia32_sys_clone+0x150/0x150
[  477.756898]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  477.757528]  ? vfs_write+0x188/0xae0
[  477.757976]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.758618]  ? fput+0x2a/0x50
[  477.759003]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.759593]  do_syscall_64+0x3b/0x90
[  477.760039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.760620] RIP: 0033:0x7f37c9f3ab19
[  477.761039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.763141] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  477.764034] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  477.764859] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  477.765673] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  477.766469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.767283] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  477.768108]  </TASK>
23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  477.796807] FAULT_INJECTION: forcing a failure.
[  477.796807] name failslab, interval 1, probability 0, space 0, times 0
[  477.799226] CPU: 1 PID: 5302 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.800880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.803116] Call Trace:
[  477.803641]  <TASK>
[  477.804082]  dump_stack_lvl+0x8b/0xb3
[  477.804865]  should_fail.cold+0x5/0xa
[  477.805627]  ? create_object.isra.0+0x3a/0xa20
[  477.806542]  should_failslab+0x5/0x10
[  477.807353]  kmem_cache_alloc+0x5b/0x480
[  477.808278]  create_object.isra.0+0x3a/0xa20
[  477.809247]  ? kasan_unpoison+0x23/0x50
[  477.810152]  kmem_cache_alloc+0x239/0x480
[  477.811069]  prepare_creds+0x2b/0x6f0
[  477.811927]  copy_creds+0x72/0x930
[  477.812723]  copy_process+0x10d5/0x6d40
[  477.813604]  ? lock_is_held_type+0xd7/0x130
[  477.814549]  ? find_held_lock+0x2c/0x110
[  477.815424]  ? lock_release+0x3b2/0x6f0
[  477.816235]  ? __might_fault+0xd1/0x170
[  477.817055]  ? __cleanup_sighand+0xb0/0xb0
[  477.817909]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  477.819003]  ? _copy_from_user+0x139/0x170
[  477.819851]  ? kernel_clone+0x2f8/0xa60
[  477.820643]  kernel_clone+0xe7/0xa60
[  477.821382]  ? lock_is_held_type+0xd7/0x130
[  477.822232]  ? copy_init_mm+0x20/0x20
[  477.823003]  ? lock_is_held_type+0xd7/0x130
[  477.823881]  __do_sys_clone3+0x1c9/0x2d0
[  477.824689]  ? __ia32_sys_clone+0x150/0x150
[  477.825568]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  477.826651]  ? vfs_write+0x188/0xae0
[  477.827400]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.828503]  ? fput+0x2a/0x50
[  477.829149]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.830193]  do_syscall_64+0x3b/0x90
[  477.830953]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.831985] RIP: 0033:0x7f3d8a0d9b19
[  477.832718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.836370] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  477.837861] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  477.839254] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  477.840656] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  477.842048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.843446] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  477.844873]  </TASK>
23:00:55 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c) (fail_nth: 6)

23:00:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0xd0)

23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:00:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:00:55 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:00:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000040)={{0x0, 0x2, 0x8, 0x2, 0xffffff00}})
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$LOOP_SET_FD(r2, 0x4c00, r4)

23:00:55 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5)

[  477.947890] FAULT_INJECTION: forcing a failure.
[  477.947890] name failslab, interval 1, probability 0, space 0, times 0
[  477.949124] CPU: 0 PID: 5313 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.950007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.951234] Call Trace:
[  477.951509]  <TASK>
[  477.951757]  dump_stack_lvl+0x8b/0xb3
[  477.952164]  should_fail.cold+0x5/0xa
[  477.952576]  ? prepare_creds+0x2b/0x6f0
[  477.953021]  should_failslab+0x5/0x10
[  477.953431]  kmem_cache_alloc+0x5b/0x480
[  477.953869]  prepare_creds+0x2b/0x6f0
[  477.954287]  copy_creds+0x72/0x930
[  477.954667]  copy_process+0x10d5/0x6d40
[  477.955105]  ? lock_is_held_type+0xd7/0x130
[  477.955565]  ? find_held_lock+0x2c/0x110
[  477.956018]  ? lock_release+0x3b2/0x6f0
[  477.956439]  ? __might_fault+0xd1/0x170
[  477.956870]  ? __cleanup_sighand+0xb0/0xb0
[  477.957327]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  477.957911]  ? _copy_from_user+0x139/0x170
[  477.958366]  ? kernel_clone+0x2f8/0xa60
[  477.958795]  kernel_clone+0xe7/0xa60
[  477.959204]  ? lock_is_held_type+0xd7/0x130
[  477.959668]  ? copy_init_mm+0x20/0x20
[  477.960091]  ? lock_is_held_type+0xd7/0x130
[  477.960580]  __do_sys_clone3+0x1c9/0x2d0
[  477.961015]  ? __ia32_sys_clone+0x150/0x150
[  477.961477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  477.962043]  ? vfs_write+0x188/0xae0
[  477.962439]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  477.963014]  ? fput+0x2a/0x50
[  477.963350]  ? syscall_enter_from_user_mode+0x1d/0x50
[  477.963907]  do_syscall_64+0x3b/0x90
[  477.964302]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  477.964840] RIP: 0033:0x7f37c9f3ab19
[  477.965231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  477.967148] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  477.967962] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  477.968699] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  477.969436] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  477.970177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.970907] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  477.971655]  </TASK>
[  477.990674] FAULT_INJECTION: forcing a failure.
[  477.990674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  477.993111] CPU: 1 PID: 5319 Comm: syz-executor.2 Not tainted 5.16.0-rc5-next-20211217 #1
[  477.994740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  477.996999] Call Trace:
[  477.997512]  <TASK>
[  477.997960]  dump_stack_lvl+0x8b/0xb3
[  477.998747]  should_fail.cold+0x5/0xa
[  477.999530]  _copy_to_user+0x2e/0x150
23:00:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(0x0, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  478.000316]  simple_read_from_buffer+0xcc/0x160
[  478.001376]  proc_fail_nth_read+0x194/0x220
[  478.002376]  ? proc_fault_inject_read+0x230/0x230
[  478.003498]  ? security_file_permission+0xb1/0xd0
[  478.004630]  ? proc_fault_inject_read+0x230/0x230
[  478.005760]  vfs_read+0x1b6/0x5f0
[  478.006591]  ksys_read+0x12d/0x250
[  478.007431]  ? __ia32_sys_pwrite64+0x230/0x230
23:00:56 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  478.008506]  ? syscall_enter_from_user_mode+0x1d/0x50
[  478.009813]  do_syscall_64+0x3b/0x90
[  478.010686]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  478.011715] RIP: 0033:0x7fbdcac2c69c
[  478.012454] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  478.016086] RSP: 002b:00007fbdc81ef170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  478.017599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbdcac2c69c
[  478.019008] RDX: 000000000000000f RSI: 00007fbdc81ef1e0 RDI: 0000000000000004
[  478.020464] RBP: 00007fbdc81ef1d0 R08: 0000000000000000 R09: 0000000000000000
[  478.021889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  478.023301] R13: 00007ffe7eef1a2f R14: 00007fbdc81ef300 R15: 0000000000022000
[  478.024740]  </TASK>
[  478.045831] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  478.065869] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
23:01:09 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7)

23:01:09 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:01:09 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x9, 0xa, 0x1d, 0x8, "aec0e369ab8231533804b0c263dcf66995a6992bcdd6a055eca7118aa58c3d1321801a2679c5c9e3bfb43ae6b27715e4673d503ccb816b533a8cda73ecff234b", "29d36cfe2574e993be6a06bc0f12fefda218a83862303a34ef80873f1f519988", [0x3ae1, 0x1ff]})
ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000040))
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
recvmsg$unix(r2, &(0x7f0000000580)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000440)=[{&(0x7f0000000300)=""/83, 0x53}, {&(0x7f0000000380)=""/33, 0x21}, {&(0x7f00000003c0)=""/37, 0x25}, {&(0x7f0000000400)=""/27, 0x1b}], 0x4, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xd0}, 0x100)
ioctl$LOOP_SET_FD(r0, 0x4c00, r3)
ioctl$LOOP_SET_FD(r0, 0x1269, r2)

23:01:09 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(0x0, 0x0, 0xffff)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:01:09 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x0, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

23:01:10 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6)

23:01:10 executing program 4:
clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

23:01:10 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r1, 0x1, 0x0, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0xd0)

[  492.022028] FAULT_INJECTION: forcing a failure.
[  492.022028] name failslab, interval 1, probability 0, space 0, times 0
[  492.024359] CPU: 0 PID: 5345 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  492.026017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  492.028281] Call Trace:
[  492.028800]  <TASK>
[  492.029252]  dump_stack_lvl+0x8b/0xb3
[  492.030024]  should_fail.cold+0x5/0xa
[  492.030786]  ? create_object.isra.0+0x3a/0xa20
[  492.031723]  should_failslab+0x5/0x10
[  492.032499]  kmem_cache_alloc+0x5b/0x480
[  492.033321]  create_object.isra.0+0x3a/0xa20
[  492.034198]  ? kasan_unpoison+0x23/0x50
[  492.035004]  kmem_cache_alloc+0x239/0x480
[  492.035039]  prepare_creds+0x2b/0x6f0
[  492.035079]  copy_creds+0x72/0x930
[  492.035117]  copy_process+0x10d5/0x6d40
[  492.035150]  ? lock_is_held_type+0xd7/0x130
[  492.035177]  ? find_held_lock+0x2c/0x110
[  492.035208]  ? lock_release+0x3b2/0x6f0
[  492.035235]  ? __might_fault+0xd1/0x170
[  492.035282]  ? __cleanup_sighand+0xb0/0xb0
[  492.035325]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  492.035358]  ? _copy_from_user+0x139/0x170
[  492.035390]  ? kernel_clone+0x2f8/0xa60
[  492.035426]  kernel_clone+0xe7/0xa60
[  492.035459]  ? lock_is_held_type+0xd7/0x130
[  492.035486]  ? copy_init_mm+0x20/0x20
[  492.035535]  ? lock_is_held_type+0xd7/0x130
[  492.035568]  __do_sys_clone3+0x1c9/0x2d0
[  492.035602]  ? __ia32_sys_clone+0x150/0x150
[  492.035657]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  492.035686]  ? vfs_write+0x188/0xae0
[  492.035719]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  492.035749]  ? fput+0x2a/0x50
[  492.035789]  ? syscall_enter_from_user_mode+0x1d/0x50
[  492.035825]  do_syscall_64+0x3b/0x90
[  492.035860]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  492.035885] RIP: 0033:0x7f37c9f3ab19
[  492.035904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  492.035925] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  492.035978] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  492.035997] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  492.036013] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  492.036028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.036043] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  492.036081]  </TASK>
[  492.040382] FAULT_INJECTION: forcing a failure.
[  492.040382] name failslab, interval 1, probability 0, space 0, times 0
[  492.040412] CPU: 0 PID: 5346 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  492.040438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  492.040453] Call Trace:
[  492.040459]  <TASK>
[  492.040468]  dump_stack_lvl+0x8b/0xb3
[  492.040514]  should_fail.cold+0x5/0xa
[  492.040553]  ? security_prepare_creds+0x10a/0x180
[  492.040587]  should_failslab+0x5/0x10
[  492.040607]  __kmalloc+0x72/0x330
[  492.040639]  security_prepare_creds+0x10a/0x180
[  492.040676]  prepare_creds+0x505/0x6f0
[  492.040714]  copy_creds+0x72/0x930
[  492.040752]  copy_process+0x10d5/0x6d40
[  492.040784]  ? lock_is_held_type+0xd7/0x130
[  492.040809]  ? find_held_lock+0x2c/0x110
[  492.040838]  ? lock_release+0x3b2/0x6f0
[  492.040864]  ? __might_fault+0xd1/0x170
[  492.040911]  ? __cleanup_sighand+0xb0/0xb0
[  492.040954]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  492.040983]  ? _copy_from_user+0x139/0x170
[  492.041014]  ? kernel_clone+0x2f8/0xa60
[  492.041050]  kernel_clone+0xe7/0xa60
[  492.041083]  ? lock_is_held_type+0xd7/0x130
[  492.041109]  ? copy_init_mm+0x20/0x20
[  492.041158]  ? lock_is_held_type+0xd7/0x130
[  492.041196]  __do_sys_clone3+0x1c9/0x2d0
[  492.041231]  ? __ia32_sys_clone+0x150/0x150
[  492.041284]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  492.098881]  ? vfs_write+0x188/0xae0
[  492.099643]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  492.100751]  ? fput+0x2a/0x50
[  492.101391]  ? syscall_enter_from_user_mode+0x1d/0x50
[  492.102426]  do_syscall_64+0x3b/0x90
[  492.103180]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  492.104210] RIP: 0033:0x7f3d8a0d9b19
[  492.104942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  492.108571] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  492.110067] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  492.111472] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  492.112891] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  492.114297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.115699] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  492.117140]  </TASK>
[  508.267913] FAULT_INJECTION: forcing a failure.
[  508.267913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.270438] CPU: 0 PID: 5362 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.272093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.274361] Call Trace:
[  508.274872]  <TASK>
[  508.275316]  dump_stack_lvl+0x8b/0xb3
[  508.276106]  should_fail.cold+0x5/0xa
[  508.276892]  _copy_from_user+0x2e/0x170
[  508.277689]  __copy_msghdr_from_user+0x91/0x4b0
[  508.278617]  ? __ia32_sys_shutdown+0x70/0x70
[  508.279502]  ? __lock_acquire+0xbac/0x5b70
[  508.280376]  sendmsg_copy_msghdr+0xa1/0x160
[  508.281237]  ? __ia32_sys_recvmmsg+0x260/0x260
[  508.282146]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  508.283206]  ___sys_sendmsg+0xc6/0x170
[  508.283983]  ? sendmsg_copy_msghdr+0x160/0x160
[  508.284904]  ? lock_release+0x3b2/0x6f0
[  508.285697]  ? __fget_files+0x26b/0x470
[  508.286491]  ? lock_downgrade+0x6d0/0x6d0
[  508.287323]  ? finish_task_switch.isra.0+0x221/0x870
[  508.288353]  ? __fget_files+0x28d/0x470
[  508.289154]  ? __fget_light+0xea/0x280
[  508.289454] FAULT_INJECTION: forcing a failure.
[  508.289454] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.289919]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.293287]  __sys_sendmsg+0xe5/0x1b0
[  508.294059]  ? __sys_sendmsg_sock+0x30/0x30
[  508.294921]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[  508.295974]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.297025]  do_syscall_64+0x3b/0x90
[  508.297766]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.298772] RIP: 0033:0x7f54fbbc7b19
[  508.299494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.303127] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.304635] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  508.306019] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  508.307401] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.308778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.310162] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  508.311564]  </TASK>
23:01:26 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 1)

23:01:26 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(0x0, 0x0, 0xffff)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:01:26 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8)

23:01:26 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x4, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000080))
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:01:26 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7)

23:01:26 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1)

23:01:26 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0x2, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:01:26 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 1)

[  508.312008] CPU: 1 PID: 5368 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.313901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.316096] Call Trace:
[  508.316605]  <TASK>
[  508.317045]  dump_stack_lvl+0x8b/0xb3
[  508.317826]  should_fail.cold+0x5/0xa
[  508.318586]  _copy_from_user+0x2e/0x170
[  508.319415]  copy_clone_args_from_user+0x147/0x780
[  508.320419]  ? lock_is_held_type+0xd7/0x130
[  508.321294]  ? user_worker_start+0x190/0x190
[  508.322234]  ? lock_release+0x3b2/0x6f0
[  508.323036]  ? ksys_write+0x212/0x250
[  508.323812]  ? lock_downgrade+0x6d0/0x6d0
[  508.324648]  ? lock_is_held_type+0xd7/0x130
[  508.325526]  __do_sys_clone3+0x93/0x2d0
[  508.326334]  ? __ia32_sys_clone+0x150/0x150
[  508.327219]  ? wait_for_completion_io+0x270/0x270
[  508.328243]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.329386]  ? vfs_write+0x188/0xae0
[  508.330144]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.331276]  ? fput+0x2a/0x50
[  508.331922]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.332992]  do_syscall_64+0x3b/0x90
[  508.333750]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.334806] RIP: 0033:0x7fc730828b19
[  508.335236] FAULT_INJECTION: forcing a failure.
[  508.335236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.335546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.341441] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.342955] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  508.344409] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.345826] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.347238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.348676] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  508.350117]  </TASK>
[  508.350976] CPU: 0 PID: 5373 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.352637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.354885] Call Trace:
[  508.355399]  <TASK>
[  508.355838]  dump_stack_lvl+0x8b/0xb3
[  508.356667]  should_fail.cold+0x5/0xa
[  508.357450]  _copy_from_user+0x2e/0x170
[  508.357483]  __copy_msghdr_from_user+0x91/0x4b0
[  508.357516]  ? __ia32_sys_shutdown+0x70/0x70
[  508.357554]  ? __lock_acquire+0xbac/0x5b70
[  508.357593]  sendmsg_copy_msghdr+0xa1/0x160
[  508.357624]  ? __ia32_sys_recvmmsg+0x260/0x260
23:01:26 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  508.357655]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  508.357686]  ? lock_release+0x3b2/0x6f0
[  508.357712]  ? __might_fault+0xd1/0x170
[  508.357756]  ___sys_sendmsg+0xc6/0x170
[  508.357789]  ? sendmsg_copy_msghdr+0x160/0x160
[  508.357821]  ? lock_release+0x3b2/0x6f0
[  508.357846]  ? __fget_files+0x26b/0x470
[  508.357869]  ? lock_downgrade+0x6d0/0x6d0
[  508.357898]  ? lock_release+0x3b2/0x6f0
[  508.357923]  ? ksys_write+0x212/0x250
[  508.357952]  ? lock_downgrade+0x6d0/0x6d0
[  508.357986]  ? __fget_files+0x28d/0x470
[  508.358022]  ? __fget_light+0xea/0x280
[  508.358046]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
23:01:26 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 2)

23:01:26 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/xz_dec', 0x10100, 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000080)={{0xffffffffffffffff, 0x0, 0x7, 0x3, 0x6}})

23:01:26 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8)

[  508.358082]  __sys_sendmsg+0xe5/0x1b0
[  508.358112]  ? __sys_sendmsg_sock+0x30/0x30
[  508.358140]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.358174]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.358203]  ? fput+0x2a/0x50
[  508.358242]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.358276]  do_syscall_64+0x3b/0x90
[  508.358309]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.358332] RIP: 0033:0x7efdec8bab19
[  508.358349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:01:26 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfc, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  508.358370] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.358393] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  508.358408] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  508.358422] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  508.358436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.358449] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  508.358487]  </TASK>
[  508.358702] FAULT_INJECTION: forcing a failure.
[  508.358702] name failslab, interval 1, probability 0, space 0, times 0
[  508.358732] CPU: 1 PID: 5376 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.358757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.358772] Call Trace:
[  508.358778]  <TASK>
[  508.358786]  dump_stack_lvl+0x8b/0xb3
[  508.358827]  should_fail.cold+0x5/0xa
[  508.358863]  ? create_object.isra.0+0x3a/0xa20
[  508.358901]  should_failslab+0x5/0x10
[  508.358923]  kmem_cache_alloc+0x5b/0x480
[  508.358957]  create_object.isra.0+0x3a/0xa20
[  508.358990]  ? kasan_unpoison+0x23/0x50
[  508.359030]  __kmalloc+0x1ed/0x330
[  508.359062]  security_prepare_creds+0x10a/0x180
[  508.359100]  prepare_creds+0x505/0x6f0
[  508.359139]  copy_creds+0x72/0x930
[  508.359177]  copy_process+0x10d5/0x6d40
[  508.359216]  ? lock_is_held_type+0xd7/0x130
[  508.359241]  ? find_held_lock+0x2c/0x110
[  508.359270]  ? lock_release+0x3b2/0x6f0
[  508.359296]  ? __might_fault+0xd1/0x170
[  508.359342]  ? __cleanup_sighand+0xb0/0xb0
[  508.359385]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.359415]  ? _copy_from_user+0x139/0x170
[  508.359445]  ? kernel_clone+0x2f8/0xa60
[  508.359482]  kernel_clone+0xe7/0xa60
[  508.359515]  ? lock_is_held_type+0xd7/0x130
[  508.359541]  ? copy_init_mm+0x20/0x20
[  508.359590]  ? lock_is_held_type+0xd7/0x130
[  508.359622]  __do_sys_clone3+0x1c9/0x2d0
[  508.359657]  ? __ia32_sys_clone+0x150/0x150
[  508.359711]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.359740]  ? vfs_write+0x188/0xae0
[  508.359772]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.359803]  ? fput+0x2a/0x50
[  508.359842]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.359878]  do_syscall_64+0x3b/0x90
[  508.359912]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.359936] RIP: 0033:0x7f3d8a0d9b19
[  508.359953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.359975] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.359999] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  508.360015] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.360030] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.360044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.360059] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  508.360097]  </TASK>
[  508.363392] FAULT_INJECTION: forcing a failure.
[  508.363392] name failslab, interval 1, probability 0, space 0, times 0
[  508.363421] CPU: 1 PID: 5367 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.363446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.363461] Call Trace:
[  508.363467]  <TASK>
[  508.363475]  dump_stack_lvl+0x8b/0xb3
[  508.363521]  should_fail.cold+0x5/0xa
[  508.363557]  ? security_prepare_creds+0x10a/0x180
[  508.363590]  should_failslab+0x5/0x10
[  508.363610]  __kmalloc+0x72/0x330
[  508.363642]  security_prepare_creds+0x10a/0x180
[  508.363679]  prepare_creds+0x505/0x6f0
[  508.363717]  copy_creds+0x72/0x930
[  508.363754]  copy_process+0x10d5/0x6d40
[  508.363786]  ? lock_is_held_type+0xd7/0x130
[  508.363811]  ? find_held_lock+0x2c/0x110
[  508.363840]  ? lock_release+0x3b2/0x6f0
[  508.363867]  ? __might_fault+0xd1/0x170
[  508.363913]  ? __cleanup_sighand+0xb0/0xb0
[  508.363956]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.363986]  ? _copy_from_user+0x139/0x170
[  508.364017]  ? kernel_clone+0x2f8/0xa60
[  508.364053]  kernel_clone+0xe7/0xa60
[  508.364086]  ? lock_is_held_type+0xd7/0x130
[  508.364112]  ? copy_init_mm+0x20/0x20
[  508.364190]  ? lock_is_held_type+0xd7/0x130
[  508.364223]  __do_sys_clone3+0x1c9/0x2d0
[  508.364257]  ? __ia32_sys_clone+0x150/0x150
[  508.364311]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.364340]  ? vfs_write+0x188/0xae0
[  508.364372]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.364403]  ? fput+0x2a/0x50
[  508.364443]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.364478]  do_syscall_64+0x3b/0x90
[  508.364512]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.364537] RIP: 0033:0x7f37c9f3ab19
[  508.364554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.364575] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.364599] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  508.364615] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.364630] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  508.364645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.364659] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  508.364698]  </TASK>
[  508.510342] FAULT_INJECTION: forcing a failure.
[  508.510342] name failslab, interval 1, probability 0, space 0, times 0
[  508.575529] FAULT_INJECTION: forcing a failure.
[  508.575529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.576450] CPU: 0 PID: 5386 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.617751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
23:01:26 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9)

23:01:26 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000040)={{0x0, 0x3, 0xffffffff, 0x1, 0x5}})

[  508.617768] Call Trace:
[  508.617776]  <TASK>
[  508.617785]  dump_stack_lvl+0x8b/0xb3
[  508.617832]  should_fail.cold+0x5/0xa
[  508.617869]  ? create_object.isra.0+0x3a/0xa20
[  508.617909]  should_failslab+0x5/0x10
[  508.617931]  kmem_cache_alloc+0x5b/0x480
[  508.617965]  create_object.isra.0+0x3a/0xa20
23:01:26 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 2)

[  508.617999]  ? kasan_unpoison+0x23/0x50
[  508.618039]  __kmalloc+0x1ed/0x330
[  508.618071]  security_prepare_creds+0x10a/0x180
[  508.618109]  prepare_creds+0x505/0x6f0
[  508.618149]  copy_creds+0x72/0x930
[  508.618187]  copy_process+0x10d5/0x6d40
[  508.618220]  ? lock_is_held_type+0xd7/0x130
[  508.618247]  ? find_held_lock+0x2c/0x110
[  508.618282]  ? lock_release+0x3b2/0x6f0
23:01:26 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2)

[  508.618308]  ? __might_fault+0xd1/0x170
[  508.618355]  ? __cleanup_sighand+0xb0/0xb0
[  508.618399]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.618429]  ? _copy_from_user+0x139/0x170
[  508.618461]  ? kernel_clone+0x2f8/0xa60
[  508.618498]  kernel_clone+0xe7/0xa60
[  508.618532]  ? lock_is_held_type+0xd7/0x130
[  508.618557]  ? copy_init_mm+0x20/0x20
[  508.618618]  __do_sys_clone3+0x1c9/0x2d0
[  508.618652]  ? __ia32_sys_clone+0x150/0x150
[  508.618687]  ? finish_task_switch.isra.0+0x226/0x870
[  508.618741]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[  508.618787]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.618823]  do_syscall_64+0x3b/0x90
[  508.618858]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.618883] RIP: 0033:0x7f37c9f3ab19
[  508.618901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.618924] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.618949] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  508.618965] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.618980] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  508.618995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.619010] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  508.619048]  </TASK>
[  508.619057] CPU: 1 PID: 5391 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.619090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.619104] Call Trace:
[  508.619111]  <TASK>
[  508.619120]  dump_stack_lvl+0x8b/0xb3
[  508.619162]  should_fail.cold+0x5/0xa
[  508.619207]  _copy_from_user+0x2e/0x170
[  508.619239]  iovec_from_user+0x241/0x3c0
[  508.619288]  __import_iovec+0x67/0x5d0
[  508.619322]  ? __ia32_sys_shutdown+0x70/0x70
[  508.619368]  import_iovec+0x83/0xb0
[  508.619410]  sendmsg_copy_msghdr+0x12d/0x160
[  508.619442]  ? __ia32_sys_recvmmsg+0x260/0x260
[  508.619474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  508.619506]  ? lock_release+0x3b2/0x6f0
[  508.619532]  ? __might_fault+0xd1/0x170
[  508.619577]  ___sys_sendmsg+0xc6/0x170
[  508.619610]  ? sendmsg_copy_msghdr+0x160/0x160
[  508.619643]  ? lock_release+0x3b2/0x6f0
[  508.619669]  ? __fget_files+0x26b/0x470
[  508.619693]  ? lock_downgrade+0x6d0/0x6d0
[  508.619722]  ? lock_release+0x3b2/0x6f0
[  508.619748]  ? ksys_write+0x212/0x250
[  508.619778]  ? lock_downgrade+0x6d0/0x6d0
[  508.619813]  ? __fget_files+0x28d/0x470
[  508.619849]  ? __fget_light+0xea/0x280
[  508.619874]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.619910]  __sys_sendmsg+0xe5/0x1b0
[  508.619941]  ? __sys_sendmsg_sock+0x30/0x30
[  508.619971]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.620007]  ? fput+0x2a/0x50
[  508.620047]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.620082]  do_syscall_64+0x3b/0x90
[  508.620116]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.620139] RIP: 0033:0x7efdec8bab19
[  508.620165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.620186] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.620211] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  508.620227] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  508.620242] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  508.620256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.620270] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  508.620309]  </TASK>
[  508.664710] FAULT_INJECTION: forcing a failure.
[  508.664710] name failslab, interval 1, probability 0, space 0, times 0
[  508.664746] CPU: 1 PID: 5394 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.664772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.664787] Call Trace:
[  508.664794]  <TASK>
[  508.664802]  dump_stack_lvl+0x8b/0xb3
[  508.664854]  should_fail.cold+0x5/0xa
[  508.664891]  ? create_user_ns+0x1ac/0xd80
[  508.664925]  should_failslab+0x5/0x10
[  508.664947]  kmem_cache_alloc+0x5b/0x480
[  508.664981]  create_user_ns+0x1ac/0xd80
[  508.665014]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.665045]  ? prepare_creds+0x519/0x6f0
[  508.665084]  copy_creds+0x53d/0x930
[  508.665122]  copy_process+0x10d5/0x6d40
[  508.665155]  ? lock_is_held_type+0xd7/0x130
[  508.665182]  ? find_held_lock+0x2c/0x110
[  508.665212]  ? lock_release+0x3b2/0x6f0
[  508.665238]  ? __might_fault+0xd1/0x170
[  508.665285]  ? __cleanup_sighand+0xb0/0xb0
[  508.665328]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.665357]  ? _copy_from_user+0x139/0x170
[  508.665390]  ? kernel_clone+0x2f8/0xa60
[  508.665426]  kernel_clone+0xe7/0xa60
[  508.665459]  ? lock_is_held_type+0xd7/0x130
[  508.665485]  ? copy_init_mm+0x20/0x20
[  508.665535]  ? lock_is_held_type+0xd7/0x130
[  508.665567]  __do_sys_clone3+0x1c9/0x2d0
[  508.665602]  ? __ia32_sys_clone+0x150/0x150
[  508.665656]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.665685]  ? vfs_write+0x188/0xae0
[  508.665718]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.665749]  ? fput+0x2a/0x50
[  508.665788]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.665824]  do_syscall_64+0x3b/0x90
[  508.665858]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.665883] RIP: 0033:0x7f3d8a0d9b19
[  508.665901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.665923] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.665948] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  508.665964] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.665979] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.665993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.666008] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  508.666046]  </TASK>
[  508.690309] FAULT_INJECTION: forcing a failure.
[  508.690309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.690344] CPU: 0 PID: 5400 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.690370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.690385] Call Trace:
[  508.690392]  <TASK>
[  508.690401]  dump_stack_lvl+0x8b/0xb3
[  508.690446]  should_fail.cold+0x5/0xa
[  508.690487]  _copy_from_user+0x2e/0x170
[  508.690520]  iovec_from_user+0x241/0x3c0
[  508.690565]  __import_iovec+0x67/0x5d0
[  508.690605]  ? __ia32_sys_shutdown+0x70/0x70
[  508.690651]  import_iovec+0x83/0xb0
[  508.690694]  sendmsg_copy_msghdr+0x12d/0x160
[  508.690727]  ? __ia32_sys_recvmmsg+0x260/0x260
[  508.690759]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  508.690793]  ? lock_release+0x3b2/0x6f0
[  508.690819]  ? __might_fault+0xd1/0x170
[  508.690865]  ___sys_sendmsg+0xc6/0x170
[  508.690899]  ? sendmsg_copy_msghdr+0x160/0x160
[  508.690932]  ? lock_release+0x3b2/0x6f0
[  508.690958]  ? __fget_files+0x26b/0x470
[  508.690983]  ? lock_downgrade+0x6d0/0x6d0
[  508.691012]  ? lock_release+0x3b2/0x6f0
[  508.691038]  ? ksys_write+0x212/0x250
[  508.691069]  ? lock_downgrade+0x6d0/0x6d0
[  508.691105]  ? __fget_files+0x28d/0x470
[  508.691141]  ? __fget_light+0xea/0x280
[  508.691166]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.691204]  __sys_sendmsg+0xe5/0x1b0
[  508.691235]  ? __sys_sendmsg_sock+0x30/0x30
[  508.691264]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.691301]  ? fput+0x2a/0x50
[  508.691341]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.691377]  do_syscall_64+0x3b/0x90
[  508.691412]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.691437] RIP: 0033:0x7f54fbbc7b19
[  508.691454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.691476] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.691500] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  508.691516] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  508.691531] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.691546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.691560] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  508.691598]  </TASK>
[  508.738614] FAULT_INJECTION: forcing a failure.
[  508.738614] name failslab, interval 1, probability 0, space 0, times 0
[  508.894755] CPU: 0 PID: 5403 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  508.896464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  508.899029] Call Trace:
[  508.899609]  <TASK>
[  508.900116]  dump_stack_lvl+0x8b/0xb3
[  508.901018]  should_fail.cold+0x5/0xa
[  508.901899]  ? copy_process+0x2fb7/0x6d40
[  508.902856]  should_failslab+0x5/0x10
[  508.903719]  kmem_cache_alloc_node+0x55/0x490
[  508.904774]  copy_process+0x2fb7/0x6d40
[  508.905686]  ? lock_is_held_type+0xd7/0x130
[  508.906668]  ? find_held_lock+0x2c/0x110
[  508.907600]  ? lock_release+0x3b2/0x6f0
[  508.908519]  ? __might_fault+0xd1/0x170
[  508.909453]  ? __cleanup_sighand+0xb0/0xb0
[  508.910437]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  508.911692]  ? _copy_from_user+0x139/0x170
[  508.912672]  ? kernel_clone+0x2f8/0xa60
[  508.913598]  kernel_clone+0xe7/0xa60
[  508.914459]  ? lock_is_held_type+0xd7/0x130
[  508.915442]  ? copy_init_mm+0x20/0x20
[  508.916362]  ? lock_is_held_type+0xd7/0x130
[  508.917276]  __do_sys_clone3+0x1c9/0x2d0
[  508.918075]  ? __ia32_sys_clone+0x150/0x150
[  508.918937]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  508.919998]  ? vfs_write+0x188/0xae0
[  508.920743]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  508.921810]  ? fput+0x2a/0x50
[  508.922432]  ? syscall_enter_from_user_mode+0x1d/0x50
[  508.923439]  do_syscall_64+0x3b/0x90
[  508.924183]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  508.925183] RIP: 0033:0x7fc730828b19
[  508.925898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  508.929451] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  508.930916] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  508.932299] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  508.933668] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  508.935039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.936426] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  508.937816]  </TASK>
23:01:41 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10)

23:01:41 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(0x0, 0x0, 0xffff)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:01:41 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3)

23:01:41 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfd, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:01:41 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 3)

23:01:41 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9)

23:01:41 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x10b103)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = dup(0xffffffffffffffff)
ioctl$LOOP_SET_FD(r2, 0x4c00, r4)

23:01:41 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 3)

[  523.762989] FAULT_INJECTION: forcing a failure.
[  523.762989] name failslab, interval 1, probability 0, space 0, times 0
[  523.765206] FAULT_INJECTION: forcing a failure.
[  523.765206] name failslab, interval 1, probability 0, space 0, times 0
[  523.765570] CPU: 1 PID: 5420 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  523.769515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  523.772005] Call Trace:
[  523.772583]  <TASK>
[  523.773074]  dump_stack_lvl+0x8b/0xb3
[  523.773935]  should_fail.cold+0x5/0xa
[  523.774782]  ? create_object.isra.0+0x3a/0xa20
[  523.775797]  should_failslab+0x5/0x10
[  523.776642]  kmem_cache_alloc+0x5b/0x480
[  523.777548]  create_object.isra.0+0x3a/0xa20
[  523.778520]  ? kasan_unpoison+0x23/0x50
[  523.779408]  kmem_cache_alloc_node+0x248/0x490
[  523.780444]  copy_process+0x2fb7/0x6d40
[  523.781330]  ? lock_is_held_type+0xd7/0x130
[  523.782282]  ? find_held_lock+0x2c/0x110
[  523.783164]  ? lock_release+0x3b2/0x6f0
[  523.784037]  ? __might_fault+0xd1/0x170
[  523.784932]  ? __cleanup_sighand+0xb0/0xb0
[  523.785865]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  523.787050]  ? _copy_from_user+0x139/0x170
[  523.787973]  ? kernel_clone+0x2f8/0xa60
[  523.788864]  kernel_clone+0xe7/0xa60
[  523.789698]  ? lock_is_held_type+0xd7/0x130
[  523.790629]  ? copy_init_mm+0x20/0x20
[  523.791475]  ? lock_is_held_type+0xd7/0x130
[  523.792436]  __do_sys_clone3+0x1c9/0x2d0
[  523.793322]  ? __ia32_sys_clone+0x150/0x150
[  523.794298]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.795471]  ? vfs_write+0x188/0xae0
[  523.796295]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  523.797485]  ? fput+0x2a/0x50
[  523.798189]  ? syscall_enter_from_user_mode+0x1d/0x50
[  523.799319]  do_syscall_64+0x3b/0x90
[  523.800142]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  523.801272] RIP: 0033:0x7fc730828b19
[  523.802068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  523.806065] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  523.807692] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  523.809223] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  523.810738] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  523.812256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.813770] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  523.815313]  </TASK>
[  523.815801] CPU: 0 PID: 5421 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  523.817496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  523.819741] Call Trace:
[  523.820261]  <TASK>
[  523.820725]  dump_stack_lvl+0x8b/0xb3
[  523.821517]  should_fail.cold+0x5/0xa
[  523.822308]  ? create_user_ns+0x1ac/0xd80
[  523.823153]  should_failslab+0x5/0x10
[  523.823900]  kmem_cache_alloc+0x5b/0x480
[  523.824742]  create_user_ns+0x1ac/0xd80
[  523.825549]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.826672]  ? prepare_creds+0x519/0x6f0
[  523.827507]  copy_creds+0x53d/0x930
[  523.828255]  copy_process+0x10d5/0x6d40
[  523.829087]  ? lock_is_held_type+0xd7/0x130
[  523.829946]  ? find_held_lock+0x2c/0x110
[  523.830772]  ? lock_release+0x3b2/0x6f0
[  523.831573]  ? __might_fault+0xd1/0x170
[  523.832421]  ? __cleanup_sighand+0xb0/0xb0
[  523.833287]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  523.834394]  ? _copy_from_user+0x139/0x170
[  523.835264]  ? kernel_clone+0x2f8/0xa60
[  523.836081]  kernel_clone+0xe7/0xa60
[  523.836169] FAULT_INJECTION: forcing a failure.
[  523.836169] name failslab, interval 1, probability 0, space 0, times 0
[  523.836858]  ? lock_is_held_type+0xd7/0x130
[  523.836889]  ? copy_init_mm+0x20/0x20
[  523.840807]  ? lock_is_held_type+0xd7/0x130
[  523.841685]  __do_sys_clone3+0x1c9/0x2d0
[  523.842519]  ? __ia32_sys_clone+0x150/0x150
[  523.843409]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.844523]  ? vfs_write+0x188/0xae0
[  523.845287]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  523.846388]  ? fput+0x2a/0x50
[  523.847030]  ? syscall_enter_from_user_mode+0x1d/0x50
[  523.848078]  do_syscall_64+0x3b/0x90
[  523.848859]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  523.849887] RIP: 0033:0x7f37c9f3ab19
[  523.850634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  523.854749] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  523.856420] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  523.857901] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  523.859319] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  523.860745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.862154] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  523.863589]  </TASK>
[  523.864050] CPU: 1 PID: 5427 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  523.865810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  523.868358] Call Trace:
[  523.868909]  <TASK>
[  523.869372]  dump_stack_lvl+0x8b/0xb3
[  523.870195]  should_fail.cold+0x5/0xa
[  523.871012]  ? create_object.isra.0+0x3a/0xa20
[  523.871974]  should_failslab+0x5/0x10
[  523.872769]  kmem_cache_alloc+0x5b/0x480
[  523.873614]  create_object.isra.0+0x3a/0xa20
[  523.874540]  ? kasan_unpoison+0x23/0x50
[  523.874583]  kmem_cache_alloc+0x239/0x480
[  523.874618]  create_user_ns+0x1ac/0xd80
[  523.874653]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.874684]  ? prepare_creds+0x519/0x6f0
[  523.874724]  copy_creds+0x53d/0x930
[  523.874763]  copy_process+0x10d5/0x6d40
[  523.874797]  ? lock_is_held_type+0xd7/0x130
[  523.874823]  ? find_held_lock+0x2c/0x110
[  523.874853]  ? lock_release+0x3b2/0x6f0
[  523.874881]  ? __might_fault+0xd1/0x170
[  523.874929]  ? __cleanup_sighand+0xb0/0xb0
[  523.874974]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  523.875004]  ? _copy_from_user+0x139/0x170
[  523.875038]  ? kernel_clone+0x2f8/0xa60
[  523.875076]  kernel_clone+0xe7/0xa60
[  523.875110]  ? lock_is_held_type+0xd7/0x130
[  523.875137]  ? copy_init_mm+0x20/0x20
[  523.875188]  ? lock_is_held_type+0xd7/0x130
[  523.875222]  __do_sys_clone3+0x1c9/0x2d0
[  523.875257]  ? __ia32_sys_clone+0x150/0x150
[  523.875314]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.875344]  ? vfs_write+0x188/0xae0
[  523.875377]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  523.875409]  ? fput+0x2a/0x50
[  523.875450]  ? syscall_enter_from_user_mode+0x1d/0x50
[  523.875486]  do_syscall_64+0x3b/0x90
[  523.875522]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  523.875547] RIP: 0033:0x7f3d8a0d9b19
[  523.875565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  523.875587] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  523.875612] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  523.875629] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  523.875644] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  523.875659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  523.875673] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  523.875713]  </TASK>
[  523.888076] FAULT_INJECTION: forcing a failure.
[  523.888076] name failslab, interval 1, probability 0, space 0, times 0
[  523.888110] CPU: 1 PID: 5425 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  523.888136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  523.888151] Call Trace:
[  523.888158]  <TASK>
[  523.888167]  dump_stack_lvl+0x8b/0xb3
[  523.888216]  should_fail.cold+0x5/0xa
[  523.888255]  ? __alloc_skb+0x211/0x340
[  523.888286]  should_failslab+0x5/0x10
[  523.888307]  kmem_cache_alloc_node+0x55/0x490
[  523.888342]  __alloc_skb+0x211/0x340
[  523.888377]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.888416]  netlink_sendmsg+0x98d/0xdf0
[  523.888456]  ? netlink_unicast+0x7e0/0x7e0
[  523.888497]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.888531]  ? netlink_unicast+0x7e0/0x7e0
[  523.888562]  sock_sendmsg+0x150/0x190
[  523.888594]  ____sys_sendmsg+0x709/0x870
[  523.888627]  ? kernel_sendmsg+0x50/0x50
[  523.888653]  ? __ia32_sys_recvmmsg+0x260/0x260
[  523.888687]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  523.888721]  ? lock_release+0x3b2/0x6f0
[  523.888749]  ? __might_fault+0xd1/0x170
[  523.888796]  ___sys_sendmsg+0xf3/0x170
[  523.888831]  ? sendmsg_copy_msghdr+0x160/0x160
[  523.888866]  ? lock_release+0x3b2/0x6f0
[  523.888897]  ? lock_downgrade+0x6d0/0x6d0
[  523.888928]  ? lock_release+0x3b2/0x6f0
[  523.888956]  ? ksys_write+0x212/0x250
[  523.888987]  ? lock_downgrade+0x6d0/0x6d0
[  523.889024]  ? __fget_files+0x28d/0x470
[  523.889063]  ? __fget_light+0xea/0x280
[  523.889089]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  523.889128]  __sys_sendmsg+0xe5/0x1b0
[  523.889161]  ? __sys_sendmsg_sock+0x30/0x30
[  523.889192]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.889245]  ? syscall_enter_from_user_mode+0x1d/0x50
[  523.889282]  do_syscall_64+0x3b/0x90
[  523.889318]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  523.889343] RIP: 0033:0x7f54fbbc7b19
[  523.889361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  523.889383] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.889408] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  523.889425] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  523.889440] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  523.889456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.889470] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  523.889511]  </TASK>
[  523.893794] FAULT_INJECTION: forcing a failure.
[  523.893794] name failslab, interval 1, probability 0, space 0, times 0
[  523.893825] CPU: 1 PID: 5426 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  523.893850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  523.893871] Call Trace:
[  523.893878]  <TASK>
[  523.893886]  dump_stack_lvl+0x8b/0xb3
[  523.893927]  should_fail.cold+0x5/0xa
[  523.893965]  ? __alloc_skb+0x211/0x340
[  523.893994]  should_failslab+0x5/0x10
[  523.894015]  kmem_cache_alloc_node+0x55/0x490
[  523.894050]  __alloc_skb+0x211/0x340
[  523.894076]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.894114]  netlink_sendmsg+0x98d/0xdf0
[  523.894153]  ? netlink_unicast+0x7e0/0x7e0
[  523.894192]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.894226]  ? netlink_unicast+0x7e0/0x7e0
[  523.894257]  sock_sendmsg+0x150/0x190
[  523.894287]  ____sys_sendmsg+0x709/0x870
[  523.894320]  ? kernel_sendmsg+0x50/0x50
[  523.894345]  ? __ia32_sys_recvmmsg+0x260/0x260
[  523.894378]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  523.894412]  ? lock_release+0x3b2/0x6f0
[  523.894439]  ? __might_fault+0xd1/0x170
[  523.894485]  ___sys_sendmsg+0xf3/0x170
[  523.894520]  ? sendmsg_copy_msghdr+0x160/0x160
[  523.894554]  ? lock_release+0x3b2/0x6f0
[  523.894585]  ? lock_downgrade+0x6d0/0x6d0
[  523.894616]  ? lock_release+0x3b2/0x6f0
[  523.894643]  ? ksys_write+0x212/0x250
[  523.894674]  ? lock_downgrade+0x6d0/0x6d0
[  523.894710]  ? __fget_files+0x28d/0x470
[  523.894748]  ? __fget_light+0xea/0x280
[  523.894773]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  523.894811]  __sys_sendmsg+0xe5/0x1b0
[  523.894844]  ? __sys_sendmsg_sock+0x30/0x30
[  523.894874]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  523.894926]  ? syscall_enter_from_user_mode+0x1d/0x50
[  523.894962]  do_syscall_64+0x3b/0x90
[  523.894998]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  523.895023] RIP: 0033:0x7efdec8bab19
[  524.009915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:01:42 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4)

23:01:42 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10)

[  524.009943] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.009967] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  524.009984] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  524.009998] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  524.010012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.010025] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
23:01:42 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 4)

[  524.010065]  </TASK>
[  524.054881] FAULT_INJECTION: forcing a failure.
[  524.054881] name fail_page_alloc, interval 1, probability 0, space 0, times 0
23:01:42 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x80fe, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  524.054920] CPU: 0 PID: 5436 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
23:01:42 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11)

[  524.054946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.054968] Call Trace:
[  524.054975]  <TASK>
[  524.054984]  dump_stack_lvl+0x8b/0xb3
[  524.055039]  should_fail.cold+0x5/0xa
[  524.055106]  prepare_alloc_pages+0x17b/0x500
[  524.055145]  ? find_held_lock+0x2c/0x110
[  524.055178]  __alloc_pages+0x131/0x4e0
[  524.055210]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[  524.055258]  ? rcu_read_lock_sched_held+0x3a/0x70
[  524.055288]  ? kmem_cache_alloc_node+0x344/0x490
[  524.055323]  copy_process+0x617/0x6d40
[  524.055358]  ? lock_is_held_type+0xd7/0x130
23:01:42 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11)

23:01:42 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5)

[  524.055385]  ? find_held_lock+0x2c/0x110
[  524.055416]  ? lock_release+0x3b2/0x6f0
[  524.055443]  ? __might_fault+0xd1/0x170
[  524.055492]  ? __cleanup_sighand+0xb0/0xb0
[  524.055535]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.055567]  ? _copy_from_user+0x139/0x170
[  524.055600]  ? kernel_clone+0x2f8/0xa60
[  524.055636]  kernel_clone+0xe7/0xa60
[  524.055670]  ? lock_is_held_type+0xd7/0x130
[  524.055696]  ? copy_init_mm+0x20/0x20
[  524.055745]  ? lock_is_held_type+0xd7/0x130
[  524.055778]  __do_sys_clone3+0x1c9/0x2d0
[  524.055813]  ? __ia32_sys_clone+0x150/0x150
[  524.055867]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.055896]  ? vfs_write+0x188/0xae0
[  524.055930]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  524.055961]  ? fput+0x2a/0x50
[  524.056001]  ? syscall_enter_from_user_mode+0x1d/0x50
23:01:42 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 5)

[  524.056046]  do_syscall_64+0x3b/0x90
[  524.056090]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.056116] RIP: 0033:0x7fc730828b19
[  524.056134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.056156] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  524.056182] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  524.056198] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  524.056213] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  524.056228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
23:01:42 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xc0fe, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  524.056243] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  524.056281]  </TASK>
[  524.070518] FAULT_INJECTION: forcing a failure.
[  524.070518] name failslab, interval 1, probability 0, space 0, times 0
[  524.070550] CPU: 0 PID: 5438 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.070575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.070590] Call Trace:
[  524.070596]  <TASK>
[  524.070604]  dump_stack_lvl+0x8b/0xb3
[  524.070645]  should_fail.cold+0x5/0xa
[  524.070683]  ? create_object.isra.0+0x3a/0xa20
[  524.070723]  should_failslab+0x5/0x10
[  524.070745]  kmem_cache_alloc+0x5b/0x480
[  524.070779]  create_object.isra.0+0x3a/0xa20
[  524.070813]  ? kasan_unpoison+0x23/0x50
[  524.070853]  kmem_cache_alloc+0x239/0x480
[  524.070886]  create_user_ns+0x1ac/0xd80
[  524.070921]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.070951]  ? prepare_creds+0x519/0x6f0
[  524.070990]  copy_creds+0x53d/0x930
[  524.071042]  copy_process+0x10d5/0x6d40
[  524.071091]  ? lock_is_held_type+0xd7/0x130
[  524.071118]  ? find_held_lock+0x2c/0x110
[  524.071148]  ? lock_release+0x3b2/0x6f0
[  524.071174]  ? __might_fault+0xd1/0x170
[  524.071221]  ? __cleanup_sighand+0xb0/0xb0
[  524.071265]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.071294]  ? _copy_from_user+0x139/0x170
[  524.071325]  ? kernel_clone+0x2f8/0xa60
[  524.071362]  kernel_clone+0xe7/0xa60
[  524.071395]  ? lock_is_held_type+0xd7/0x130
[  524.071422]  ? copy_init_mm+0x20/0x20
[  524.071472]  ? lock_is_held_type+0xd7/0x130
[  524.071505]  __do_sys_clone3+0x1c9/0x2d0
[  524.071540]  ? __ia32_sys_clone+0x150/0x150
[  524.071594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.071624]  ? vfs_write+0x188/0xae0
[  524.071658]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  524.071690]  ? fput+0x2a/0x50
[  524.071730]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.071766]  do_syscall_64+0x3b/0x90
[  524.071801]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.071826] RIP: 0033:0x7f37c9f3ab19
[  524.071844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.071865] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  524.071895] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  524.071912] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  524.071926] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  524.071941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  524.071956] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  524.071994]  </TASK>
[  524.144493] FAULT_INJECTION: forcing a failure.
[  524.144493] name failslab, interval 1, probability 0, space 0, times 0
[  524.144528] CPU: 1 PID: 5441 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.144557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.144573] Call Trace:
[  524.144580]  <TASK>
[  524.144588]  dump_stack_lvl+0x8b/0xb3
[  524.144632]  should_fail.cold+0x5/0xa
[  524.144668]  ? create_object.isra.0+0x3a/0xa20
[  524.144706]  should_failslab+0x5/0x10
[  524.144727]  kmem_cache_alloc+0x5b/0x480
[  524.144761]  create_object.isra.0+0x3a/0xa20
[  524.144793]  ? kasan_unpoison+0x23/0x50
[  524.144831]  kmem_cache_alloc_node+0x248/0x490
[  524.144864]  __alloc_skb+0x211/0x340
[  524.144889]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.144926]  netlink_sendmsg+0x98d/0xdf0
[  524.144963]  ? netlink_unicast+0x7e0/0x7e0
[  524.145000]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.145032]  ? netlink_unicast+0x7e0/0x7e0
[  524.145060]  sock_sendmsg+0x150/0x190
[  524.145089]  ____sys_sendmsg+0x709/0x870
[  524.145120]  ? kernel_sendmsg+0x50/0x50
[  524.145143]  ? __ia32_sys_recvmmsg+0x260/0x260
[  524.145174]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  524.145212]  ? lock_release+0x3b2/0x6f0
[  524.145237]  ? __might_fault+0xd1/0x170
[  524.145281]  ___sys_sendmsg+0xf3/0x170
[  524.145313]  ? sendmsg_copy_msghdr+0x160/0x160
[  524.145345]  ? lock_release+0x3b2/0x6f0
[  524.145374]  ? lock_downgrade+0x6d0/0x6d0
[  524.145402]  ? lock_release+0x3b2/0x6f0
[  524.145427]  ? ksys_write+0x212/0x250
[  524.145456]  ? lock_downgrade+0x6d0/0x6d0
[  524.145490]  ? __fget_files+0x28d/0x470
[  524.145526]  ? __fget_light+0xea/0x280
[  524.145550]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.145585]  __sys_sendmsg+0xe5/0x1b0
[  524.145615]  ? __sys_sendmsg_sock+0x30/0x30
[  524.145643]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.145692]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.145727]  do_syscall_64+0x3b/0x90
[  524.145761]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.145785] RIP: 0033:0x7f54fbbc7b19
[  524.145802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.145823] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.145846] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  524.145862] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  524.145875] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  524.145889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.145903] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  524.145940]  </TASK>
[  524.218238] FAULT_INJECTION: forcing a failure.
[  524.218238] name failslab, interval 1, probability 0, space 0, times 0
[  524.218274] CPU: 0 PID: 5448 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.218299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.218315] Call Trace:
[  524.218322]  <TASK>
[  524.218331]  dump_stack_lvl+0x8b/0xb3
[  524.218376]  should_fail.cold+0x5/0xa
[  524.218412]  ? prepare_creds+0x2b/0x6f0
[  524.218449]  should_failslab+0x5/0x10
[  524.218471]  kmem_cache_alloc+0x5b/0x480
[  524.218510]  prepare_creds+0x2b/0x6f0
[  524.218547]  copy_creds+0x72/0x930
[  524.218585]  copy_process+0x10d5/0x6d40
[  524.218618]  ? lock_is_held_type+0xd7/0x130
[  524.218644]  ? find_held_lock+0x2c/0x110
[  524.218674]  ? lock_release+0x3b2/0x6f0
[  524.218700]  ? __might_fault+0xd1/0x170
[  524.218750]  ? __cleanup_sighand+0xb0/0xb0
[  524.218791]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.218821]  ? _copy_from_user+0x139/0x170
[  524.218853]  ? kernel_clone+0x2f8/0xa60
[  524.218888]  kernel_clone+0xe7/0xa60
[  524.218920]  ? lock_is_held_type+0xd7/0x130
[  524.218945]  ? copy_init_mm+0x20/0x20
[  524.218993]  ? lock_is_held_type+0xd7/0x130
[  524.219027]  __do_sys_clone3+0x1c9/0x2d0
[  524.219078]  ? __ia32_sys_clone+0x150/0x150
[  524.219133]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.219161]  ? vfs_write+0x188/0xae0
[  524.219194]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  524.219224]  ? fput+0x2a/0x50
[  524.219262]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.219296]  do_syscall_64+0x3b/0x90
[  524.219330]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.219355] RIP: 0033:0x7fc730828b19
[  524.219372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.219393] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  524.219418] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  524.219433] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  524.219448] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  524.219462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.219476] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  524.219513]  </TASK>
[  524.233584] FAULT_INJECTION: forcing a failure.
[  524.233584] name failslab, interval 1, probability 0, space 0, times 0
[  524.233615] CPU: 0 PID: 5449 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.233639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.233654] Call Trace:
[  524.233660]  <TASK>
[  524.233668]  dump_stack_lvl+0x8b/0xb3
[  524.233707]  should_fail.cold+0x5/0xa
[  524.233747]  should_failslab+0x5/0x10
[  524.233766]  __kmalloc_track_caller+0x79/0x310
[  524.233791]  ? setup_userns_sysctls+0x4d/0x180
[  524.233823]  kmemdup+0x23/0x50
[  524.233846]  setup_userns_sysctls+0x4d/0x180
[  524.233875]  create_user_ns+0x8e5/0xd80
[  524.233915]  copy_creds+0x53d/0x930
[  524.233952]  copy_process+0x10d5/0x6d40
[  524.233983]  ? lock_is_held_type+0xd7/0x130
[  524.234007]  ? find_held_lock+0x2c/0x110
[  524.234043]  ? lock_release+0x3b2/0x6f0
[  524.234083]  ? __might_fault+0xd1/0x170
[  524.234146]  ? __cleanup_sighand+0xb0/0xb0
[  524.234192]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.234221]  ? _copy_from_user+0x139/0x170
[  524.234250]  ? kernel_clone+0x2f8/0xa60
[  524.234285]  kernel_clone+0xe7/0xa60
[  524.234317]  ? lock_is_held_type+0xd7/0x130
[  524.234342]  ? copy_init_mm+0x20/0x20
[  524.234389]  ? lock_is_held_type+0xd7/0x130
[  524.234420]  __do_sys_clone3+0x1c9/0x2d0
[  524.234453]  ? __ia32_sys_clone+0x150/0x150
[  524.234505]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.234533]  ? vfs_write+0x188/0xae0
[  524.234564]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  524.234593]  ? fput+0x2a/0x50
[  524.234631]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.234665]  do_syscall_64+0x3b/0x90
[  524.234698]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.234722] RIP: 0033:0x7f3d8a0d9b19
[  524.234739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.234760] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  524.234783] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  524.234798] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  524.234812] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  524.234827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  524.234840] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  524.234877]  </TASK>
[  524.243413] FAULT_INJECTION: forcing a failure.
[  524.243413] name failslab, interval 1, probability 0, space 0, times 0
[  524.243451] CPU: 1 PID: 5450 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.243483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.243502] Call Trace:
[  524.243510]  <TASK>
[  524.243519]  dump_stack_lvl+0x8b/0xb3
[  524.243568]  should_fail.cold+0x5/0xa
[  524.243610]  should_failslab+0x5/0x10
[  524.243635]  __kmalloc_track_caller+0x79/0x310
[  524.243664]  ? setup_userns_sysctls+0x4d/0x180
[  524.243699]  kmemdup+0x23/0x50
[  524.243724]  setup_userns_sysctls+0x4d/0x180
[  524.243756]  create_user_ns+0x8e5/0xd80
[  524.243804]  copy_creds+0x53d/0x930
[  524.243852]  copy_process+0x10d5/0x6d40
[  524.243902]  ? lock_is_held_type+0xd7/0x130
[  524.243939]  ? find_held_lock+0x2c/0x110
[  524.243977]  ? lock_release+0x3b2/0x6f0
[  524.244007]  ? __might_fault+0xd1/0x170
[  524.244065]  ? __cleanup_sighand+0xb0/0xb0
[  524.244117]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.244151]  ? _copy_from_user+0x139/0x170
[  524.244198]  ? kernel_clone+0x2f8/0xa60
[  524.244244]  kernel_clone+0xe7/0xa60
[  524.244287]  ? lock_is_held_type+0xd7/0x130
[  524.244318]  ? copy_init_mm+0x20/0x20
[  524.244396]  ? lock_is_held_type+0xd7/0x130
[  524.244430]  __do_sys_clone3+0x1c9/0x2d0
[  524.244468]  ? __ia32_sys_clone+0x150/0x150
[  524.244533]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.244568]  ? vfs_write+0x188/0xae0
[  524.244604]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  524.244647]  ? fput+0x2a/0x50
[  524.244699]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.244748]  do_syscall_64+0x3b/0x90
[  524.244800]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.244834] RIP: 0033:0x7f37c9f3ab19
[  524.244856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.244886] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  524.244918] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  524.244940] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  524.244961] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  524.244977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  524.244993] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  524.245043]  </TASK>
[  524.288016] FAULT_INJECTION: forcing a failure.
[  524.288016] name failslab, interval 1, probability 0, space 0, times 0
[  524.288047] CPU: 1 PID: 5453 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  524.288071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  524.288086] Call Trace:
[  524.288092]  <TASK>
[  524.288099]  dump_stack_lvl+0x8b/0xb3
[  524.288139]  should_fail.cold+0x5/0xa
[  524.288185]  should_failslab+0x5/0x10
[  524.288205]  __kmalloc_node_track_caller+0x7e/0x330
[  524.288231]  ? netlink_sendmsg+0x98d/0xdf0
[  524.288267]  __alloc_skb+0xe3/0x340
[  524.288300]  netlink_sendmsg+0x98d/0xdf0
[  524.288336]  ? netlink_unicast+0x7e0/0x7e0
[  524.288383]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.288415]  ? netlink_unicast+0x7e0/0x7e0
[  524.288443]  sock_sendmsg+0x150/0x190
[  524.288472]  ____sys_sendmsg+0x709/0x870
[  524.288502]  ? kernel_sendmsg+0x50/0x50
[  524.288526]  ? __ia32_sys_recvmmsg+0x260/0x260
[  524.288557]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  524.288588]  ? lock_release+0x3b2/0x6f0
[  524.288614]  ? __might_fault+0xd1/0x170
[  524.288657]  ___sys_sendmsg+0xf3/0x170
[  524.288690]  ? sendmsg_copy_msghdr+0x160/0x160
[  524.288722]  ? lock_release+0x3b2/0x6f0
[  524.288750]  ? lock_downgrade+0x6d0/0x6d0
[  524.288779]  ? lock_release+0x3b2/0x6f0
[  524.288804]  ? ksys_write+0x212/0x250
[  524.288834]  ? lock_downgrade+0x6d0/0x6d0
[  524.288868]  ? __fget_files+0x28d/0x470
[  524.288904]  ? __fget_light+0xea/0x280
[  524.288928]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  524.288963]  __sys_sendmsg+0xe5/0x1b0
[  524.288993]  ? __sys_sendmsg_sock+0x30/0x30
[  524.289021]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  524.289070]  ? syscall_enter_from_user_mode+0x1d/0x50
[  524.289104]  do_syscall_64+0x3b/0x90
[  524.289138]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  524.289161] RIP: 0033:0x7f54fbbc7b19
[  524.289177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  524.289198] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.289221] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  524.289236] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  524.289250] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  524.289264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.289277] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  524.289315]  </TASK>
23:01:54 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12)

23:01:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 4)

23:01:54 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  536.196208] FAULT_INJECTION: forcing a failure.
[  536.196208] name failslab, interval 1, probability 0, space 0, times 0
[  536.197510] CPU: 0 PID: 5468 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.198380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.199591] Call Trace:
[  536.199873]  <TASK>
[  536.200131]  dump_stack_lvl+0x8b/0xb3
[  536.200582]  should_fail.cold+0x5/0xa
[  536.200996]  ? create_object.isra.0+0x3a/0xa20
[  536.201481]  should_failslab+0x5/0x10
[  536.201581] FAULT_INJECTION: forcing a failure.
[  536.201581] name failslab, interval 1, probability 0, space 0, times 0
[  536.201884]  kmem_cache_alloc+0x5b/0x480
[  536.204651]  create_object.isra.0+0x3a/0xa20
[  536.205123]  ? kasan_unpoison+0x23/0x50
[  536.205552]  __kmalloc_track_caller+0x1f0/0x310
[  536.206048]  ? setup_userns_sysctls+0x4d/0x180
[  536.206535]  kmemdup+0x23/0x50
[  536.206868]  setup_userns_sysctls+0x4d/0x180
[  536.207334]  create_user_ns+0x8e5/0xd80
[  536.207772]  copy_creds+0x53d/0x930
[  536.208177]  copy_process+0x10d5/0x6d40
[  536.208634]  ? lock_is_held_type+0xd7/0x130
[  536.209105]  ? find_held_lock+0x2c/0x110
[  536.209540]  ? lock_release+0x3b2/0x6f0
[  536.209970]  ? __might_fault+0xd1/0x170
[  536.210420]  ? __cleanup_sighand+0xb0/0xb0
[  536.210884]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.211471]  ? _copy_from_user+0x139/0x170
[  536.211941]  ? kernel_clone+0x2f8/0xa60
[  536.212375]  kernel_clone+0xe7/0xa60
[  536.212798]  ? lock_is_held_type+0xd7/0x130
[  536.213263]  ? copy_init_mm+0x20/0x20
[  536.213686]  ? lock_is_held_type+0xd7/0x130
[  536.214156]  __do_sys_clone3+0x1c9/0x2d0
[  536.214591]  ? __ia32_sys_clone+0x150/0x150
[  536.215067]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.215653]  ? vfs_write+0x188/0xae0
[  536.216061]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.216679]  ? fput+0x2a/0x50
[  536.217025]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.217593]  do_syscall_64+0x3b/0x90
[  536.218004]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.218556] RIP: 0033:0x7f3d8a0d9b19
[  536.218946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.220903] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.221693] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  536.222452] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.223210] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.223969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.224737] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  536.225501]  </TASK>
[  536.225745] CPU: 1 PID: 5470 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.227479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.229858] Call Trace:
[  536.230397]  <TASK>
[  536.230865]  dump_stack_lvl+0x8b/0xb3
[  536.231682]  should_fail.cold+0x5/0xa
[  536.232497]  ? create_object.isra.0+0x3a/0xa20
[  536.233495]  should_failslab+0x5/0x10
[  536.234303]  kmem_cache_alloc+0x5b/0x480
[  536.235168]  create_object.isra.0+0x3a/0xa20
[  536.236099]  ? kasan_unpoison+0x23/0x50
[  536.236976]  kmem_cache_alloc+0x239/0x480
[  536.237857]  prepare_creds+0x2b/0x6f0
[  536.238671]  copy_creds+0x72/0x930
[  536.239450]  copy_process+0x10d5/0x6d40
[  536.240316]  ? lock_is_held_type+0xd7/0x130
[  536.241233]  ? find_held_lock+0x2c/0x110
[  536.242092]  ? lock_release+0x3b2/0x6f0
[  536.242930]  ? __might_fault+0xd1/0x170
[  536.243819]  ? __cleanup_sighand+0xb0/0xb0
[  536.244789]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.245948]  ? _copy_from_user+0x139/0x170
[  536.246884]  ? kernel_clone+0x2f8/0xa60
[  536.247737]  kernel_clone+0xe7/0xa60
[  536.248530]  ? lock_is_held_type+0xd7/0x130
[  536.249464]  ? copy_init_mm+0x20/0x20
[  536.250307]  ? lock_is_held_type+0xd7/0x130
[  536.251258]  __do_sys_clone3+0x1c9/0x2d0
[  536.252126]  ? __ia32_sys_clone+0x150/0x150
[  536.253077]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.254233]  ? vfs_write+0x188/0xae0
[  536.255035]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.256204]  ? fput+0x2a/0x50
[  536.256916]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.258011]  do_syscall_64+0x3b/0x90
[  536.258805]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.259885] RIP: 0033:0x7fc730828b19
[  536.260702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.264580] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.266169] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  536.267655] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.269149] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.270638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.272127] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  536.273660]  </TASK>
[  536.289229] FAULT_INJECTION: forcing a failure.
[  536.289229] name failslab, interval 1, probability 0, space 0, times 0
[  536.290463] CPU: 0 PID: 5469 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.291315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.292506] Call Trace:
[  536.292848]  <TASK>
[  536.293098]  dump_stack_lvl+0x8b/0xb3
[  536.293553]  should_fail.cold+0x5/0xa
[  536.293992]  ? create_object.isra.0+0x3a/0xa20
[  536.294503]  should_failslab+0x5/0x10
[  536.294922]  kmem_cache_alloc+0x5b/0x480
[  536.295372]  create_object.isra.0+0x3a/0xa20
[  536.295860]  ? kasan_unpoison+0x23/0x50
[  536.296305]  kmem_cache_alloc_node+0x248/0x490
[  536.296841]  __alloc_skb+0x211/0x340
[  536.297253]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.297863]  netlink_sendmsg+0x98d/0xdf0
[  536.298325]  ? netlink_unicast+0x7e0/0x7e0
[  536.298803]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.299448]  ? netlink_unicast+0x7e0/0x7e0
[  536.299945]  sock_sendmsg+0x150/0x190
[  536.300382]  ____sys_sendmsg+0x709/0x870
[  536.300867]  ? kernel_sendmsg+0x50/0x50
[  536.301331]  ? __ia32_sys_recvmmsg+0x260/0x260
[  536.302352]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  536.303648]  ? lock_release+0x3b2/0x6f0
[  536.304662]  ? __might_fault+0xd1/0x170
23:01:54 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6)

23:01:54 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12)

23:01:54 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x6a0501)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.events\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x2, 0x1, 0x3, 0x0, 0x7}})
syz_open_dev$loop(&(0x7f0000000040), 0x2, 0x210180)

23:01:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 6)

23:01:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfc00, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:01:54 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13)

23:01:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfd00, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  536.305590]  ___sys_sendmsg+0xf3/0x170
[  536.305610]  ? sendmsg_copy_msghdr+0x160/0x160
[  536.305628]  ? lock_release+0x3b2/0x6f0
[  536.305643]  ? lock_downgrade+0x6d0/0x6d0
[  536.305659]  ? lock_release+0x3b2/0x6f0
[  536.305673]  ? ksys_write+0x212/0x250
[  536.305689]  ? lock_downgrade+0x6d0/0x6d0
[  536.305707]  ? __fget_files+0x28d/0x470
[  536.305728]  ? __fget_light+0xea/0x280
[  536.305741]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.305760]  __sys_sendmsg+0xe5/0x1b0
[  536.305776]  ? __sys_sendmsg_sock+0x30/0x30
[  536.305792]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.305818]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.305837]  do_syscall_64+0x3b/0x90
23:01:54 executing program 5:
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000040)=0xffffffff)
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x400008e2, 0x140)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x90, 0x0, 0x8, 0x201, 0x0, 0x0, {0xc, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x86dd}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0xffffffff}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0xb2}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x7}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x81)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
ioctl$LOOP_SET_FD(r0, 0x1269, r0)

[  536.305856]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.305869] RIP: 0033:0x7efdec8bab19
23:01:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 5)

[  536.305879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:01:54 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14)

23:01:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 7)

[  536.305890] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
23:01:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfe80, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  536.305903] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  536.305911] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  536.305918] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  536.305926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.305933] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  536.305953]  </TASK>
[  536.307687] FAULT_INJECTION: forcing a failure.
[  536.307687] name failslab, interval 1, probability 0, space 0, times 0
[  536.307719] CPU: 1 PID: 5484 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.307746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.307762] Call Trace:
[  536.307769]  <TASK>
[  536.307778]  dump_stack_lvl+0x8b/0xb3
[  536.307821]  should_fail.cold+0x5/0xa
[  536.307860]  ? create_object.isra.0+0x3a/0xa20
[  536.307900]  should_failslab+0x5/0x10
[  536.307921]  kmem_cache_alloc+0x5b/0x480
[  536.307957]  create_object.isra.0+0x3a/0xa20
[  536.307993]  ? kasan_unpoison+0x23/0x50
[  536.308035]  __kmalloc_track_caller+0x1f0/0x310
[  536.308062]  ? setup_userns_sysctls+0x4d/0x180
[  536.308096]  kmemdup+0x23/0x50
[  536.308121]  setup_userns_sysctls+0x4d/0x180
[  536.308153]  create_user_ns+0x8e5/0xd80
[  536.308205]  copy_creds+0x53d/0x930
[  536.308246]  copy_process+0x10d5/0x6d40
[  536.308281]  ? lock_is_held_type+0xd7/0x130
[  536.308308]  ? find_held_lock+0x2c/0x110
[  536.308339]  ? lock_release+0x3b2/0x6f0
[  536.308367]  ? __might_fault+0xd1/0x170
[  536.308417]  ? __cleanup_sighand+0xb0/0xb0
[  536.308463]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.308494]  ? _copy_from_user+0x139/0x170
[  536.308528]  ? kernel_clone+0x2f8/0xa60
[  536.308599]  kernel_clone+0xe7/0xa60
[  536.308635]  ? lock_is_held_type+0xd7/0x130
[  536.308663]  ? copy_init_mm+0x20/0x20
[  536.308715]  ? lock_is_held_type+0xd7/0x130
[  536.308750]  __do_sys_clone3+0x1c9/0x2d0
[  536.308787]  ? __ia32_sys_clone+0x150/0x150
[  536.308844]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.308876]  ? vfs_write+0x188/0xae0
[  536.308910]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.308943]  ? fput+0x2a/0x50
[  536.308985]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.309023]  do_syscall_64+0x3b/0x90
[  536.309060]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.309086] RIP: 0033:0x7f37c9f3ab19
[  536.309104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.309127] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.309153] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  536.309170] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.309186] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  536.309202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.309217] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  536.309259]  </TASK>
[  536.326500] FAULT_INJECTION: forcing a failure.
[  536.326500] name failslab, interval 1, probability 0, space 0, times 0
[  536.326533] CPU: 1 PID: 5482 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.326560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.326576] Call Trace:
[  536.326583]  <TASK>
[  536.326592]  dump_stack_lvl+0x8b/0xb3
[  536.326636]  should_fail.cold+0x5/0xa
[  536.326676]  ? create_object.isra.0+0x3a/0xa20
[  536.326721]  should_failslab+0x5/0x10
[  536.326751]  kmem_cache_alloc+0x5b/0x480
[  536.326793]  create_object.isra.0+0x3a/0xa20
[  536.326829]  ? kasan_unpoison+0x23/0x50
[  536.326872]  __kmalloc_node_track_caller+0x1fb/0x330
[  536.326902]  ? netlink_sendmsg+0x98d/0xdf0
[  536.326941]  __alloc_skb+0xe3/0x340
[  536.326977]  netlink_sendmsg+0x98d/0xdf0
[  536.327018]  ? netlink_unicast+0x7e0/0x7e0
[  536.327059]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.327095]  ? netlink_unicast+0x7e0/0x7e0
[  536.327127]  sock_sendmsg+0x150/0x190
[  536.327159]  ____sys_sendmsg+0x709/0x870
[  536.327202]  ? kernel_sendmsg+0x50/0x50
[  536.327229]  ? __ia32_sys_recvmmsg+0x260/0x260
[  536.327264]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  536.327299]  ? lock_release+0x3b2/0x6f0
[  536.327327]  ? __might_fault+0xd1/0x170
[  536.327375]  ___sys_sendmsg+0xf3/0x170
[  536.327411]  ? sendmsg_copy_msghdr+0x160/0x160
[  536.327447]  ? lock_release+0x3b2/0x6f0
[  536.327479]  ? lock_downgrade+0x6d0/0x6d0
[  536.327511]  ? lock_release+0x3b2/0x6f0
[  536.327540]  ? ksys_write+0x212/0x250
[  536.327573]  ? lock_downgrade+0x6d0/0x6d0
[  536.327611]  ? __fget_files+0x28d/0x470
[  536.327651]  ? __fget_light+0xea/0x280
[  536.327678]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.327718]  __sys_sendmsg+0xe5/0x1b0
[  536.327752]  ? __sys_sendmsg_sock+0x30/0x30
[  536.327784]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.327838]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.327876]  do_syscall_64+0x3b/0x90
[  536.327913]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.327939] RIP: 0033:0x7f54fbbc7b19
[  536.327957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.327980] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  536.328006] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  536.328024] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  536.328041] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.328063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.328086] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  536.328148]  </TASK>
[  536.349613] FAULT_INJECTION: forcing a failure.
[  536.349613] name failslab, interval 1, probability 0, space 0, times 0
[  536.349631] CPU: 0 PID: 5489 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.349644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.349653] Call Trace:
[  536.349656]  <TASK>
[  536.349661]  dump_stack_lvl+0x8b/0xb3
[  536.349684]  should_fail.cold+0x5/0xa
[  536.349703]  ? __register_sysctl_table+0x112/0x1090
[  536.349723]  should_failslab+0x5/0x10
[  536.349735]  __kmalloc+0x72/0x330
[  536.349747]  ? lock_downgrade+0x6d0/0x6d0
[  536.349765]  __register_sysctl_table+0x112/0x1090
[  536.349788]  ? proc_sys_evict_inode+0x180/0x180
[  536.349804]  ? trace_kmalloc+0x29/0xd0
[  536.349815]  ? __kmalloc_track_caller+0x1a5/0x310
[  536.349828]  ? setup_userns_sysctls+0x4d/0x180
[  536.349843]  ? memcpy+0x39/0x60
[  536.349863]  setup_userns_sysctls+0xc2/0x180
[  536.349878]  create_user_ns+0x8e5/0xd80
[  536.349901]  copy_creds+0x53d/0x930
[  536.349921]  copy_process+0x10d5/0x6d40
[  536.349938]  ? lock_is_held_type+0xd7/0x130
[  536.349952]  ? find_held_lock+0x2c/0x110
[  536.349967]  ? lock_release+0x3b2/0x6f0
[  536.349981]  ? __might_fault+0xd1/0x170
[  536.350005]  ? __cleanup_sighand+0xb0/0xb0
[  536.350027]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.350042]  ? _copy_from_user+0x139/0x170
[  536.350059]  ? kernel_clone+0x2f8/0xa60
[  536.350078]  kernel_clone+0xe7/0xa60
[  536.350095]  ? lock_is_held_type+0xd7/0x130
[  536.350112]  ? copy_init_mm+0x20/0x20
[  536.350138]  ? lock_is_held_type+0xd7/0x130
[  536.350155]  __do_sys_clone3+0x1c9/0x2d0
[  536.350173]  ? __ia32_sys_clone+0x150/0x150
[  536.350201]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.350216]  ? vfs_write+0x188/0xae0
[  536.350234]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.350249]  ? fput+0x2a/0x50
[  536.350270]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.350288]  do_syscall_64+0x3b/0x90
[  536.350306]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.350319] RIP: 0033:0x7f3d8a0d9b19
[  536.350328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.350339] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.350352] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  536.350360] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.350367] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.350375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.350382] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  536.350402]  </TASK>
[  536.433276] FAULT_INJECTION: forcing a failure.
[  536.433276] name failslab, interval 1, probability 0, space 0, times 0
[  536.433310] CPU: 0 PID: 5497 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.433324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.433333] Call Trace:
[  536.433337]  <TASK>
[  536.433342]  dump_stack_lvl+0x8b/0xb3
[  536.433369]  should_fail.cold+0x5/0xa
[  536.433391]  should_failslab+0x5/0x10
[  536.433406]  __kmalloc_node_track_caller+0x7e/0x330
[  536.433422]  ? netlink_sendmsg+0x98d/0xdf0
[  536.433442]  __alloc_skb+0xe3/0x340
[  536.433461]  netlink_sendmsg+0x98d/0xdf0
[  536.433480]  ? netlink_unicast+0x7e0/0x7e0
[  536.433500]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.433519]  ? netlink_unicast+0x7e0/0x7e0
[  536.433535]  sock_sendmsg+0x150/0x190
[  536.433551]  ____sys_sendmsg+0x709/0x870
[  536.433568]  ? kernel_sendmsg+0x50/0x50
[  536.433580]  ? __ia32_sys_recvmmsg+0x260/0x260
[  536.433597]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  536.433615]  ? lock_release+0x3b2/0x6f0
[  536.433629]  ? __might_fault+0xd1/0x170
[  536.433656]  ___sys_sendmsg+0xf3/0x170
[  536.433673]  ? sendmsg_copy_msghdr+0x160/0x160
[  536.433690]  ? lock_release+0x3b2/0x6f0
[  536.433706]  ? lock_downgrade+0x6d0/0x6d0
[  536.433721]  ? lock_release+0x3b2/0x6f0
[  536.433735]  ? ksys_write+0x212/0x250
[  536.433751]  ? lock_downgrade+0x6d0/0x6d0
[  536.433770]  ? __fget_files+0x28d/0x470
[  536.433790]  ? __fget_light+0xea/0x280
[  536.433803]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.433822]  __sys_sendmsg+0xe5/0x1b0
[  536.433838]  ? __sys_sendmsg_sock+0x30/0x30
[  536.433853]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.433879]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.433900]  do_syscall_64+0x3b/0x90
[  536.433918]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.433932] RIP: 0033:0x7efdec8bab19
[  536.433941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.433953] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  536.433966] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  536.433975] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  536.433982] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  536.433990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.433997] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  536.434018]  </TASK>
[  536.435642] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  536.471275] FAULT_INJECTION: forcing a failure.
[  536.471275] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.472793] FAULT_INJECTION: forcing a failure.
[  536.472793] name failslab, interval 1, probability 0, space 0, times 0
[  536.473607] CPU: 1 PID: 5500 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
23:01:54 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13)

[  536.628440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.628459] Call Trace:
[  536.628466]  <TASK>
[  536.628476]  dump_stack_lvl+0x8b/0xb3
[  536.628523]  should_fail.cold+0x5/0xa
[  536.628588]  _copy_from_iter+0x37d/0x14c0
[  536.628644]  ? hash_and_copy_to_iter+0x210/0x210
[  536.628682]  ? rcu_read_lock_sched_held+0x3a/0x70
[  536.628716]  ? memset+0x20/0x40
[  536.628752]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.628786]  ? __virt_addr_valid+0xe9/0x310
[  536.628825]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.628857]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  536.628887]  ? __check_object_size+0x1b5/0x4e0
[  536.628936]  netlink_sendmsg+0x86b/0xdf0
[  536.628978]  ? netlink_unicast+0x7e0/0x7e0
[  536.629019]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.629055]  ? netlink_unicast+0x7e0/0x7e0
[  536.629090]  sock_sendmsg+0x150/0x190
[  536.629122]  ____sys_sendmsg+0x709/0x870
[  536.629157]  ? kernel_sendmsg+0x50/0x50
[  536.629183]  ? __ia32_sys_recvmmsg+0x260/0x260
[  536.629218]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  536.629254]  ? lock_release+0x3b2/0x6f0
[  536.629282]  ? __might_fault+0xd1/0x170
[  536.629332]  ___sys_sendmsg+0xf3/0x170
[  536.629368]  ? sendmsg_copy_msghdr+0x160/0x160
[  536.629404]  ? lock_release+0x3b2/0x6f0
[  536.629435]  ? lock_downgrade+0x6d0/0x6d0
[  536.629468]  ? lock_release+0x3b2/0x6f0
[  536.629496]  ? ksys_write+0x212/0x250
[  536.629529]  ? lock_downgrade+0x6d0/0x6d0
[  536.629567]  ? __fget_files+0x28d/0x470
[  536.629607]  ? __fget_light+0xea/0x280
[  536.629634]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.629674]  __sys_sendmsg+0xe5/0x1b0
[  536.629707]  ? __sys_sendmsg_sock+0x30/0x30
[  536.629739]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.629793]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.629832]  do_syscall_64+0x3b/0x90
[  536.629871]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.629898] RIP: 0033:0x7f54fbbc7b19
[  536.629917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.629940] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  536.629967] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  536.629984] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  536.630000] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.630016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.630031] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  536.630073]  </TASK>
[  536.630082] CPU: 0 PID: 5501 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.630099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.630107] Call Trace:
[  536.630111]  <TASK>
[  536.630116]  dump_stack_lvl+0x8b/0xb3
[  536.630138]  should_fail.cold+0x5/0xa
[  536.630157]  ? create_object.isra.0+0x3a/0xa20
[  536.630180]  should_failslab+0x5/0x10
[  536.630192]  kmem_cache_alloc+0x5b/0x480
[  536.630210]  create_object.isra.0+0x3a/0xa20
[  536.630228]  ? kasan_unpoison+0x23/0x50
[  536.630249]  __kmalloc+0x1ed/0x330
[  536.630266]  __register_sysctl_table+0x112/0x1090
[  536.630292]  ? proc_sys_evict_inode+0x180/0x180
[  536.630308]  ? trace_kmalloc+0x29/0xd0
[  536.630320]  ? __kmalloc_track_caller+0x1a5/0x310
[  536.630333]  ? setup_userns_sysctls+0x4d/0x180
[  536.630349]  ? memcpy+0x39/0x60
[  536.630369]  setup_userns_sysctls+0xc2/0x180
[  536.630385]  create_user_ns+0x8e5/0xd80
[  536.630408]  copy_creds+0x53d/0x930
[  536.630429]  copy_process+0x10d5/0x6d40
[  536.630456]  ? lock_is_held_type+0xd7/0x130
[  536.630478]  ? find_held_lock+0x2c/0x110
[  536.630504]  ? lock_release+0x3b2/0x6f0
[  536.630526]  ? __might_fault+0xd1/0x170
[  536.630552]  ? __cleanup_sighand+0xb0/0xb0
[  536.630575]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.630591]  ? _copy_from_user+0x139/0x170
[  536.630608]  ? kernel_clone+0x2f8/0xa60
[  536.630627]  kernel_clone+0xe7/0xa60
[  536.630645]  ? lock_is_held_type+0xd7/0x130
[  536.630659]  ? copy_init_mm+0x20/0x20
[  536.630685]  ? lock_is_held_type+0xd7/0x130
[  536.630702]  __do_sys_clone3+0x1c9/0x2d0
[  536.630721]  ? __ia32_sys_clone+0x150/0x150
[  536.630749]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.630765]  ? vfs_write+0x188/0xae0
[  536.630782]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.630798]  ? fput+0x2a/0x50
[  536.630820]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.630838]  do_syscall_64+0x3b/0x90
[  536.630857]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.630870] RIP: 0033:0x7f3d8a0d9b19
[  536.630879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.630890] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.630903] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  536.630912] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.630920] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  536.630927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.630935] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  536.630956]  </TASK>
[  536.666883] FAULT_INJECTION: forcing a failure.
[  536.666883] name failslab, interval 1, probability 0, space 0, times 0
[  536.666917] CPU: 1 PID: 5507 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  536.666945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  536.722590] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  536.723191] Call Trace:
[  536.723201]  <TASK>
[  536.723210]  dump_stack_lvl+0x8b/0xb3
[  536.779235]  should_fail.cold+0x5/0xa
[  536.779282]  ? __register_sysctl_table+0x112/0x1090
[  536.780868]  should_failslab+0x5/0x10
[  536.781671]  __kmalloc+0x72/0x330
[  536.782405]  ? lock_downgrade+0x6d0/0x6d0
[  536.783287]  __register_sysctl_table+0x112/0x1090
[  536.784323]  ? proc_sys_evict_inode+0x180/0x180
[  536.785319]  ? trace_kmalloc+0x29/0xd0
[  536.786137]  ? __kmalloc_track_caller+0x1a5/0x310
[  536.787149]  ? setup_userns_sysctls+0x4d/0x180
[  536.788111]  ? memcpy+0x39/0x60
[  536.788841]  setup_userns_sysctls+0xc2/0x180
[  536.789770]  create_user_ns+0x8e5/0xd80
[  536.790626]  copy_creds+0x53d/0x930
[  536.791406]  copy_process+0x10d5/0x6d40
[  536.792251]  ? lock_is_held_type+0xd7/0x130
[  536.793166]  ? find_held_lock+0x2c/0x110
[  536.794028]  ? lock_release+0x3b2/0x6f0
[  536.794865]  ? __might_fault+0xd1/0x170
[  536.795727]  ? __cleanup_sighand+0xb0/0xb0
[  536.796655]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  536.797812]  ? _copy_from_user+0x139/0x170
[  536.798709]  ? kernel_clone+0x2f8/0xa60
[  536.799557]  kernel_clone+0xe7/0xa60
[  536.800349]  ? lock_is_held_type+0xd7/0x130
[  536.801266]  ? copy_init_mm+0x20/0x20
[  536.802094]  ? lock_is_held_type+0xd7/0x130
[  536.803008]  __do_sys_clone3+0x1c9/0x2d0
[  536.803874]  ? __ia32_sys_clone+0x150/0x150
[  536.804830]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  536.805985]  ? vfs_write+0x188/0xae0
[  536.806801]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  536.807959]  ? fput+0x2a/0x50
[  536.808645]  ? syscall_enter_from_user_mode+0x1d/0x50
[  536.809737]  do_syscall_64+0x3b/0x90
[  536.810538]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  536.811620] RIP: 0033:0x7f37c9f3ab19
[  536.812398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  536.816249] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  536.817856] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  536.819346] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  536.820846] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  536.822337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.823830] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  536.825365]  </TASK>
23:02:10 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 6)

23:02:10 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:02:10 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14)

23:02:10 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 8)

23:02:10 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15)

23:02:10 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
pipe2(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84800)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r7, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast1, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r8, 0xee00}, {0x400, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bbe, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@local, 0x3502, 0x0, 0x2, 0xf9, 0xfffffff9, 0xffffffff, 0x7fffffff}}, 0xe8)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000500)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f00000004c0)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r9, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast1, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r10, 0xee00}, {0x400, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bbe, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3502, 0x4, 0x2, 0xf9, 0xfffffff5, 0x5, 0x7fffffff}}, 0xe8)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r11, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r12, 0xee00}, {0x400, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bb0, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@local, 0x3502, 0x0, 0x2, 0xf9, 0xfffffff9, 0xffffffff, 0x7fffffff}}, 0xe8)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000a00)=ANY=[@ANYRES64, @ANYBLOB="3758b1c3290d754c3025d2ec0a17b80403a076b20d767f6f6acbf2c99a577a1f3927f357c2c15304534efa4b2d81c5dd7df520e390ab8cf99118cec81f6bcbfe8c78dd202bc14288f9d046b47927af23732225556e4460ddfbfefc940469", @ANYBLOB="200026bd7000ffdbdf25010000005c00028014000180080001000700000008000100060000004400018008000100020000000800010001000000080001000300000008000100040000000800010005000000080001000000000008000100030000000800010001000000040003001c0002800c00018008000100070000000c00018008000100030000001400018008000100", @ANYRES32=r8, @ANYBLOB="08000300000000001400018008000100d45485bde8f6d4cf8e075c3e2091cd1f4039b5410bf3f8015e0ce4d4be720fa9646e848f7d2c906785d76a2a7cee277f571afbf92f7a4d1aa829974b4d0dc75db1bea5105511ec60536d04c62bfb4b40a0ecd615227d4d41f4f62e19b72ff52bfcea235e307797b7b40fa0f8881de3f103ffcb9e3893a65ff0ef0f1f75ee48f1f0df7ddf0e39a70d8d1440061c7aac9e5531ec26aab82da47e18a5", @ANYRES32=r10, @ANYBLOB="08000100a2f56217d6e3821c8ba6a435d53aa7cf7d161547143ea134a8f6a009842fb27b01f2dabc5b89fe9fdaf4aeb0b659861b231770a8838e6bd86b8d08aec027fc9df86039d752b4336473253ff6675455be7ee41ddb9698f46007c20611ab52963024f49cffe5203032fb3370b2fa0ff139372e47e863820d04cbc58734deac302d840bdaacca2f3f1e5fb9899dea660c75223d92", @ANYRESDEC=r1, @ANYBLOB="f18c42d6db2cc3e4655e1820db95801fa6120837101c607c9b6fe3b5c276bd8f481551a34c5f66ba9435e1beff97b141ed4369063503e72f0720bddfe0adaf8747891ae2fdf08edf4185fc72e079dd3ca5d48d000000009adf435a687a216486e77beed8fdb9597162a41ffb42f2c83ec22a0e778a61bf0c83cb58204361de0ae4db914f3935ba01fca995b56a881582bb255497ef0a7cf0caa3e5c0843296662e7ad3b4ff647b2d6de867cce7bdefce5dec661d510a40ee67f14b2e121cf6d04617ea2cfa7c352b"], 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
ioctl$LOOP_SET_FD(r4, 0x1269, r0)

23:02:10 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xfec0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:10 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7)

[  552.837123] FAULT_INJECTION: forcing a failure.
[  552.837123] name failslab, interval 1, probability 0, space 0, times 0
[  552.837969] FAULT_INJECTION: forcing a failure.
[  552.837969] name failslab, interval 1, probability 0, space 0, times 0
[  552.838390] CPU: 0 PID: 5527 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.841581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.842768] Call Trace:
[  552.843044]  <TASK>
[  552.843288]  dump_stack_lvl+0x8b/0xb3
[  552.843712]  should_fail.cold+0x5/0xa
[  552.844138]  ? __register_sysctl_table+0x9e2/0x1090
[  552.844688]  should_failslab+0x5/0x10
[  552.845117]  __kmalloc+0x72/0x330
[  552.845493]  __register_sysctl_table+0x9e2/0x1090
[  552.846023]  ? proc_sys_evict_inode+0x180/0x180
[  552.846531]  ? trace_kmalloc+0x29/0xd0
[  552.846942]  ? __kmalloc_track_caller+0x1a5/0x310
[  552.847461]  ? setup_userns_sysctls+0x4d/0x180
[  552.847949]  ? memcpy+0x39/0x60
[  552.848329]  setup_userns_sysctls+0xc2/0x180
[  552.848817]  create_user_ns+0x8e5/0xd80
[  552.849261]  copy_creds+0x53d/0x930
[  552.849660]  copy_process+0x10d5/0x6d40
[  552.850091]  ? lock_is_held_type+0xd7/0x130
[  552.850546]  ? find_held_lock+0x2c/0x110
[  552.850984]  ? lock_release+0x3b2/0x6f0
[  552.851402]  ? __might_fault+0xd1/0x170
[  552.851851]  ? __cleanup_sighand+0xb0/0xb0
[  552.852318]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.852920]  ? _copy_from_user+0x139/0x170
[  552.853381]  ? kernel_clone+0x2f8/0xa60
[  552.853812]  kernel_clone+0xe7/0xa60
[  552.854216]  ? lock_is_held_type+0xd7/0x130
[  552.854677]  ? copy_init_mm+0x20/0x20
[  552.855117]  ? lock_is_held_type+0xd7/0x130
[  552.855581]  __do_sys_clone3+0x1c9/0x2d0
[  552.856027]  ? __ia32_sys_clone+0x150/0x150
[  552.856508]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.857113]  ? vfs_write+0x188/0xae0
[  552.857509]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  552.858095]  ? fput+0x2a/0x50
[  552.858435]  ? syscall_enter_from_user_mode+0x1d/0x50
[  552.858991]  do_syscall_64+0x3b/0x90
[  552.859400]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.859953] RIP: 0033:0x7f3d8a0d9b19
[  552.860347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  552.862322] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  552.863146] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  552.863909] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  552.864681] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  552.865457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  552.866226] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  552.866995]  </TASK>
[  552.867252] CPU: 1 PID: 5528 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.867289] sysctl could not get directory: 
[  552.869035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.869055] Call Trace:
[  552.869064]  <TASK>
[  552.869075]  dump_stack_lvl+0x8b/0xb3
[  552.869685] /
[  552.872071]  should_fail.cold+0x5/0xa
[  552.872372] /user -12
[  552.872860]  ? security_prepare_creds+0x10a/0x180
[  552.875890]  should_failslab+0x5/0x10
[  552.876702]  __kmalloc+0x72/0x330
[  552.877458]  security_prepare_creds+0x10a/0x180
[  552.878459]  prepare_creds+0x505/0x6f0
[  552.879298]  copy_creds+0x72/0x930
[  552.880074]  copy_process+0x10d5/0x6d40
[  552.880951]  ? lock_is_held_type+0xd7/0x130
[  552.881877]  ? find_held_lock+0x2c/0x110
[  552.882750]  ? lock_release+0x3b2/0x6f0
[  552.883602]  ? __might_fault+0xd1/0x170
[  552.884474]  ? __cleanup_sighand+0xb0/0xb0
[  552.885403]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.886574]  ? _copy_from_user+0x139/0x170
[  552.887475]  ? kernel_clone+0x2f8/0xa60
[  552.888337]  kernel_clone+0xe7/0xa60
[  552.889154]  ? lock_is_held_type+0xd7/0x130
[  552.890075]  ? copy_init_mm+0x20/0x20
[  552.890912]  ? lock_is_held_type+0xd7/0x130
[  552.891837]  __do_sys_clone3+0x1c9/0x2d0
[  552.892708]  ? __ia32_sys_clone+0x150/0x150
[  552.893677]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.894856]  ? vfs_write+0x188/0xae0
[  552.895662]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  552.896835]  ? fput+0x2a/0x50
[  552.897519]  ? syscall_enter_from_user_mode+0x1d/0x50
[  552.898610]  do_syscall_64+0x3b/0x90
[  552.899413]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.900501] RIP: 0033:0x7fc730828b19
[  552.901307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  552.905162] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  552.906775] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  552.908273] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  552.909793] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  552.911292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.912796] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  552.914322]  </TASK>
[  552.914811] CPU: 0 PID: 5527 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.915727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.916967] Call Trace:
[  552.917243]  <TASK>
[  552.917477]  dump_stack_lvl+0x8b/0xb3
[  552.917895]  __register_sysctl_table+0xde7/0x1090
[  552.918425]  ? proc_sys_evict_inode+0x180/0x180
[  552.918929]  ? trace_kmalloc+0x29/0xd0
[  552.919348]  ? __kmalloc_track_caller+0x1a5/0x310
[  552.919882]  ? setup_userns_sysctls+0x4d/0x180
[  552.920359]  ? memcpy+0x39/0x60
[  552.920731]  setup_userns_sysctls+0xc2/0x180
[  552.921218]  create_user_ns+0x8e5/0xd80
[  552.921663]  copy_creds+0x53d/0x930
[  552.922058]  copy_process+0x10d5/0x6d40
[  552.922500]  ? lock_is_held_type+0xd7/0x130
[  552.922961]  ? find_held_lock+0x2c/0x110
[  552.923407]  ? lock_release+0x3b2/0x6f0
[  552.923837]  ? __might_fault+0xd1/0x170
[  552.923863]  ? __cleanup_sighand+0xb0/0xb0
[  552.923886]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.923903]  ? _copy_from_user+0x139/0x170
[  552.923919]  ? kernel_clone+0x2f8/0xa60
[  552.923939]  kernel_clone+0xe7/0xa60
[  552.923957]  ? lock_is_held_type+0xd7/0x130
[  552.923971]  ? copy_init_mm+0x20/0x20
[  552.923998]  ? lock_is_held_type+0xd7/0x130
[  552.924016]  __do_sys_clone3+0x1c9/0x2d0
[  552.924034]  ? __ia32_sys_clone+0x150/0x150
[  552.924063]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.924079]  ? vfs_write+0x188/0xae0
[  552.924096]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  552.924113]  ? fput+0x2a/0x50
[  552.924134]  ? syscall_enter_from_user_mode+0x1d/0x50
23:02:11 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16)

[  552.924153]  do_syscall_64+0x3b/0x90
[  552.924172]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.924185] RIP: 0033:0x7f3d8a0d9b19
[  552.924194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:02:11 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15)

23:02:11 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xff00, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  552.924206] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
23:02:11 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 7)

23:02:11 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 9)

[  552.924219] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  552.924228] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  552.924236] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  552.924244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
23:02:11 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17)

[  552.924252] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  552.924272]  </TASK>
[  552.929046] FAULT_INJECTION: forcing a failure.
[  552.929046] name failslab, interval 1, probability 0, space 0, times 0
[  552.929082] CPU: 1 PID: 5532 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.929109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.929127] Call Trace:
[  552.929134]  <TASK>
[  552.929143]  dump_stack_lvl+0x8b/0xb3
[  552.929198]  should_fail.cold+0x5/0xa
[  552.929238]  ? create_object.isra.0+0x3a/0xa20
[  552.929280]  should_failslab+0x5/0x10
[  552.929304]  kmem_cache_alloc+0x5b/0x480
[  552.929341]  create_object.isra.0+0x3a/0xa20
[  552.929378]  ? kasan_unpoison+0x23/0x50
[  552.929420]  __kmalloc+0x1ed/0x330
[  552.929455]  __register_sysctl_table+0x112/0x1090
[  552.929505]  ? proc_sys_evict_inode+0x180/0x180
[  552.929539]  ? trace_kmalloc+0x29/0xd0
[  552.929563]  ? __kmalloc_track_caller+0x1a5/0x310
23:02:11 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  552.929590]  ? setup_userns_sysctls+0x4d/0x180
[  552.929619]  ? memcpy+0x39/0x60
[  552.929660]  setup_userns_sysctls+0xc2/0x180
[  552.929692]  create_user_ns+0x8e5/0xd80
[  552.929738]  copy_creds+0x53d/0x930
[  552.929779]  copy_process+0x10d5/0x6d40
[  552.929815]  ? lock_is_held_type+0xd7/0x130
[  552.929843]  ? find_held_lock+0x2c/0x110
[  552.929875]  ? lock_release+0x3b2/0x6f0
[  552.929904]  ? __might_fault+0xd1/0x170
[  552.929953]  ? __cleanup_sighand+0xb0/0xb0
[  552.930000]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.930032]  ? _copy_from_user+0x139/0x170
[  552.930067]  ? kernel_clone+0x2f8/0xa60
[  552.930106]  kernel_clone+0xe7/0xa60
[  552.930142]  ? lock_is_held_type+0xd7/0x130
[  552.930170]  ? copy_init_mm+0x20/0x20
[  552.930223]  ? lock_is_held_type+0xd7/0x130
[  552.930258]  __do_sys_clone3+0x1c9/0x2d0
[  552.930295]  ? __ia32_sys_clone+0x150/0x150
[  552.930353]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.930385]  ? vfs_write+0x188/0xae0
[  552.930419]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  552.930452]  ? fput+0x2a/0x50
[  552.930495]  ? syscall_enter_from_user_mode+0x1d/0x50
[  552.930533]  do_syscall_64+0x3b/0x90
[  552.930570]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.930596] RIP: 0033:0x7f37c9f3ab19
[  552.930615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  552.930639] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  552.930665] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  552.930683] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  552.930698] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  552.930714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  552.930729] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  552.930771]  </TASK>
[  552.931528] FAULT_INJECTION: forcing a failure.
[  552.931528] name failslab, interval 1, probability 0, space 0, times 0
[  552.931558] CPU: 1 PID: 5533 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.931584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.931600] Call Trace:
[  552.931606]  <TASK>
[  552.931615]  dump_stack_lvl+0x8b/0xb3
[  552.931658]  should_fail.cold+0x5/0xa
[  552.931698]  ? create_object.isra.0+0x3a/0xa20
[  552.931738]  should_failslab+0x5/0x10
[  552.931759]  kmem_cache_alloc+0x5b/0x480
[  552.931795]  create_object.isra.0+0x3a/0xa20
[  552.931831]  ? kasan_unpoison+0x23/0x50
[  552.931874]  __kmalloc_node_track_caller+0x1fb/0x330
[  552.931904]  ? netlink_sendmsg+0x98d/0xdf0
[  552.931943]  __alloc_skb+0xe3/0x340
[  552.931979]  netlink_sendmsg+0x98d/0xdf0
[  552.932019]  ? netlink_unicast+0x7e0/0x7e0
[  552.932061]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.932097]  ? netlink_unicast+0x7e0/0x7e0
[  552.932129]  sock_sendmsg+0x150/0x190
[  552.932161]  ____sys_sendmsg+0x709/0x870
[  552.932202]  ? kernel_sendmsg+0x50/0x50
[  552.932228]  ? __ia32_sys_recvmmsg+0x260/0x260
[  552.932263]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  552.932298]  ? lock_release+0x3b2/0x6f0
[  552.932327]  ? __might_fault+0xd1/0x170
[  552.932375]  ___sys_sendmsg+0xf3/0x170
[  552.932411]  ? sendmsg_copy_msghdr+0x160/0x160
[  552.932447]  ? lock_release+0x3b2/0x6f0
[  552.932479]  ? lock_downgrade+0x6d0/0x6d0
[  552.932511]  ? lock_release+0x3b2/0x6f0
[  552.932539]  ? ksys_write+0x212/0x250
[  552.932572]  ? lock_downgrade+0x6d0/0x6d0
[  552.932609]  ? __fget_files+0x28d/0x470
[  552.932650]  ? __fget_light+0xea/0x280
[  552.932676]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.932717]  __sys_sendmsg+0xe5/0x1b0
[  552.932750]  ? __sys_sendmsg_sock+0x30/0x30
[  552.932813]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.932867]  ? syscall_enter_from_user_mode+0x1d/0x50
[  552.932905]  do_syscall_64+0x3b/0x90
[  552.932942]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.932968] RIP: 0033:0x7efdec8bab19
[  552.932986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  552.933008] RSP: 002b:00007efde9e0f188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  552.933034] RAX: ffffffffffffffda RBX: 00007efdec9ce020 RCX: 00007efdec8bab19
[  552.933051] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  552.933066] RBP: 00007efde9e0f1d0 R08: 0000000000000000 R09: 0000000000000000
[  552.933082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.933097] R13: 00007ffebd4ac02f R14: 00007efde9e0f300 R15: 0000000000022000
[  552.933139]  </TASK>
[  552.934123] FAULT_INJECTION: forcing a failure.
[  552.934123] name failslab, interval 1, probability 0, space 0, times 0
[  552.934356] CPU: 1 PID: 5526 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  552.934387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  552.934402] Call Trace:
[  552.934409]  <TASK>
[  552.934418]  dump_stack_lvl+0x8b/0xb3
[  552.934462]  should_fail.cold+0x5/0xa
[  552.934501]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  552.934542]  should_failslab+0x5/0x10
[  552.934564]  __kmalloc+0x72/0x330
[  552.934599]  genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  552.934648]  genl_family_rcv_msg_doit+0xda/0x330
[  552.934686]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  552.934722]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  552.934767]  ? memset+0x20/0x40
[  552.934804]  ? genl_op_from_small+0x23/0x3c0
[  552.934839]  ? genl_get_cmd+0x3cf/0x480
[  552.934880]  genl_rcv_msg+0x33c/0x5a0
[  552.934919]  ? genl_get_cmd+0x480/0x480
[  552.934954]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  552.934996]  ? lock_release+0x6f0/0x6f0
[  552.935037]  netlink_rcv_skb+0x14b/0x430
[  552.935070]  ? genl_get_cmd+0x480/0x480
[  552.935107]  ? netlink_ack+0xa60/0xa60
[  552.935151]  ? netlink_deliver_tap+0x1b2/0xc30
[  552.935185]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  552.935216]  ? is_vmalloc_addr+0x7b/0xb0
[  552.935261]  genl_rcv+0x24/0x40
[  552.935290]  netlink_unicast+0x53a/0x7e0
[  552.935331]  ? netlink_attachskb+0x870/0x870
[  552.935360]  ? __virt_addr_valid+0xe9/0x310
[  552.935414]  netlink_sendmsg+0x904/0xdf0
[  552.935456]  ? netlink_unicast+0x7e0/0x7e0
[  552.935499]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.935536]  ? netlink_unicast+0x7e0/0x7e0
[  552.935568]  sock_sendmsg+0x150/0x190
[  552.935600]  ____sys_sendmsg+0x709/0x870
[  552.935636]  ? kernel_sendmsg+0x50/0x50
[  552.935662]  ? __ia32_sys_recvmmsg+0x260/0x260
[  552.935698]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  552.935734]  ? lock_release+0x3b2/0x6f0
[  552.935762]  ? __might_fault+0xd1/0x170
[  552.935813]  ___sys_sendmsg+0xf3/0x170
[  552.935850]  ? sendmsg_copy_msghdr+0x160/0x160
[  552.935887]  ? lock_release+0x3b2/0x6f0
[  552.935920]  ? lock_downgrade+0x6d0/0x6d0
[  552.935953]  ? lock_release+0x3b2/0x6f0
[  552.935981]  ? ksys_write+0x212/0x250
[  552.936014]  ? lock_downgrade+0x6d0/0x6d0
[  552.936054]  ? __fget_files+0x28d/0x470
[  552.936096]  ? __fget_light+0xea/0x280
[  552.936124]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  552.936165]  __sys_sendmsg+0xe5/0x1b0
[  552.936199]  ? __sys_sendmsg_sock+0x30/0x30
[  552.936231]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  552.936288]  ? syscall_enter_from_user_mode+0x1d/0x50
[  552.936328]  do_syscall_64+0x3b/0x90
[  552.936366]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  552.936392] RIP: 0033:0x7f54fbbc7b19
[  552.936410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  552.936433] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  552.936459] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  552.936476] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  552.936492] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  552.936508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.936524] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  552.936569]  </TASK>
[  552.986065] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  553.029602] FAULT_INJECTION: forcing a failure.
[  553.029602] name failslab, interval 1, probability 0, space 0, times 0
[  553.029625] CPU: 0 PID: 5538 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.029639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.029648] Call Trace:
[  553.029652]  <TASK>
[  553.029658]  dump_stack_lvl+0x8b/0xb3
[  553.029685]  should_fail.cold+0x5/0xa
[  553.029706]  ? create_object.isra.0+0x3a/0xa20
[  553.029728]  should_failslab+0x5/0x10
[  553.029741]  kmem_cache_alloc+0x5b/0x480
[  553.029761]  create_object.isra.0+0x3a/0xa20
[  553.029779]  ? kasan_unpoison+0x23/0x50
[  553.029800]  __kmalloc+0x1ed/0x330
[  553.029817]  __register_sysctl_table+0x9e2/0x1090
[  553.029843]  ? proc_sys_evict_inode+0x180/0x180
[  553.029859]  ? trace_kmalloc+0x29/0xd0
[  553.029871]  ? __kmalloc_track_caller+0x1a5/0x310
[  553.029885]  ? setup_userns_sysctls+0x4d/0x180
[  553.029900]  ? memcpy+0x39/0x60
[  553.029921]  setup_userns_sysctls+0xc2/0x180
[  553.029937]  create_user_ns+0x8e5/0xd80
[  553.029960]  copy_creds+0x53d/0x930
[  553.029982]  copy_process+0x10d5/0x6d40
[  553.030000]  ? lock_is_held_type+0xd7/0x130
[  553.030015]  ? find_held_lock+0x2c/0x110
[  553.030032]  ? lock_release+0x3b2/0x6f0
[  553.030046]  ? __might_fault+0xd1/0x170
[  553.030071]  ? __cleanup_sighand+0xb0/0xb0
[  553.030094]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.030111]  ? _copy_from_user+0x139/0x170
[  553.030129]  ? kernel_clone+0x2f8/0xa60
[  553.030149]  kernel_clone+0xe7/0xa60
[  553.030170]  ? lock_is_held_type+0xd7/0x130
[  553.030184]  ? copy_init_mm+0x20/0x20
[  553.030210]  ? lock_is_held_type+0xd7/0x130
[  553.030228]  __do_sys_clone3+0x1c9/0x2d0
[  553.030246]  ? __ia32_sys_clone+0x150/0x150
[  553.030275]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.030291]  ? vfs_write+0x188/0xae0
[  553.030308]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  553.030325]  ? fput+0x2a/0x50
[  553.030346]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.030365]  do_syscall_64+0x3b/0x90
[  553.030384]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.030397] RIP: 0033:0x7f3d8a0d9b19
[  553.030407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.030419] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  553.030433] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  553.030442] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  553.030450] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  553.030458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  553.030465] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  553.030486]  </TASK>
[  553.068707] FAULT_INJECTION: forcing a failure.
[  553.068707] name failslab, interval 1, probability 0, space 0, times 0
[  553.068746] CPU: 1 PID: 5542 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.068787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.068804] Call Trace:
[  553.068812]  <TASK>
[  553.068822]  dump_stack_lvl+0x8b/0xb3
[  553.068873]  should_fail.cold+0x5/0xa
[  553.068913]  ? create_object.isra.0+0x3a/0xa20
[  553.068957]  should_failslab+0x5/0x10
[  553.068980]  kmem_cache_alloc+0x5b/0x480
[  553.069019]  create_object.isra.0+0x3a/0xa20
[  553.069055]  ? kasan_unpoison+0x23/0x50
[  553.069099]  __kmalloc+0x1ed/0x330
[  553.069135]  genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  553.069190]  genl_family_rcv_msg_doit+0xda/0x330
[  553.069232]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  553.069269]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  553.069314]  ? memset+0x20/0x40
[  553.069351]  ? genl_op_from_small+0x23/0x3c0
[  553.069387]  ? genl_get_cmd+0x3cf/0x480
[  553.069427]  genl_rcv_msg+0x33c/0x5a0
[  553.069467]  ? genl_get_cmd+0x480/0x480
[  553.069501]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  553.069543]  ? lock_release+0x6f0/0x6f0
[  553.069586]  netlink_rcv_skb+0x14b/0x430
[  553.069619]  ? genl_get_cmd+0x480/0x480
[  553.069655]  ? netlink_ack+0xa60/0xa60
[  553.069699]  ? netlink_deliver_tap+0x1b2/0xc30
[  553.069729]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  553.069761]  ? is_vmalloc_addr+0x7b/0xb0
[  553.069807]  genl_rcv+0x24/0x40
[  553.069837]  netlink_unicast+0x53a/0x7e0
[  553.069878]  ? netlink_attachskb+0x870/0x870
[  553.069907]  ? __virt_addr_valid+0xe9/0x310
[  553.069961]  netlink_sendmsg+0x904/0xdf0
[  553.070003]  ? netlink_unicast+0x7e0/0x7e0
[  553.070047]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.070083]  ? netlink_unicast+0x7e0/0x7e0
[  553.070116]  sock_sendmsg+0x150/0x190
[  553.070149]  ____sys_sendmsg+0x709/0x870
[  553.070185]  ? kernel_sendmsg+0x50/0x50
[  553.070212]  ? __ia32_sys_recvmmsg+0x260/0x260
[  553.070248]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  553.070283]  ? lock_release+0x3b2/0x6f0
[  553.070312]  ? __might_fault+0xd1/0x170
[  553.070363]  ___sys_sendmsg+0xf3/0x170
[  553.070399]  ? sendmsg_copy_msghdr+0x160/0x160
[  553.070436]  ? lock_release+0x3b2/0x6f0
[  553.070469]  ? lock_downgrade+0x6d0/0x6d0
[  553.070502]  ? lock_release+0x3b2/0x6f0
[  553.070530]  ? ksys_write+0x212/0x250
[  553.070563]  ? lock_downgrade+0x6d0/0x6d0
[  553.070603]  ? __fget_files+0x28d/0x470
[  553.070646]  ? __fget_light+0xea/0x280
[  553.070673]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.070715]  __sys_sendmsg+0xe5/0x1b0
[  553.070749]  ? __sys_sendmsg_sock+0x30/0x30
[  553.070781]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.070838]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.070878]  do_syscall_64+0x3b/0x90
[  553.070916]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.070943] RIP: 0033:0x7f54fbbc7b19
[  553.070962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.070985] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.071013] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  553.071030] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  553.071046] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  553.071062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.071078] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  553.071123]  </TASK>
[  553.095330] FAULT_INJECTION: forcing a failure.
[  553.095330] name failslab, interval 1, probability 0, space 0, times 0
[  553.095354] CPU: 0 PID: 5549 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.095368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.095378] Call Trace:
[  553.095382]  <TASK>
[  553.095388]  dump_stack_lvl+0x8b/0xb3
[  553.095417]  should_fail.cold+0x5/0xa
[  553.095437]  ? __register_sysctl_table+0x9e2/0x1090
[  553.095459]  should_failslab+0x5/0x10
[  553.095472]  __kmalloc+0x72/0x330
[  553.095491]  __register_sysctl_table+0x9e2/0x1090
[  553.095516]  ? proc_sys_evict_inode+0x180/0x180
[  553.095533]  ? trace_kmalloc+0x29/0xd0
[  553.095545]  ? __kmalloc_track_caller+0x1a5/0x310
[  553.095559]  ? setup_userns_sysctls+0x4d/0x180
[  553.095576]  ? memcpy+0x39/0x60
[  553.095596]  setup_userns_sysctls+0xc2/0x180
[  553.095612]  create_user_ns+0x8e5/0xd80
[  553.095636]  copy_creds+0x53d/0x930
[  553.095657]  copy_process+0x10d5/0x6d40
[  553.095676]  ? lock_is_held_type+0xd7/0x130
[  553.095692]  ? find_held_lock+0x2c/0x110
[  553.095709]  ? lock_release+0x3b2/0x6f0
[  553.095724]  ? __might_fault+0xd1/0x170
[  553.095749]  ? __cleanup_sighand+0xb0/0xb0
[  553.095773]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.095789]  ? _copy_from_user+0x139/0x170
[  553.095808]  ? kernel_clone+0x2f8/0xa60
[  553.095828]  kernel_clone+0xe7/0xa60
[  553.095846]  ? lock_is_held_type+0xd7/0x130
[  553.095860]  ? copy_init_mm+0x20/0x20
[  553.095890]  ? lock_is_held_type+0xd7/0x130
[  553.095908]  __do_sys_clone3+0x1c9/0x2d0
[  553.095926]  ? __ia32_sys_clone+0x150/0x150
[  553.095955]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.095971]  ? vfs_write+0x188/0xae0
[  553.095990]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  553.096007]  ? fput+0x2a/0x50
[  553.096028]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.096047]  do_syscall_64+0x3b/0x90
[  553.096066]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.096080] RIP: 0033:0x7f37c9f3ab19
[  553.096090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.096102] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  553.096116] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  553.096125] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  553.096133] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  553.096141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  553.096149] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  553.096170]  </TASK>
[  553.096264] sysctl could not get directory: //user -12
[  553.096291] CPU: 0 PID: 5549 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.096305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.096313] Call Trace:
[  553.096316]  <TASK>
[  553.096320]  dump_stack_lvl+0x8b/0xb3
[  553.096342]  __register_sysctl_table+0xde7/0x1090
[  553.096367]  ? proc_sys_evict_inode+0x180/0x180
[  553.096385]  ? trace_kmalloc+0x29/0xd0
[  553.096396]  ? __kmalloc_track_caller+0x1a5/0x310
[  553.096411]  ? setup_userns_sysctls+0x4d/0x180
[  553.096425]  ? memcpy+0x39/0x60
[  553.096446]  setup_userns_sysctls+0xc2/0x180
[  553.096463]  create_user_ns+0x8e5/0xd80
[  553.096485]  copy_creds+0x53d/0x930
[  553.096507]  copy_process+0x10d5/0x6d40
[  553.096525]  ? lock_is_held_type+0xd7/0x130
[  553.096538]  ? find_held_lock+0x2c/0x110
[  553.096555]  ? lock_release+0x3b2/0x6f0
[  553.096569]  ? __might_fault+0xd1/0x170
[  553.096595]  ? __cleanup_sighand+0xb0/0xb0
[  553.096619]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.096635]  ? _copy_from_user+0x139/0x170
[  553.096653]  ? kernel_clone+0x2f8/0xa60
[  553.096673]  kernel_clone+0xe7/0xa60
[  553.096691]  ? lock_is_held_type+0xd7/0x130
[  553.096706]  ? copy_init_mm+0x20/0x20
[  553.096734]  ? lock_is_held_type+0xd7/0x130
[  553.096753]  __do_sys_clone3+0x1c9/0x2d0
[  553.096793]  ? __ia32_sys_clone+0x150/0x150
[  553.096823]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.096839]  ? vfs_write+0x188/0xae0
[  553.096857]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  553.096875]  ? fput+0x2a/0x50
[  553.096897]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.096917]  do_syscall_64+0x3b/0x90
[  553.096936]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.096950] RIP: 0033:0x7f37c9f3ab19
[  553.096959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.096972] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  553.096985] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  553.096995] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  553.097004] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  553.097012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  553.097021] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  553.097043]  </TASK>
[  553.109210] FAULT_INJECTION: forcing a failure.
[  553.109210] name failslab, interval 1, probability 0, space 0, times 0
[  553.109248] CPU: 1 PID: 5551 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.109276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.109292] Call Trace:
[  553.109301]  <TASK>
[  553.109310]  dump_stack_lvl+0x8b/0xb3
[  553.109358]  should_fail.cold+0x5/0xa
[  553.109398]  ? alloc_ucounts+0x1bf/0x580
[  553.109427]  should_failslab+0x5/0x10
[  553.109451]  kmem_cache_alloc_trace+0x55/0x3c0
[  553.109488]  alloc_ucounts+0x1bf/0x580
[  553.109518]  ? get_ucounts+0x60/0x60
[  553.109544]  ? setup_userns_sysctls+0x103/0x180
[  553.109581]  set_cred_ucounts+0x163/0x320
[  553.109633]  copy_creds+0x55b/0x930
[  553.109677]  copy_process+0x10d5/0x6d40
[  553.109718]  ? lock_is_held_type+0xd7/0x130
[  553.109748]  ? find_held_lock+0x2c/0x110
[  553.109785]  ? lock_release+0x3b2/0x6f0
[  553.109813]  ? __might_fault+0xd1/0x170
[  553.109865]  ? __cleanup_sighand+0xb0/0xb0
[  553.109917]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.109951]  ? _copy_from_user+0x139/0x170
[  553.109984] FAULT_INJECTION: forcing a failure.
[  553.109984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  553.109987]  ? kernel_clone+0x2f8/0xa60
[  553.110028]  kernel_clone+0xe7/0xa60
[  553.110064]  ? lock_is_held_type+0xd7/0x130
[  553.110094]  ? copy_init_mm+0x20/0x20
[  553.110149]  ? lock_is_held_type+0xd7/0x130
[  553.110196]  __do_sys_clone3+0x1c9/0x2d0
[  553.110236]  ? __ia32_sys_clone+0x150/0x150
[  553.110302]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.110343]  ? vfs_write+0x188/0xae0
[  553.110382]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  553.110418]  ? fput+0x2a/0x50
[  553.110467]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.110512]  do_syscall_64+0x3b/0x90
[  553.110556]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.110586] RIP: 0033:0x7f3d8a0d9b19
[  553.110607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.110635] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  553.110662] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  553.110681] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  553.110701] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  553.110717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  553.110733] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  553.110774]  </TASK>
[  553.110783] CPU: 0 PID: 5550 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  553.110798] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  553.110807] Call Trace:
[  553.110811]  <TASK>
[  553.110816]  dump_stack_lvl+0x8b/0xb3
[  553.110838]  should_fail.cold+0x5/0xa
[  553.110861]  _copy_from_iter+0x37d/0x14c0
[  553.110893]  ? hash_and_copy_to_iter+0x210/0x210
[  553.110912]  ? rcu_read_lock_sched_held+0x3a/0x70
[  553.110929]  ? memset+0x20/0x40
[  553.110947]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.110964]  ? __virt_addr_valid+0xe9/0x310
[  553.110984]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  553.111000]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  553.111016]  ? __check_object_size+0x1b5/0x4e0
[  553.111041]  netlink_sendmsg+0x86b/0xdf0
[  553.111063]  ? netlink_unicast+0x7e0/0x7e0
[  553.111084]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.111103]  ? netlink_unicast+0x7e0/0x7e0
[  553.111119]  sock_sendmsg+0x150/0x190
[  553.111138]  ____sys_sendmsg+0x709/0x870
[  553.111156]  ? kernel_sendmsg+0x50/0x50
[  553.111169]  ? __ia32_sys_recvmmsg+0x260/0x260
[  553.111187]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  553.111205]  ? lock_release+0x3b2/0x6f0
[  553.111220]  ? __might_fault+0xd1/0x170
[  553.111245]  ___sys_sendmsg+0xf3/0x170
[  553.111263]  ? sendmsg_copy_msghdr+0x160/0x160
[  553.111282]  ? lock_release+0x3b2/0x6f0
[  553.111299]  ? lock_downgrade+0x6d0/0x6d0
[  553.111315]  ? lock_release+0x3b2/0x6f0
[  553.111330]  ? ksys_write+0x212/0x250
[  553.111347]  ? lock_downgrade+0x6d0/0x6d0
[  553.111367]  ? __fget_files+0x28d/0x470
[  553.111388]  ? __fget_light+0xea/0x280
[  553.111401]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  553.111422]  __sys_sendmsg+0xe5/0x1b0
[  553.111440]  ? __sys_sendmsg_sock+0x30/0x30
[  553.111457]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  553.111485]  ? syscall_enter_from_user_mode+0x1d/0x50
[  553.111504]  do_syscall_64+0x3b/0x90
[  553.111524]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  553.111538] RIP: 0033:0x7efdec8bab19
[  553.111548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  553.111561] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.111575] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  553.111585] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  553.111594] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  553.111603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.111611] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  553.111633]  </TASK>
[  553.720079] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  567.143402] FAULT_INJECTION: forcing a failure.
[  567.143402] name failslab, interval 1, probability 0, space 0, times 0
[  567.145942] CPU: 1 PID: 5569 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.147694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.150129] Call Trace:
[  567.150684]  <TASK>
[  567.150835] FAULT_INJECTION: forcing a failure.
[  567.150835] name failslab, interval 1, probability 0, space 0, times 0
[  567.151161]  dump_stack_lvl+0x8b/0xb3
[  567.153216]  should_fail.cold+0x5/0xa
[  567.154056]  ? create_object.isra.0+0x3a/0xa20
[  567.155049]  should_failslab+0x5/0x10
[  567.155868]  kmem_cache_alloc+0x5b/0x480
[  567.156771]  create_object.isra.0+0x3a/0xa20
[  567.157761]  ? kasan_unpoison+0x23/0x50
[  567.158638]  __kmalloc+0x1ed/0x330
[  567.159422]  __register_sysctl_table+0x9e2/0x1090
[  567.160501]  ? proc_sys_evict_inode+0x180/0x180
[  567.161526]  ? trace_kmalloc+0x29/0xd0
[  567.162358]  ? __kmalloc_track_caller+0x1a5/0x310
[  567.163365]  ? setup_userns_sysctls+0x4d/0x180
[  567.164354]  ? memcpy+0x39/0x60
[  567.165087]  setup_userns_sysctls+0xc2/0x180
[  567.166034]  create_user_ns+0x8e5/0xd80
[  567.166895]  copy_creds+0x53d/0x930
[  567.167691]  copy_process+0x10d5/0x6d40
[  567.168584]  ? lock_is_held_type+0xd7/0x130
[  567.169533]  ? find_held_lock+0x2c/0x110
[  567.170440]  ? lock_release+0x3b2/0x6f0
[  567.171299]  ? __might_fault+0xd1/0x170
[  567.172172]  ? __cleanup_sighand+0xb0/0xb0
[  567.173142]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.174338]  ? _copy_from_user+0x139/0x170
[  567.175251]  ? kernel_clone+0x2f8/0xa60
[  567.176107]  kernel_clone+0xe7/0xa60
[  567.176931]  ? lock_is_held_type+0xd7/0x130
[  567.177899]  ? copy_init_mm+0x20/0x20
[  567.178752]  ? lock_is_held_type+0xd7/0x130
[  567.179688]  __do_sys_clone3+0x1c9/0x2d0
[  567.180592]  ? __ia32_sys_clone+0x150/0x150
[  567.181580]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.182759]  ? vfs_write+0x188/0xae0
[  567.183567]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.184771]  ? fput+0x2a/0x50
[  567.185499]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.186626]  do_syscall_64+0x3b/0x90
[  567.187453]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.188574] RIP: 0033:0x7f37c9f3ab19
[  567.189396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.193305] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.194922] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  567.196468] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.198002] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  567.199538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.201105] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  567.202782]  </TASK>
[  567.203422] CPU: 0 PID: 5573 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.204290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.205471] Call Trace:
[  567.205739]  <TASK>
[  567.205968]  dump_stack_lvl+0x8b/0xb3
[  567.206383]  should_fail.cold+0x5/0xa
[  567.206786]  ? create_object.isra.0+0x3a/0xa20
[  567.207269]  should_failslab+0x5/0x10
[  567.207664]  kmem_cache_alloc+0x5b/0x480
[  567.208090]  create_object.isra.0+0x3a/0xa20
[  567.208554]  ? kasan_unpoison+0x23/0x50
[  567.208987]  __kmalloc+0x1ed/0x330
[  567.209372]  security_prepare_creds+0x10a/0x180
[  567.209868]  prepare_creds+0x505/0x6f0
[  567.210285]  copy_creds+0x72/0x930
[  567.210666]  copy_process+0x10d5/0x6d40
[  567.211087]  ? lock_is_held_type+0xd7/0x130
[  567.211542]  ? find_held_lock+0x2c/0x110
[  567.211966]  ? lock_release+0x3b2/0x6f0
[  567.212412]  ? __might_fault+0xd1/0x170
[  567.212834]  ? __cleanup_sighand+0xb0/0xb0
[  567.213287]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.213852]  ? _copy_from_user+0x139/0x170
[  567.214314]  ? kernel_clone+0x2f8/0xa60
[  567.214731]  kernel_clone+0xe7/0xa60
[  567.215143]  ? lock_is_held_type+0xd7/0x130
[  567.215593]  ? copy_init_mm+0x20/0x20
[  567.216004]  ? lock_is_held_type+0xd7/0x130
[  567.216458]  __do_sys_clone3+0x1c9/0x2d0
[  567.216895]  ? __ia32_sys_clone+0x150/0x150
[  567.217374]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.217953]  ? vfs_write+0x188/0xae0
23:02:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 8)

23:02:25 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:02:25 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18)

23:02:25 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
finit_module(0xffffffffffffffff, &(0x7f0000000040)=')!,.{.\x00', 0x1)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r2)

23:02:25 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16)

23:02:25 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 10)

23:02:25 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfc, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:25 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8)

[  567.218354]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.219153]  ? fput+0x2a/0x50
[  567.219490]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.220023]  do_syscall_64+0x3b/0x90
[  567.220413]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.220952] RIP: 0033:0x7fc730828b19
[  567.221360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.223255] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.224043] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  567.224794] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.225543] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.226279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.227009] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  567.227761]  </TASK>
[  567.233939] FAULT_INJECTION: forcing a failure.
[  567.233939] name failslab, interval 1, probability 0, space 0, times 0
[  567.235137] CPU: 0 PID: 5574 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.236012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.237193] Call Trace:
[  567.237463]  <TASK>
[  567.237698]  dump_stack_lvl+0x8b/0xb3
[  567.238101]  should_fail.cold+0x5/0xa
[  567.238513]  ? create_object.isra.0+0x3a/0xa20
[  567.239003]  should_failslab+0x5/0x10
[  567.239397]  kmem_cache_alloc+0x5b/0x480
[  567.239826]  create_object.isra.0+0x3a/0xa20
[  567.240304]  ? kasan_unpoison+0x23/0x50
[  567.240326]  kmem_cache_alloc_trace+0x22e/0x3c0
[  567.241734]  alloc_ucounts+0x1bf/0x580
[  567.242148]  ? get_ucounts+0x60/0x60
[  567.242541]  ? setup_userns_sysctls+0x103/0x180
[  567.243048]  set_cred_ucounts+0x163/0x320
[  567.243505]  copy_creds+0x55b/0x930
[  567.243890]  copy_process+0x10d5/0x6d40
[  567.244329]  ? lock_is_held_type+0xd7/0x130
[  567.244788]  ? find_held_lock+0x2c/0x110
[  567.245230]  ? lock_release+0x3b2/0x6f0
[  567.245657]  ? __might_fault+0xd1/0x170
[  567.246096]  ? __cleanup_sighand+0xb0/0xb0
[  567.246559]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.247125]  ? _copy_from_user+0x139/0x170
[  567.247581]  ? kernel_clone+0x2f8/0xa60
[  567.247999]  kernel_clone+0xe7/0xa60
[  567.248391]  ? lock_is_held_type+0xd7/0x130
[  567.248865]  ? copy_init_mm+0x20/0x20
[  567.249298]  ? lock_is_held_type+0xd7/0x130
[  567.249752]  __do_sys_clone3+0x1c9/0x2d0
[  567.250177]  ? __ia32_sys_clone+0x150/0x150
[  567.250669]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.251245]  ? vfs_write+0x188/0xae0
[  567.251635]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.252214]  ? fput+0x2a/0x50
[  567.252558]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.253118]  do_syscall_64+0x3b/0x90
[  567.253522]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.254057] RIP: 0033:0x7f3d8a0d9b19
[  567.254437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.256347] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.257171] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  567.257902] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.258640] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.259387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.260135] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  567.260889]  </TASK>
[  567.261395] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  567.266360] FAULT_INJECTION: forcing a failure.
[  567.266360] name failslab, interval 1, probability 0, space 0, times 0
[  567.267999] CPU: 0 PID: 5566 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.268863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
23:02:25 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfd, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  567.270072] Call Trace:
[  567.270503]  <TASK>
[  567.270739]  dump_stack_lvl+0x8b/0xb3
[  567.271145]  should_fail.cold+0x5/0xa
[  567.271556]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  567.272242]  should_failslab+0x5/0x10
[  567.272638]  __kmalloc+0x72/0x330
[  567.273019]  genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  567.273691]  genl_family_rcv_msg_doit+0xda/0x330
[  567.274185]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.274875]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.275390]  ? memset+0x20/0x40
[  567.275750]  ? genl_op_from_small+0x23/0x3c0
[  567.276222]  ? genl_get_cmd+0x3cf/0x480
[  567.276657]  genl_rcv_msg+0x33c/0x5a0
[  567.277069]  ? genl_get_cmd+0x480/0x480
[  567.277503]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.278011]  ? lock_release+0x6f0/0x6f0
[  567.278438]  netlink_rcv_skb+0x14b/0x430
[  567.278868]  ? genl_get_cmd+0x480/0x480
[  567.279299]  ? netlink_ack+0xa60/0xa60
[  567.279714]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.280189]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.280711]  ? is_vmalloc_addr+0x7b/0xb0
[  567.281158]  genl_rcv+0x24/0x40
[  567.281508]  netlink_unicast+0x53a/0x7e0
[  567.281949]  ? netlink_attachskb+0x870/0x870
[  567.282410]  ? __virt_addr_valid+0xe9/0x310
[  567.282876]  netlink_sendmsg+0x904/0xdf0
[  567.283318]  ? netlink_unicast+0x7e0/0x7e0
[  567.283783]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.284364]  ? netlink_unicast+0x7e0/0x7e0
[  567.284814]  sock_sendmsg+0x150/0x190
[  567.285244]  ____sys_sendmsg+0x709/0x870
[  567.285673]  ? kernel_sendmsg+0x50/0x50
[  567.286089]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.286575]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.287131]  ? lock_release+0x3b2/0x6f0
[  567.287544]  ? __might_fault+0xd1/0x170
[  567.287968]  ___sys_sendmsg+0xf3/0x170
[  567.288382]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.288876]  ? lock_release+0x3b2/0x6f0
[  567.289309]  ? lock_downgrade+0x6d0/0x6d0
[  567.289750]  ? lock_release+0x3b2/0x6f0
[  567.290173]  ? ksys_write+0x212/0x250
[  567.290587]  ? lock_downgrade+0x6d0/0x6d0
[  567.291041]  ? __fget_files+0x28d/0x470
[  567.291471]  ? __fget_light+0xea/0x280
[  567.291876]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.292459]  __sys_sendmsg+0xe5/0x1b0
[  567.292864]  ? __sys_sendmsg_sock+0x30/0x30
[  567.293345]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.293932]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.294475]  do_syscall_64+0x3b/0x90
[  567.294870]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.295413] RIP: 0033:0x7efdec8bab19
[  567.295809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.297735] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.298521] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  567.299268] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.300007] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  567.300744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.301489] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  567.302250]  </TASK>
[  567.302658] FAULT_INJECTION: forcing a failure.
[  567.302658] name failslab, interval 1, probability 0, space 0, times 0
[  567.305675] CPU: 1 PID: 5571 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.307920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.311020] Call Trace:
[  567.311731]  <TASK>
[  567.312352]  dump_stack_lvl+0x8b/0xb3
[  567.313435]  should_fail.cold+0x5/0xa
[  567.314285]  ? __alloc_skb+0x211/0x340
[  567.315130]  should_failslab+0x5/0x10
[  567.315953]  kmem_cache_alloc_node+0x55/0x490
[  567.316952]  __alloc_skb+0x211/0x340
[  567.317807]  netlbl_mgmt_listdef+0xba/0x580
[  567.318756]  genl_family_rcv_msg_doit+0x22d/0x330
[  567.319807]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.321264]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.322332]  ? genl_op_from_small+0x23/0x3c0
[  567.323291]  ? genl_get_cmd+0x3cf/0x480
[  567.324149]  genl_rcv_msg+0x33c/0x5a0
[  567.324990]  ? genl_get_cmd+0x480/0x480
[  567.325870]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.326911]  ? lock_release+0x6f0/0x6f0
[  567.327801]  netlink_rcv_skb+0x14b/0x430
[  567.328688]  ? genl_get_cmd+0x480/0x480
[  567.329621]  ? netlink_ack+0xa60/0xa60
[  567.330493]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.331482]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.332572]  ? is_vmalloc_addr+0x7b/0xb0
[  567.333482]  genl_rcv+0x24/0x40
[  567.334205]  netlink_unicast+0x53a/0x7e0
[  567.335113]  ? netlink_attachskb+0x870/0x870
[  567.336076]  ? __virt_addr_valid+0xe9/0x310
[  567.337046]  netlink_sendmsg+0x904/0xdf0
[  567.337950]  ? netlink_unicast+0x7e0/0x7e0
[  567.338888]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.340093]  ? netlink_unicast+0x7e0/0x7e0
[  567.341033]  sock_sendmsg+0x150/0x190
[  567.341873]  ____sys_sendmsg+0x709/0x870
[  567.342773]  ? kernel_sendmsg+0x50/0x50
[  567.343646]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.344641]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.345807]  ? lock_release+0x3b2/0x6f0
[  567.346671]  ? __might_fault+0xd1/0x170
[  567.347579]  ___sys_sendmsg+0xf3/0x170
[  567.348434]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.349456]  ? lock_release+0x3b2/0x6f0
[  567.350324]  ? lock_downgrade+0x6d0/0x6d0
[  567.351228]  ? lock_release+0x3b2/0x6f0
[  567.352076]  ? ksys_write+0x212/0x250
[  567.352931]  ? lock_downgrade+0x6d0/0x6d0
[  567.353856]  ? __fget_files+0x28d/0x470
[  567.354760]  ? __fget_light+0xea/0x280
[  567.355610]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.356818]  __sys_sendmsg+0xe5/0x1b0
[  567.357666]  ? __sys_sendmsg_sock+0x30/0x30
[  567.358610]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.359826]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.360963]  do_syscall_64+0x3b/0x90
[  567.361811]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.362938] RIP: 0033:0x7f54fbbc7b19
[  567.363743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.367753] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.369412] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  567.370955] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.372504] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.374076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.375614] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  567.377179]  </TASK>
23:02:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 9)

23:02:25 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17)

[  567.414185] FAULT_INJECTION: forcing a failure.
[  567.414185] name failslab, interval 1, probability 0, space 0, times 0
[  567.415478] CPU: 0 PID: 5589 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.416372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.417626] Call Trace:
[  567.417910]  <TASK>
[  567.418163]  dump_stack_lvl+0x8b/0xb3
[  567.418599]  should_fail.cold+0x5/0xa
[  567.419019]  ? create_object.isra.0+0x3a/0xa20
[  567.419525]  should_failslab+0x5/0x10
[  567.419942]  kmem_cache_alloc+0x5b/0x480
[  567.420398]  create_object.isra.0+0x3a/0xa20
[  567.420881]  ? kasan_unpoison+0x23/0x50
[  567.421363]  __kmalloc+0x1ed/0x330
[  567.421750]  genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290
[  567.422443]  genl_family_rcv_msg_doit+0xda/0x330
[  567.422950]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.423680]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.424230]  ? memset+0x20/0x40
[  567.424607]  ? genl_op_from_small+0x23/0x3c0
[  567.425117]  ? genl_get_cmd+0x3cf/0x480
[  567.425572]  genl_rcv_msg+0x33c/0x5a0
[  567.426001]  ? genl_get_cmd+0x480/0x480
[  567.426442]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  567.427050]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.427604]  netlink_rcv_skb+0x14b/0x430
[  567.428034]  ? genl_get_cmd+0x480/0x480
[  567.428484]  ? netlink_ack+0xa60/0xa60
[  567.428915]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.429404]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.429952]  ? is_vmalloc_addr+0x7b/0xb0
[  567.430396]  genl_rcv+0x24/0x40
[  567.430764]  netlink_unicast+0x53a/0x7e0
[  567.431208]  ? netlink_attachskb+0x870/0x870
[  567.431699]  ? __virt_addr_valid+0xe9/0x310
[  567.432164]  netlink_sendmsg+0x904/0xdf0
[  567.432619]  ? netlink_unicast+0x7e0/0x7e0
[  567.433085]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.433692]  ? netlink_unicast+0x7e0/0x7e0
[  567.434141]  sock_sendmsg+0x150/0x190
[  567.434569]  ____sys_sendmsg+0x709/0x870
[  567.434994]  ? kernel_sendmsg+0x50/0x50
[  567.435431]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.435919]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.436502]  ? lock_release+0x3b2/0x6f0
[  567.436924]  ? __might_fault+0xd1/0x170
[  567.437395]  ___sys_sendmsg+0xf3/0x170
[  567.437823]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.438329]  ? lock_release+0x3b2/0x6f0
[  567.438759]  ? lock_downgrade+0x6d0/0x6d0
[  567.439215]  ? lock_release+0x3b2/0x6f0
[  567.439636]  ? ksys_write+0x212/0x250
[  567.440055]  ? lock_downgrade+0x6d0/0x6d0
[  567.440489]  ? __fget_files+0x28d/0x470
[  567.440937]  ? __fget_light+0xea/0x280
[  567.441354]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.441965]  __sys_sendmsg+0xe5/0x1b0
[  567.442384]  ? __sys_sendmsg_sock+0x30/0x30
[  567.442861]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.443465]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.444035]  do_syscall_64+0x3b/0x90
[  567.444435]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.445013] RIP: 0033:0x7efdec8bab19
[  567.445417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.447304] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.448085] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  567.448823] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.449569] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  567.450306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.451034] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  567.451783]  </TASK>
23:02:25 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19)

23:02:25 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  567.500484] FAULT_INJECTION: forcing a failure.
[  567.500484] name failslab, interval 1, probability 0, space 0, times 0
23:02:25 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9)

23:02:25 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x80fe, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  567.501737] CPU: 0 PID: 5596 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.501753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
23:02:25 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x66}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15cc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x100}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14a0}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x20044084)
r3 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r4}, {r5, 0x4006}], 0x2, 0xffff)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000040)={0x0, {}, 0x0, {}, 0x9, 0xb, 0x9, 0x8, "6e5f245a8923fbd6c557fa0b87b21105bd4b6d14a3c843a4f63fe9987430655ba217ee4b924e4f0230d86d3be1f865c25066ab48f70866ccc3295404427b24fb", "892b652a23e22ff20654bf50f36dd1841db3aa87f15ab4aaf9160c47ed07cf46", [0x1000, 0xfcd5]})
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r3, 0x1269, r6)

[  567.501761] Call Trace:
[  567.501766]  <TASK>
[  567.501771]  dump_stack_lvl+0x8b/0xb3
[  567.501797]  should_fail.cold+0x5/0xa
[  567.501817]  ? alloc_ucounts+0x1bf/0x580
[  567.501832]  should_failslab+0x5/0x10
[  567.501844]  kmem_cache_alloc_trace+0x55/0x3c0
23:02:25 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20)

[  567.501864]  alloc_ucounts+0x1bf/0x580
[  567.501879]  ? get_ucounts+0x60/0x60
[  567.501892]  ? setup_userns_sysctls+0x103/0x180
23:02:25 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18)

[  567.501910]  set_cred_ucounts+0x163/0x320
[  567.501933]  copy_creds+0x55b/0x930
[  567.501953]  copy_process+0x10d5/0x6d40
[  567.501971]  ? lock_is_held_type+0xd7/0x130
[  567.501986]  ? find_held_lock+0x2c/0x110
[  567.502003]  ? lock_release+0x3b2/0x6f0
23:02:25 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10)

[  567.502017]  ? __might_fault+0xd1/0x170
[  567.502042]  ? __cleanup_sighand+0xb0/0xb0
[  567.502066]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
23:02:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 10)

[  567.502083]  ? _copy_from_user+0x139/0x170
[  567.502101]  ? kernel_clone+0x2f8/0xa60
[  567.502121]  kernel_clone+0xe7/0xa60
[  567.502138]  ? lock_is_held_type+0xd7/0x130
23:02:25 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19)

[  567.502152]  ? copy_init_mm+0x20/0x20
[  567.502182]  ? lock_is_held_type+0xd7/0x130
[  567.502200]  __do_sys_clone3+0x1c9/0x2d0
[  567.502222]  ? __ia32_sys_clone+0x150/0x150
[  567.502251]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.502267]  ? vfs_write+0x188/0xae0
[  567.502286]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.502302]  ? fput+0x2a/0x50
[  567.502324]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.502343]  do_syscall_64+0x3b/0x90
[  567.502361]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.502375] RIP: 0033:0x7f37c9f3ab19
[  567.502385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.502397] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.502411] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  567.502419] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.502427] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  567.502435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.502443] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  567.502464]  </TASK>
[  567.502647] FAULT_INJECTION: forcing a failure.
[  567.502647] name failslab, interval 1, probability 0, space 0, times 0
[  567.502661] CPU: 0 PID: 5597 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.502674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.502682] Call Trace:
[  567.502685]  <TASK>
[  567.502690]  dump_stack_lvl+0x8b/0xb3
[  567.502711]  should_fail.cold+0x5/0xa
[  567.502730]  ? dup_fd+0x89/0xca0
[  567.502744]  should_failslab+0x5/0x10
[  567.502755]  kmem_cache_alloc+0x5b/0x480
[  567.502773]  dup_fd+0x89/0xca0
[  567.502784]  ? audit_filter_inodes+0x40/0x40
[  567.502800]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.502816]  ? security_task_alloc+0xe6/0x260
[  567.502836]  copy_process+0x1c74/0x6d40
[  567.502853]  ? lock_is_held_type+0xd7/0x130
[  567.502866]  ? find_held_lock+0x2c/0x110
[  567.502891]  ? __cleanup_sighand+0xb0/0xb0
[  567.502915]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.502930]  ? _copy_from_user+0x139/0x170
[  567.502947]  ? kernel_clone+0x2f8/0xa60
[  567.502967]  kernel_clone+0xe7/0xa60
[  567.502984]  ? lock_is_held_type+0xd7/0x130
[  567.502998]  ? copy_init_mm+0x20/0x20
[  567.503025]  ? lock_is_held_type+0xd7/0x130
[  567.503042]  __do_sys_clone3+0x1c9/0x2d0
[  567.503061]  ? __ia32_sys_clone+0x150/0x150
[  567.503090]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.503106]  ? vfs_write+0x188/0xae0
[  567.503123]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.503140]  ? fput+0x2a/0x50
[  567.503164]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.503183]  do_syscall_64+0x3b/0x90
[  567.503202]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.503215] RIP: 0033:0x7f3d8a0d9b19
[  567.503224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.503235] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.503248] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  567.503257] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.503267] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.503275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.503285] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  567.503305]  </TASK>
[  567.552381] FAULT_INJECTION: forcing a failure.
[  567.552381] name failslab, interval 1, probability 0, space 0, times 0
[  567.552403] CPU: 0 PID: 5602 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.552417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.552426] Call Trace:
[  567.552430]  <TASK>
[  567.552435]  dump_stack_lvl+0x8b/0xb3
[  567.552462]  should_fail.cold+0x5/0xa
[  567.552482]  ? create_user_ns+0x1ac/0xd80
[  567.552501]  should_failslab+0x5/0x10
[  567.552514]  kmem_cache_alloc+0x5b/0x480
[  567.552532]  create_user_ns+0x1ac/0xd80
[  567.552551]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.552567]  ? prepare_creds+0x519/0x6f0
[  567.552589]  copy_creds+0x53d/0x930
[  567.552609]  copy_process+0x10d5/0x6d40
[  567.552628]  ? lock_is_held_type+0xd7/0x130
[  567.552642]  ? find_held_lock+0x2c/0x110
[  567.552658]  ? lock_release+0x3b2/0x6f0
[  567.552672]  ? __might_fault+0xd1/0x170
[  567.552698]  ? __cleanup_sighand+0xb0/0xb0
[  567.552721]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.552736]  ? _copy_from_user+0x139/0x170
[  567.552754]  ? kernel_clone+0x2f8/0xa60
[  567.552774]  kernel_clone+0xe7/0xa60
[  567.552792]  ? lock_is_held_type+0xd7/0x130
[  567.552806]  ? copy_init_mm+0x20/0x20
[  567.552832]  ? lock_is_held_type+0xd7/0x130
[  567.552850]  __do_sys_clone3+0x1c9/0x2d0
[  567.552868]  ? __ia32_sys_clone+0x150/0x150
[  567.552897]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.552917]  ? vfs_write+0x188/0xae0
[  567.552934]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.552951]  ? fput+0x2a/0x50
[  567.552993]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.553012]  do_syscall_64+0x3b/0x90
[  567.553031]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.553044] RIP: 0033:0x7fc730828b19
[  567.553053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.553065] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.553079] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  567.553088] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.553096] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.553103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.553111] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  567.553132]  </TASK>
[  567.569973] FAULT_INJECTION: forcing a failure.
[  567.569973] name failslab, interval 1, probability 0, space 0, times 0
[  567.570015] CPU: 1 PID: 5605 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.570046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.570064] Call Trace:
[  567.570072]  <TASK>
[  567.570081]  dump_stack_lvl+0x8b/0xb3
[  567.570134]  should_fail.cold+0x5/0xa
[  567.570183]  ? create_object.isra.0+0x3a/0xa20
[  567.570226]  should_failslab+0x5/0x10
[  567.570253]  kmem_cache_alloc+0x5b/0x480
[  567.570296]  create_object.isra.0+0x3a/0xa20
[  567.570339]  ? kasan_unpoison+0x23/0x50
[  567.570395]  kmem_cache_alloc+0x239/0x480
[  567.570441]  dup_fd+0x89/0xca0
[  567.570471]  ? audit_filter_inodes+0x40/0x40
[  567.570511]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.570550]  ? security_task_alloc+0xe6/0x260
[  567.570599]  copy_process+0x1c74/0x6d40
[  567.570636]  ? lock_is_held_type+0xd7/0x130
[  567.570667]  ? find_held_lock+0x2c/0x110
[  567.570727]  ? __cleanup_sighand+0xb0/0xb0
[  567.570782]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.570814]  ? _copy_from_user+0x139/0x170
[  567.570851]  ? kernel_clone+0x2f8/0xa60
[  567.570896]  kernel_clone+0xe7/0xa60
[  567.570938]  ? lock_is_held_type+0xd7/0x130
[  567.570967]  ? copy_init_mm+0x20/0x20
[  567.571024]  ? lock_is_held_type+0xd7/0x130
[  567.571067]  __do_sys_clone3+0x1c9/0x2d0
[  567.571111]  ? __ia32_sys_clone+0x150/0x150
[  567.571184]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.571217]  ? vfs_write+0x188/0xae0
[  567.571259]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.571296]  ? fput+0x2a/0x50
[  567.571355]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.571405]  do_syscall_64+0x3b/0x90
[  567.571449]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.571479] RIP: 0033:0x7f3d8a0d9b19
[  567.571500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.571527] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.571552] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  567.571569] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.571584] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.571599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.571614] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  567.571654]  </TASK>
[  567.593878] FAULT_INJECTION: forcing a failure.
[  567.593878] name failslab, interval 1, probability 0, space 0, times 0
[  567.593901] CPU: 0 PID: 5610 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.593915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.593924] Call Trace:
[  567.593929]  <TASK>
[  567.593934]  dump_stack_lvl+0x8b/0xb3
[  567.593961]  should_fail.cold+0x5/0xa
[  567.593981]  ? create_object.isra.0+0x3a/0xa20
[  567.594004]  should_failslab+0x5/0x10
[  567.594017]  kmem_cache_alloc+0x5b/0x480
[  567.594036]  create_object.isra.0+0x3a/0xa20
[  567.594055]  ? kasan_unpoison+0x23/0x50
[  567.594076]  kmem_cache_alloc_trace+0x22e/0x3c0
[  567.594095]  alloc_ucounts+0x1bf/0x580
[  567.594111]  ? get_ucounts+0x60/0x60
[  567.594124]  ? setup_userns_sysctls+0x103/0x180
[  567.594142]  set_cred_ucounts+0x163/0x320
[  567.594169]  copy_creds+0x55b/0x930
[  567.594189]  copy_process+0x10d5/0x6d40
[  567.594208]  ? lock_is_held_type+0xd7/0x130
[  567.594223]  ? find_held_lock+0x2c/0x110
[  567.594240]  ? lock_release+0x3b2/0x6f0
[  567.594254]  ? __might_fault+0xd1/0x170
[  567.594279]  ? __cleanup_sighand+0xb0/0xb0
[  567.594302]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.594319]  ? _copy_from_user+0x139/0x170
[  567.594337]  ? kernel_clone+0x2f8/0xa60
[  567.594357]  kernel_clone+0xe7/0xa60
[  567.594375]  ? lock_is_held_type+0xd7/0x130
[  567.594389]  ? copy_init_mm+0x20/0x20
[  567.594415]  ? lock_is_held_type+0xd7/0x130
[  567.594433]  __do_sys_clone3+0x1c9/0x2d0
[  567.594451]  ? __ia32_sys_clone+0x150/0x150
[  567.594480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.594496]  ? vfs_write+0x188/0xae0
[  567.594514]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.594530]  ? fput+0x2a/0x50
[  567.594552]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.594571]  do_syscall_64+0x3b/0x90
[  567.594590]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.594603] RIP: 0033:0x7f37c9f3ab19
[  567.594612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.594624] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.594638] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  567.594646] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.594654] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  567.594662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.594670] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  567.594690]  </TASK>
[  567.619151] FAULT_INJECTION: forcing a failure.
[  567.619151] name failslab, interval 1, probability 0, space 0, times 0
[  567.619195] CPU: 0 PID: 5614 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.619213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.619222] Call Trace:
[  567.619227]  <TASK>
[  567.619232]  dump_stack_lvl+0x8b/0xb3
[  567.619256]  should_fail.cold+0x5/0xa
[  567.619276]  ? create_object.isra.0+0x3a/0xa20
[  567.619298]  should_failslab+0x5/0x10
[  567.619310]  kmem_cache_alloc+0x5b/0x480
[  567.619329]  create_object.isra.0+0x3a/0xa20
[  567.619347]  ? kasan_unpoison+0x23/0x50
[  567.619368]  kmem_cache_alloc+0x239/0x480
[  567.619386]  create_user_ns+0x1ac/0xd80
[  567.619404]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.619421]  ? prepare_creds+0x519/0x6f0
[  567.619445]  copy_creds+0x53d/0x930
[  567.619465]  copy_process+0x10d5/0x6d40
[  567.619483]  ? lock_is_held_type+0xd7/0x130
[  567.619497]  ? find_held_lock+0x2c/0x110
[  567.619513]  ? lock_release+0x3b2/0x6f0
[  567.619527]  ? __might_fault+0xd1/0x170
[  567.619552]  ? __cleanup_sighand+0xb0/0xb0
[  567.619575]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.619591]  ? _copy_from_user+0x139/0x170
[  567.619609]  ? kernel_clone+0x2f8/0xa60
[  567.619628]  kernel_clone+0xe7/0xa60
[  567.619646]  ? lock_is_held_type+0xd7/0x130
[  567.619660]  ? copy_init_mm+0x20/0x20
[  567.619687]  ? lock_is_held_type+0xd7/0x130
[  567.619704]  __do_sys_clone3+0x1c9/0x2d0
[  567.619723]  ? __ia32_sys_clone+0x150/0x150
[  567.619752]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.619767]  ? vfs_write+0x188/0xae0
[  567.619785]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.619801]  ? fput+0x2a/0x50
[  567.619823]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.619842]  do_syscall_64+0x3b/0x90
[  567.619861]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.619874] RIP: 0033:0x7fc730828b19
[  567.619883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.619895] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.619908] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  567.619916] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.619924] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.619932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.619940] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  567.619961]  </TASK>
[  567.649874] FAULT_INJECTION: forcing a failure.
[  567.649874] name failslab, interval 1, probability 0, space 0, times 0
[  567.649896] CPU: 0 PID: 5617 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.649910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.649920] Call Trace:
[  567.649924]  <TASK>
[  567.649929]  dump_stack_lvl+0x8b/0xb3
[  567.649956]  should_fail.cold+0x5/0xa
[  567.649976]  ? __alloc_skb+0x211/0x340
[  567.649994]  should_failslab+0x5/0x10
[  567.650007]  kmem_cache_alloc_node+0x55/0x490
[  567.650028]  __alloc_skb+0x211/0x340
[  567.650047]  netlbl_mgmt_listdef+0xba/0x580
[  567.650069]  genl_family_rcv_msg_doit+0x22d/0x330
[  567.650093]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.650111]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.650136]  ? genl_op_from_small+0x23/0x3c0
[  567.650154]  ? genl_get_cmd+0x3cf/0x480
[  567.650174]  genl_rcv_msg+0x33c/0x5a0
[  567.650194]  ? genl_get_cmd+0x480/0x480
[  567.650211]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.650232]  ? lock_release+0x6f0/0x6f0
[  567.650253]  netlink_rcv_skb+0x14b/0x430
[  567.650269]  ? genl_get_cmd+0x480/0x480
[  567.650288]  ? netlink_ack+0xa60/0xa60
[  567.650310]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.650324]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.650341]  ? is_vmalloc_addr+0x7b/0xb0
[  567.650364]  genl_rcv+0x24/0x40
[  567.650379]  netlink_unicast+0x53a/0x7e0
[  567.650399]  ? netlink_attachskb+0x870/0x870
[  567.650414]  ? __virt_addr_valid+0xe9/0x310
[  567.650442]  netlink_sendmsg+0x904/0xdf0
[  567.650463]  ? netlink_unicast+0x7e0/0x7e0
[  567.650485]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.650503]  ? netlink_unicast+0x7e0/0x7e0
[  567.650519]  sock_sendmsg+0x150/0x190
[  567.650536]  ____sys_sendmsg+0x709/0x870
[  567.650554]  ? kernel_sendmsg+0x50/0x50
[  567.650567]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.650585]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.650603]  ? lock_release+0x3b2/0x6f0
[  567.650617]  ? __might_fault+0xd1/0x170
[  567.650642]  ___sys_sendmsg+0xf3/0x170
[  567.650661]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.650679]  ? lock_release+0x3b2/0x6f0
[  567.650695]  ? lock_downgrade+0x6d0/0x6d0
[  567.650712]  ? lock_release+0x3b2/0x6f0
[  567.650726]  ? ksys_write+0x212/0x250
[  567.650743]  ? lock_downgrade+0x6d0/0x6d0
[  567.650763]  ? __fget_files+0x28d/0x470
[  567.650785]  ? __fget_light+0xea/0x280
[  567.650799]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.650820]  __sys_sendmsg+0xe5/0x1b0
[  567.650837]  ? __sys_sendmsg_sock+0x30/0x30
[  567.650853]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.650882]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.650902]  do_syscall_64+0x3b/0x90
[  567.650922]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.650935] RIP: 0033:0x7efdec8bab19
[  567.650944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.650956] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.650970] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  567.650979] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.650987] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  567.650995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
23:02:25 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 11)

23:02:25 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21)

23:02:25 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11)

23:02:25 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xc0fe, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  567.651002] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  567.651025]  </TASK>
[  567.684011] FAULT_INJECTION: forcing a failure.
[  567.684011] name failslab, interval 1, probability 0, space 0, times 0
[  567.851759] CPU: 0 PID: 5620 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.851778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.851787] Call Trace:
[  567.851794]  <TASK>
[  567.851801]  dump_stack_lvl+0x8b/0xb3
[  567.851830]  should_fail.cold+0x5/0xa
[  567.851850]  ? create_object.isra.0+0x3a/0xa20
[  567.851872]  should_failslab+0x5/0x10
[  567.851885]  kmem_cache_alloc+0x5b/0x480
[  567.851904]  create_object.isra.0+0x3a/0xa20
[  567.851922]  ? kasan_unpoison+0x23/0x50
[  567.851944]  kmem_cache_alloc_trace+0x22e/0x3c0
[  567.851962]  alloc_ucounts+0x1bf/0x580
23:02:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 11)

[  567.851979]  ? get_ucounts+0x60/0x60
[  567.851991]  ? setup_userns_sysctls+0x103/0x180
[  567.852009]  set_cred_ucounts+0x163/0x320
[  567.852033]  copy_creds+0x55b/0x930
[  567.852053]  copy_process+0x10d5/0x6d40
[  567.852071]  ? lock_is_held_type+0xd7/0x130
[  567.852086]  ? find_held_lock+0x2c/0x110
[  567.852103]  ? lock_release+0x3b2/0x6f0
[  567.852117]  ? __might_fault+0xd1/0x170
[  567.852142]  ? __cleanup_sighand+0xb0/0xb0
[  567.852168]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.852184]  ? _copy_from_user+0x139/0x170
[  567.852203]  ? kernel_clone+0x2f8/0xa60
[  567.852222]  kernel_clone+0xe7/0xa60
[  567.852240]  ? lock_is_held_type+0xd7/0x130
[  567.852254]  ? copy_init_mm+0x20/0x20
[  567.852280]  ? lock_is_held_type+0xd7/0x130
[  567.852298]  __do_sys_clone3+0x1c9/0x2d0
[  567.852316]  ? __ia32_sys_clone+0x150/0x150
23:02:25 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22)

[  567.852345]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.852361]  ? vfs_write+0x188/0xae0
[  567.852378]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.852395]  ? fput+0x2a/0x50
[  567.852416]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.852435]  do_syscall_64+0x3b/0x90
[  567.852454]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.852468] RIP: 0033:0x7f37c9f3ab19
[  567.852480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.852492] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.852506] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  567.852514] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.852522] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  567.852530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.852537] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  567.852559]  </TASK>
[  567.874762] FAULT_INJECTION: forcing a failure.
[  567.874762] name failslab, interval 1, probability 0, space 0, times 0
[  567.874787] CPU: 0 PID: 5623 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.874802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.874811] Call Trace:
[  567.874815]  <TASK>
[  567.874820]  dump_stack_lvl+0x8b/0xb3
[  567.874848]  should_fail.cold+0x5/0xa
[  567.874869]  ? alloc_fdtable+0x7e/0x270
[  567.874888]  should_failslab+0x5/0x10
[  567.874902]  kmem_cache_alloc_trace+0x55/0x3c0
[  567.874921]  alloc_fdtable+0x7e/0x270
[  567.874936]  dup_fd+0x718/0xca0
[  567.874957]  copy_process+0x1c74/0x6d40
[  567.874977]  ? lock_is_held_type+0xd7/0x130
[  567.874992]  ? find_held_lock+0x2c/0x110
[  567.875018]  ? __cleanup_sighand+0xb0/0xb0
[  567.875042]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.875059]  ? _copy_from_user+0x139/0x170
[  567.875077]  ? kernel_clone+0x2f8/0xa60
[  567.875097]  kernel_clone+0xe7/0xa60
[  567.875115]  ? lock_is_held_type+0xd7/0x130
[  567.875129]  ? copy_init_mm+0x20/0x20
[  567.875156]  ? lock_is_held_type+0xd7/0x130
[  567.875173]  __do_sys_clone3+0x1c9/0x2d0
[  567.875192]  ? __ia32_sys_clone+0x150/0x150
[  567.875222]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.875238]  ? vfs_write+0x188/0xae0
[  567.875256]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.875273]  ? fput+0x2a/0x50
[  567.875294]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.875313]  do_syscall_64+0x3b/0x90
[  567.875333]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.875346] RIP: 0033:0x7f3d8a0d9b19
[  567.875356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.875369] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.875383] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  567.875392] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.875400] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.875409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.875417] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  567.875437]  </TASK>
[  567.903008] FAULT_INJECTION: forcing a failure.
[  567.903008] name failslab, interval 1, probability 0, space 0, times 0
[  567.903032] CPU: 0 PID: 5628 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.903047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.903057] Call Trace:
[  567.903061]  <TASK>
[  567.903067]  dump_stack_lvl+0x8b/0xb3
[  567.903094]  should_fail.cold+0x5/0xa
[  567.903117]  should_failslab+0x5/0x10
[  567.903131]  __kmalloc_track_caller+0x79/0x310
[  567.903147]  ? setup_userns_sysctls+0x4d/0x180
[  567.903170]  kmemdup+0x23/0x50
[  567.903184]  setup_userns_sysctls+0x4d/0x180
[  567.903201]  create_user_ns+0x8e5/0xd80
[  567.903225]  copy_creds+0x53d/0x930
[  567.903246]  copy_process+0x10d5/0x6d40
[  567.903265]  ? lock_is_held_type+0xd7/0x130
[  567.903280]  ? find_held_lock+0x2c/0x110
[  567.903297]  ? lock_release+0x3b2/0x6f0
[  567.903312]  ? __might_fault+0xd1/0x170
[  567.903338]  ? __cleanup_sighand+0xb0/0xb0
[  567.903361]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.903378]  ? _copy_from_user+0x139/0x170
[  567.903397]  ? kernel_clone+0x2f8/0xa60
[  567.903417]  kernel_clone+0xe7/0xa60
[  567.903434]  ? lock_is_held_type+0xd7/0x130
[  567.903448]  ? copy_init_mm+0x20/0x20
[  567.903475]  ? lock_is_held_type+0xd7/0x130
[  567.903493]  __do_sys_clone3+0x1c9/0x2d0
[  567.903511]  ? __ia32_sys_clone+0x150/0x150
[  567.903540]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.903557]  ? vfs_write+0x188/0xae0
[  567.903575]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.903592]  ? fput+0x2a/0x50
[  567.903613]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.903632]  do_syscall_64+0x3b/0x90
[  567.903651]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.903665] RIP: 0033:0x7fc730828b19
[  567.903675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.903687] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.903702] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  567.903711] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.903719] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.903727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.903735] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  567.903756]  </TASK>
[  567.907559] FAULT_INJECTION: forcing a failure.
[  567.907559] name failslab, interval 1, probability 0, space 0, times 0
[  567.907578] CPU: 0 PID: 5629 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.907592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.907601] Call Trace:
[  567.907604]  <TASK>
[  567.907610]  dump_stack_lvl+0x8b/0xb3
[  567.907632]  should_fail.cold+0x5/0xa
[  567.907652]  ? create_object.isra.0+0x3a/0xa20
[  567.907674]  should_failslab+0x5/0x10
[  567.907686]  kmem_cache_alloc+0x5b/0x480
[  567.907705]  create_object.isra.0+0x3a/0xa20
[  567.907723]  ? kasan_unpoison+0x23/0x50
[  567.907746]  kmem_cache_alloc_node+0x248/0x490
[  567.907765]  __alloc_skb+0x211/0x340
[  567.907786]  netlbl_mgmt_listdef+0xba/0x580
[  567.907808]  genl_family_rcv_msg_doit+0x22d/0x330
[  567.907828]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.907847]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.907872]  ? genl_op_from_small+0x23/0x3c0
[  567.907890]  ? genl_get_cmd+0x3cf/0x480
[  567.907910]  genl_rcv_msg+0x33c/0x5a0
[  567.907931]  ? genl_get_cmd+0x480/0x480
[  567.907947]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.907968]  ? lock_release+0x6f0/0x6f0
[  567.907989]  netlink_rcv_skb+0x14b/0x430
[  567.908005]  ? genl_get_cmd+0x480/0x480
[  567.908024]  ? netlink_ack+0xa60/0xa60
[  567.908046]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.908061]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.908077]  ? is_vmalloc_addr+0x7b/0xb0
[  567.908100]  genl_rcv+0x24/0x40
[  567.908114]  netlink_unicast+0x53a/0x7e0
[  567.908136]  ? netlink_attachskb+0x870/0x870
[  567.908150]  ? __virt_addr_valid+0xe9/0x310
[  567.908182]  netlink_sendmsg+0x904/0xdf0
[  567.908203]  ? netlink_unicast+0x7e0/0x7e0
[  567.908225]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.908244]  ? netlink_unicast+0x7e0/0x7e0
[  567.908260]  sock_sendmsg+0x150/0x190
[  567.908278]  ____sys_sendmsg+0x709/0x870
[  567.908295]  ? kernel_sendmsg+0x50/0x50
[  567.908309]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.908327]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.908345]  ? lock_release+0x3b2/0x6f0
[  567.908360]  ? __might_fault+0xd1/0x170
[  567.908385]  ___sys_sendmsg+0xf3/0x170
[  567.908404]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.908422]  ? lock_release+0x3b2/0x6f0
[  567.908439]  ? lock_downgrade+0x6d0/0x6d0
[  567.908456]  ? lock_release+0x3b2/0x6f0
[  567.908470]  ? ksys_write+0x212/0x250
[  567.908487]  ? lock_downgrade+0x6d0/0x6d0
[  567.908507]  ? __fget_files+0x28d/0x470
[  567.908529]  ? __fget_light+0xea/0x280
[  567.908543]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.908563]  __sys_sendmsg+0xe5/0x1b0
[  567.908581]  ? __sys_sendmsg_sock+0x30/0x30
[  567.908597]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.908626]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.908646]  do_syscall_64+0x3b/0x90
[  567.908665]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.908679] RIP: 0033:0x7efdec8bab19
[  567.908688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.908700] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.908713] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  567.908722] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.908731] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  567.908739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.908747] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  567.908770]  </TASK>
[  567.944541] FAULT_INJECTION: forcing a failure.
[  567.944541] name failslab, interval 1, probability 0, space 0, times 0
[  567.944566] CPU: 0 PID: 5632 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.944581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.944591] Call Trace:
[  567.944596]  <TASK>
[  567.944601]  dump_stack_lvl+0x8b/0xb3
[  567.944629]  should_fail.cold+0x5/0xa
[  567.944649]  ? create_object.isra.0+0x3a/0xa20
[  567.944673]  should_failslab+0x5/0x10
[  567.944686]  kmem_cache_alloc+0x5b/0x480
[  567.944705]  create_object.isra.0+0x3a/0xa20
[  567.944723]  ? kasan_unpoison+0x23/0x50
[  567.944745]  kmem_cache_alloc_trace+0x22e/0x3c0
[  567.944763]  alloc_fdtable+0x7e/0x270
[  567.944778]  dup_fd+0x718/0xca0
[  567.944799]  copy_process+0x1c74/0x6d40
[  567.944819]  ? lock_is_held_type+0xd7/0x130
[  567.944833]  ? find_held_lock+0x2c/0x110
[  567.944859]  ? __cleanup_sighand+0xb0/0xb0
[  567.944883]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.944900]  ? _copy_from_user+0x139/0x170
[  567.944918]  ? kernel_clone+0x2f8/0xa60
[  567.944938]  kernel_clone+0xe7/0xa60
[  567.944955]  ? lock_is_held_type+0xd7/0x130
[  567.944970]  ? copy_init_mm+0x20/0x20
[  567.945006]  ? lock_is_held_type+0xd7/0x130
[  567.945024]  __do_sys_clone3+0x1c9/0x2d0
[  567.945042]  ? __ia32_sys_clone+0x150/0x150
[  567.945075]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.945091]  ? vfs_write+0x188/0xae0
[  567.945108]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  567.945125]  ? fput+0x2a/0x50
[  567.945146]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.945165]  do_syscall_64+0x3b/0x90
[  567.945185]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.945198] RIP: 0033:0x7f3d8a0d9b19
[  567.945208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.945221] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  567.945235] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  567.945244] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  567.945252] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.945260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.945268] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  567.945289]  </TASK>
[  567.978879] FAULT_INJECTION: forcing a failure.
[  567.978879] name failslab, interval 1, probability 0, space 0, times 0
[  567.978927] CPU: 0 PID: 5633 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  567.978967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  567.978981] Call Trace:
[  567.978985]  <TASK>
[  567.978990]  dump_stack_lvl+0x8b/0xb3
[  567.979019]  should_fail.cold+0x5/0xa
[  567.979039]  ? create_object.isra.0+0x3a/0xa20
[  567.979063]  should_failslab+0x5/0x10
[  567.979077]  kmem_cache_alloc+0x5b/0x480
[  567.979097]  create_object.isra.0+0x3a/0xa20
[  567.979116]  ? kasan_unpoison+0x23/0x50
[  567.979139]  kmem_cache_alloc_node+0x248/0x490
[  567.979162]  __alloc_skb+0x211/0x340
[  567.979183]  netlbl_mgmt_listdef+0xba/0x580
[  567.979205]  genl_family_rcv_msg_doit+0x22d/0x330
[  567.979226]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  567.979247]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  567.979275]  ? genl_op_from_small+0x23/0x3c0
[  567.979294]  ? genl_get_cmd+0x3cf/0x480
[  567.979314]  genl_rcv_msg+0x33c/0x5a0
[  567.979334]  ? genl_get_cmd+0x480/0x480
[  567.979352]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  567.979372]  ? lock_release+0x6f0/0x6f0
[  567.979395]  netlink_rcv_skb+0x14b/0x430
[  567.979411]  ? genl_get_cmd+0x480/0x480
[  567.979430]  ? netlink_ack+0xa60/0xa60
[  567.979452]  ? netlink_deliver_tap+0x1b2/0xc30
[  567.979467]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  567.979484]  ? is_vmalloc_addr+0x7b/0xb0
[  567.979508]  genl_rcv+0x24/0x40
[  567.979523]  netlink_unicast+0x53a/0x7e0
[  567.979544]  ? netlink_attachskb+0x870/0x870
[  567.979559]  ? __virt_addr_valid+0xe9/0x310
[  567.979587]  netlink_sendmsg+0x904/0xdf0
[  567.979609]  ? netlink_unicast+0x7e0/0x7e0
[  567.979630]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.979649]  ? netlink_unicast+0x7e0/0x7e0
[  567.979666]  sock_sendmsg+0x150/0x190
[  567.979684]  ____sys_sendmsg+0x709/0x870
[  567.979702]  ? kernel_sendmsg+0x50/0x50
[  567.979716]  ? __ia32_sys_recvmmsg+0x260/0x260
[  567.979734]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  567.979752]  ? lock_release+0x3b2/0x6f0
[  567.979766]  ? __might_fault+0xd1/0x170
[  567.979792]  ___sys_sendmsg+0xf3/0x170
[  567.979811]  ? sendmsg_copy_msghdr+0x160/0x160
[  567.979829]  ? lock_release+0x3b2/0x6f0
[  567.979846]  ? lock_downgrade+0x6d0/0x6d0
[  567.979863]  ? lock_release+0x3b2/0x6f0
[  567.979877]  ? ksys_write+0x212/0x250
[  567.979894]  ? lock_downgrade+0x6d0/0x6d0
[  567.979914]  ? __fget_files+0x28d/0x470
[  567.979937]  ? __fget_light+0xea/0x280
[  567.979951]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  567.979974]  __sys_sendmsg+0xe5/0x1b0
[  567.979991]  ? __sys_sendmsg_sock+0x30/0x30
[  567.980007]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  567.980036]  ? syscall_enter_from_user_mode+0x1d/0x50
[  567.980057]  do_syscall_64+0x3b/0x90
[  567.980077]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  567.980091] RIP: 0033:0x7f54fbbc7b19
[  567.980101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  567.980114] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.980128] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  567.980137] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  567.980146] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  567.980154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.980162] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  567.980185]  </TASK>
[  580.340294] FAULT_INJECTION: forcing a failure.
[  580.340294] name failslab, interval 1, probability 0, space 0, times 0
[  580.341548] CPU: 0 PID: 5647 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.342408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.343579] Call Trace:
[  580.343850]  <TASK>
[  580.344081]  dump_stack_lvl+0x8b/0xb3
[  580.344490]  should_fail.cold+0x5/0xa
[  580.344902]  should_failslab+0x5/0x10
[  580.345323]  __kmalloc_node_track_caller+0x7e/0x330
[  580.345847]  ? netlbl_mgmt_listdef+0xba/0x580
[  580.346324]  __alloc_skb+0xe3/0x340
[  580.346717]  netlbl_mgmt_listdef+0xba/0x580
[  580.347174]  genl_family_rcv_msg_doit+0x22d/0x330
[  580.347684]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  580.348381]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  580.348896]  ? genl_op_from_small+0x23/0x3c0
[  580.349370]  ? genl_get_cmd+0x3cf/0x480
[  580.349799]  genl_rcv_msg+0x33c/0x5a0
[  580.350224]  ? genl_get_cmd+0x480/0x480
[  580.350673]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  580.351203]  ? lock_release+0x6f0/0x6f0
[  580.351647]  netlink_rcv_skb+0x14b/0x430
[  580.352094]  ? genl_get_cmd+0x480/0x480
23:02:38 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12)

23:02:38 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:02:38 executing program 5:
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x434980, 0x151)
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x191680, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f00000001c0)={0x1, 0x1, 0x1000, 0xa8, &(0x7f0000000080)="73d8bef480ee9025ada87c18536a109d9b6c99d6f64621c6ad7e19b9d2314e9beca5d45429e7079ea89dbae280162a6fe7a211dd4014347c2c7e8d8d8628511ef9736261ed1a8401ebc2a6873b54fcf2965f0d6087ad33efe12e538fa24a89ab7802e3778a2b6fd2746fb693026faa3ecba10e0a0789235fe49ba32a7626e96a24a7a0a0919ce11839be6a699dacf86466ac76df27329fb574ade814577343acef1f4be3c4734e28", 0x5b, 0x0, &(0x7f0000000140)="bb299be7c5b205867223907176f857d4476e4701441c63baff12240f8b2179658637b0a1acb7c6b573af97c159a585387cc3048bcb9c3a08a42680667b48095b92f8327a0845ab738ad82c26333f6a6f5398263c3b369a291f8b68"})
openat$vcs(0xffffffffffffff9c, &(0x7f0000000240), 0xa02, 0x0)

23:02:38 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20)

23:02:38 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23)

23:02:38 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfc00, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:38 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 12)

23:02:38 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 12)

[  580.352545]  ? netlink_ack+0xa60/0xa60
[  580.353229]  ? netlink_deliver_tap+0x1b2/0xc30
[  580.353727]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  580.354273]  ? is_vmalloc_addr+0x7b/0xb0
[  580.354729]  genl_rcv+0x24/0x40
[  580.355099]  netlink_unicast+0x53a/0x7e0
[  580.355559]  ? netlink_attachskb+0x870/0x870
[  580.356041]  ? __virt_addr_valid+0xe9/0x310
[  580.356531]  netlink_sendmsg+0x904/0xdf0
[  580.356984]  ? netlink_unicast+0x7e0/0x7e0
[  580.357470]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.358079]  ? netlink_unicast+0x7e0/0x7e0
[  580.358549]  sock_sendmsg+0x150/0x190
[  580.358972]  ____sys_sendmsg+0x709/0x870
[  580.359422]  ? kernel_sendmsg+0x50/0x50
[  580.359852]  ? __ia32_sys_recvmmsg+0x260/0x260
[  580.360360]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  580.360936]  ? lock_release+0x3b2/0x6f0
[  580.361381]  ? __might_fault+0xd1/0x170
[  580.361828]  ___sys_sendmsg+0xf3/0x170
[  580.362264]  ? sendmsg_copy_msghdr+0x160/0x160
[  580.362767]  ? lock_release+0x3b2/0x6f0
[  580.363205]  ? lock_downgrade+0x6d0/0x6d0
[  580.363660]  ? lock_release+0x3b2/0x6f0
[  580.364101]  ? ksys_write+0x212/0x250
[  580.364527]  ? lock_downgrade+0x6d0/0x6d0
[  580.364985]  ? __fget_files+0x28d/0x470
[  580.365213] FAULT_INJECTION: forcing a failure.
[  580.365213] name failslab, interval 1, probability 0, space 0, times 0
[  580.365450]  ? __fget_light+0xea/0x280
[  580.367685]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.368288]  __sys_sendmsg+0xe5/0x1b0
[  580.368710]  ? __sys_sendmsg_sock+0x30/0x30
[  580.369196]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.369803]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.370367]  do_syscall_64+0x3b/0x90
[  580.370765]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.371330] RIP: 0033:0x7efdec8bab19
[  580.371712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.373721] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  580.374547] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  580.375320] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  580.376101] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  580.376871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.377671] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  580.378459]  </TASK>
[  580.378714] CPU: 1 PID: 5653 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.379341] FAULT_INJECTION: forcing a failure.
[  580.379341] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  580.380115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.380133] Call Trace:
[  580.383673]  <TASK>
[  580.384046]  dump_stack_lvl+0x8b/0xb3
[  580.384711]  should_fail.cold+0x5/0xa
[  580.385375]  ? kvmalloc_node+0x3e/0x100
[  580.386044]  should_failslab+0x5/0x10
[  580.386681]  __kmalloc_node+0x76/0x360
[  580.387342]  kvmalloc_node+0x3e/0x100
[  580.387981]  alloc_fdtable+0xcd/0x270
[  580.388621]  dup_fd+0x718/0xca0
[  580.389172]  copy_process+0x1c74/0x6d40
[  580.389849]  ? lock_is_held_type+0xd7/0x130
[  580.390572]  ? find_held_lock+0x2c/0x110
[  580.391271]  ? __cleanup_sighand+0xb0/0xb0
[  580.391992]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.392912]  ? _copy_from_user+0x139/0x170
[  580.393656]  ? kernel_clone+0x2f8/0xa60
[  580.394330]  kernel_clone+0xe7/0xa60
[  580.394960]  ? lock_is_held_type+0xd7/0x130
[  580.395682]  ? copy_init_mm+0x20/0x20
[  580.396339]  ? lock_is_held_type+0xd7/0x130
[  580.397069]  __do_sys_clone3+0x1c9/0x2d0
[  580.397767]  ? __ia32_sys_clone+0x150/0x150
[  580.398513]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.399438]  ? vfs_write+0x188/0xae0
[  580.400070]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.400992]  ? fput+0x2a/0x50
[  580.401548]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.402420]  do_syscall_64+0x3b/0x90
[  580.403061]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.403922] RIP: 0033:0x7f3d8a0d9b19
[  580.404539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.407616] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.408887] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  580.410105] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.411299] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  580.412493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.413706] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  580.414925]  </TASK>
[  580.415315] CPU: 0 PID: 5648 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.416218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.417458] Call Trace:
[  580.417735]  <TASK>
[  580.417977]  dump_stack_lvl+0x8b/0xb3
[  580.418402]  should_fail.cold+0x5/0xa
[  580.418827]  prepare_alloc_pages+0x17b/0x500
[  580.419313]  __alloc_pages+0x131/0x4e0
[  580.419752]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[  580.420411]  ? lock_is_held_type+0xd7/0x130
[  580.420891]  ? lock_release+0x3b2/0x6f0
[  580.421315]  ? __slab_alloc.constprop.0+0x45/0x80
[  580.421842]  ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[  580.422446]  alloc_pages+0x1a0/0x2f0
[  580.422844]  new_slab+0x256/0x360
[  580.423225]  ___slab_alloc+0x76d/0xa60
[  580.423653]  ? setup_userns_sysctls+0x4d/0x180
[  580.424154]  ? lock_is_held_type+0xd7/0x130
[  580.424625]  ? setup_userns_sysctls+0x4d/0x180
[  580.425094]  __slab_alloc.constprop.0+0x45/0x80
[  580.425613]  __kmalloc_track_caller+0x2cc/0x310
[  580.426115]  ? setup_userns_sysctls+0x4d/0x180
[  580.426620]  kmemdup+0x23/0x50
[  580.426968]  setup_userns_sysctls+0x4d/0x180
[  580.427449]  create_user_ns+0x8e5/0xd80
[  580.427896]  copy_creds+0x53d/0x930
[  580.428308]  copy_process+0x10d5/0x6d40
[  580.428743]  ? lock_is_held_type+0xd7/0x130
[  580.429225]  ? find_held_lock+0x2c/0x110
[  580.429672]  ? lock_release+0x3b2/0x6f0
[  580.430107]  ? __might_fault+0xd1/0x170
[  580.430553]  ? __cleanup_sighand+0xb0/0xb0
[  580.431024]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.431624]  ? _copy_from_user+0x139/0x170
[  580.432094]  ? kernel_clone+0x2f8/0xa60
[  580.432535]  kernel_clone+0xe7/0xa60
[  580.432941]  ? lock_is_held_type+0xd7/0x130
[  580.433424]  ? copy_init_mm+0x20/0x20
[  580.433856]  ? lock_is_held_type+0xd7/0x130
[  580.434331]  __do_sys_clone3+0x1c9/0x2d0
[  580.434731] FAULT_INJECTION: forcing a failure.
[  580.434731] name failslab, interval 1, probability 0, space 0, times 0
[  580.434786]  ? __ia32_sys_clone+0x150/0x150
[  580.437083]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.437698]  ? vfs_write+0x188/0xae0
[  580.438104]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.438698]  ? fput+0x2a/0x50
[  580.439048]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.439615]  do_syscall_64+0x3b/0x90
[  580.440027]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.440589] RIP: 0033:0x7fc730828b19
[  580.440985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.442982] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.443812] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  580.444587] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.445369] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  580.446136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.446910] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  580.447694]  </TASK>
[  580.447948] CPU: 1 PID: 5655 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.449453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.451825] Call Trace:
[  580.451837]  <TASK>
[  580.451849]  dump_stack_lvl+0x8b/0xb3
[  580.451906]  should_fail.cold+0x5/0xa
[  580.451957]  should_failslab+0x5/0x10
[  580.451976]  __kmalloc_node_track_caller+0x7e/0x330
[  580.452000]  ? netlbl_mgmt_listdef+0xba/0x580
[  580.452035]  __alloc_skb+0xe3/0x340
[  580.452067]  netlbl_mgmt_listdef+0xba/0x580
[  580.452098]  genl_family_rcv_msg_doit+0x22d/0x330
[  580.452130]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  580.452159]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  580.452199]  ? genl_op_from_small+0x23/0x3c0
[  580.452228]  ? genl_get_cmd+0x3cf/0x480
[  580.452261]  genl_rcv_msg+0x33c/0x5a0
[  580.452292]  ? genl_get_cmd+0x480/0x480
[  580.452320]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  580.452352]  ? lock_release+0x6f0/0x6f0
[  580.452385]  netlink_rcv_skb+0x14b/0x430
[  580.452412]  ? genl_get_cmd+0x480/0x480
[  580.452441]  ? netlink_ack+0xa60/0xa60
[  580.452478]  ? netlink_deliver_tap+0x1b2/0xc30
[  580.452501]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
23:02:38 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21)

[  580.452526]  ? is_vmalloc_addr+0x7b/0xb0
[  580.452563]  genl_rcv+0x24/0x40
[  580.452586]  netlink_unicast+0x53a/0x7e0
[  580.452619]  ? netlink_attachskb+0x870/0x870
[  580.452642]  ? __virt_addr_valid+0xe9/0x310
[  580.452686]  netlink_sendmsg+0x904/0xdf0
[  580.452719]  ? netlink_unicast+0x7e0/0x7e0
[  580.452754]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.452782]  ? netlink_unicast+0x7e0/0x7e0
[  580.452808]  sock_sendmsg+0x150/0x190
[  580.452849]  ____sys_sendmsg+0x709/0x870
[  580.452893]  ? kernel_sendmsg+0x50/0x50
[  580.452916]  ? __ia32_sys_recvmmsg+0x260/0x260
[  580.452945]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  580.452974]  ? lock_release+0x3b2/0x6f0
[  580.452996]  ? __might_fault+0xd1/0x170
[  580.453037]  ___sys_sendmsg+0xf3/0x170
[  580.453066]  ? sendmsg_copy_msghdr+0x160/0x160
[  580.453096]  ? lock_release+0x3b2/0x6f0
[  580.453122]  ? lock_downgrade+0x6d0/0x6d0
[  580.453160]  ? lock_release+0x3b2/0x6f0
[  580.453183]  ? ksys_write+0x212/0x250
23:02:38 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfd00, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  580.453210]  ? lock_downgrade+0x6d0/0x6d0
[  580.453242]  ? __fget_files+0x28d/0x470
[  580.453275]  ? __fget_light+0xea/0x280
[  580.453297]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.453330]  __sys_sendmsg+0xe5/0x1b0
[  580.453357]  ? __sys_sendmsg_sock+0x30/0x30
[  580.453383]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.453434]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.453466]  do_syscall_64+0x3b/0x90
[  580.453497]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.453518] RIP: 0033:0x7f54fbbc7b19
[  580.453534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.453553] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  580.453575] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  580.453589] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  580.453602] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  580.453615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.453628] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  580.453664]  </TASK>
[  580.454476] FAULT_INJECTION: forcing a failure.
[  580.454476] name failslab, interval 1, probability 0, space 0, times 0
[  580.454495] CPU: 0 PID: 5659 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.454510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.454518] Call Trace:
[  580.454522]  <TASK>
[  580.454527]  dump_stack_lvl+0x8b/0xb3
[  580.454549]  should_fail.cold+0x5/0xa
[  580.454569]  ? create_object.isra.0+0x3a/0xa20
[  580.454591]  should_failslab+0x5/0x10
[  580.454602]  kmem_cache_alloc+0x5b/0x480
[  580.454620]  create_object.isra.0+0x3a/0xa20
[  580.454639]  ? kasan_unpoison+0x23/0x50
[  580.454660]  kmem_cache_alloc+0x239/0x480
[  580.454679]  dup_fd+0x89/0xca0
[  580.454690]  ? audit_filter_inodes+0x40/0x40
[  580.454706]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.454722]  ? security_task_alloc+0xe6/0x260
[  580.454743]  copy_process+0x1c74/0x6d40
[  580.454760]  ? lock_is_held_type+0xd7/0x130
[  580.454774]  ? find_held_lock+0x2c/0x110
[  580.454799]  ? __cleanup_sighand+0xb0/0xb0
[  580.454823]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.454839]  ? _copy_from_user+0x139/0x170
[  580.454856]  ? kernel_clone+0x2f8/0xa60
[  580.454875]  kernel_clone+0xe7/0xa60
[  580.454893]  ? lock_is_held_type+0xd7/0x130
[  580.454907]  ? copy_init_mm+0x20/0x20
[  580.454934]  ? lock_is_held_type+0xd7/0x130
[  580.454952]  __do_sys_clone3+0x1c9/0x2d0
[  580.454970]  ? __ia32_sys_clone+0x150/0x150
[  580.454999]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.455016]  ? vfs_write+0x188/0xae0
[  580.455033]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.455050]  ? fput+0x2a/0x50
[  580.455071]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.455091]  do_syscall_64+0x3b/0x90
[  580.455109]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.455123] RIP: 0033:0x7f37c9f3ab19
[  580.455132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.455144] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.455161] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  580.455170] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.455178] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  580.455186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.455194] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  580.455215]  </TASK>
[  580.537020] FAULT_INJECTION: forcing a failure.
[  580.537020] name failslab, interval 1, probability 0, space 0, times 0
[  580.537040] CPU: 0 PID: 5664 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.537054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.537062] Call Trace:
[  580.537066]  <TASK>
[  580.537071]  dump_stack_lvl+0x8b/0xb3
[  580.537096]  should_fail.cold+0x5/0xa
[  580.537116]  ? alloc_fdtable+0x7e/0x270
[  580.537130]  should_failslab+0x5/0x10
[  580.537142]  kmem_cache_alloc_trace+0x55/0x3c0
[  580.537170]  alloc_fdtable+0x7e/0x270
[  580.537185]  dup_fd+0x718/0xca0
[  580.537206]  copy_process+0x1c74/0x6d40
[  580.537225]  ? lock_is_held_type+0xd7/0x130
[  580.537239]  ? find_held_lock+0x2c/0x110
[  580.537266]  ? __cleanup_sighand+0xb0/0xb0
[  580.537290]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.537306]  ? _copy_from_user+0x139/0x170
[  580.537323]  ? kernel_clone+0x2f8/0xa60
[  580.537343]  kernel_clone+0xe7/0xa60
23:02:38 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22)

[  580.537361]  ? lock_is_held_type+0xd7/0x130
[  580.537375]  ? copy_init_mm+0x20/0x20
[  580.537402]  ? lock_is_held_type+0xd7/0x130
[  580.537420]  __do_sys_clone3+0x1c9/0x2d0
[  580.537438]  ? __ia32_sys_clone+0x150/0x150
[  580.537467]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.537483]  ? vfs_write+0x188/0xae0
[  580.537501]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.537518]  ? fput+0x2a/0x50
[  580.537539]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.537558]  do_syscall_64+0x3b/0x90
[  580.537578]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.537591] RIP: 0033:0x7f37c9f3ab19
[  580.537600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.537612] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.537626] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  580.537634] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.537643] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
23:02:38 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 13)

[  580.537650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.537658] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  580.537679]  </TASK>
23:02:38 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfe80, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:38 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan1\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {0x24}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x1c}}, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r5, 0x1269, r6)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r7=>r6, {0x226}}, './file0\x00'})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r8)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="83bf94f6d69e84849cccc220145acd204f304ec5b1c9db868af2544ddb76f8775288f1454b707d8426ee3e4941aa651ad7868fd4fa29c554bf8e0c76cbda454d84a84284ee44688ac91eebdc19f01412f884c7f9b36e49ca73432c145cae8b2c7dcb94bad6522fdc2a45cbf505b0776e2c8c548057b731361f9adfd0a8d5d975682603b7033228cb1e14e54ded44558cc66e338e6ce536c826326129806c3485a932530669918c67acb22c7857e11f58423ef61762fd21d6f963e220b23554e8853e82953a", @ANYRES16=r9, @ANYBLOB="080029bd7000ffdbdf251f0000000a0001007770616e30000000"], 0x20}, 0x1, 0x0, 0x0, 0x40001}, 0x4000)
ioctl$SG_GET_KEEP_ORPHAN(r7, 0x2288, &(0x7f0000000080))

23:02:38 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 13)

[  580.635673] FAULT_INJECTION: forcing a failure.
[  580.635673] name failslab, interval 1, probability 0, space 0, times 0
[  580.636875] CPU: 0 PID: 5675 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.637755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.638924] Call Trace:
[  580.639190]  <TASK>
[  580.639425]  dump_stack_lvl+0x8b/0xb3
[  580.639833]  should_fail.cold+0x5/0xa
[  580.640284]  ? create_object.isra.0+0x3a/0xa20
[  580.640800]  should_failslab+0x5/0x10
[  580.641209]  kmem_cache_alloc+0x5b/0x480
[  580.641645]  create_object.isra.0+0x3a/0xa20
[  580.642110]  ? kasan_unpoison+0x23/0x50
[  580.642539]  kmem_cache_alloc_trace+0x22e/0x3c0
[  580.643029]  alloc_fdtable+0x7e/0x270
[  580.643433]  dup_fd+0x718/0xca0
[  580.643783]  copy_process+0x1c74/0x6d40
[  580.644211]  ? lock_is_held_type+0xd7/0x130
[  580.644658]  ? find_held_lock+0x2c/0x110
[  580.645094]  ? __cleanup_sighand+0xb0/0xb0
[  580.645550]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.646139]  ? _copy_from_user+0x139/0x170
[  580.646584]  ? kernel_clone+0x2f8/0xa60
[  580.647008]  kernel_clone+0xe7/0xa60
[  580.647411]  ? lock_is_held_type+0xd7/0x130
[  580.647899]  ? copy_init_mm+0x20/0x20
[  580.648320]  ? lock_is_held_type+0xd7/0x130
[  580.648770]  __do_sys_clone3+0x1c9/0x2d0
[  580.649211]  ? __ia32_sys_clone+0x150/0x150
[  580.649671]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.650250]  ? vfs_write+0x188/0xae0
[  580.650641]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.651226]  ? fput+0x2a/0x50
[  580.651565]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.652108]  do_syscall_64+0x3b/0x90
[  580.652531]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.653089] RIP: 0033:0x7f37c9f3ab19
[  580.653481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.655403] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.656206] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  580.656954] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.657706] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  580.658449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.659191] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  580.659934]  </TASK>
[  580.665876] FAULT_INJECTION: forcing a failure.
[  580.665876] name failslab, interval 1, probability 0, space 0, times 0
[  580.667101] CPU: 0 PID: 5678 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.667969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.669173] Call Trace:
[  580.669443]  <TASK>
[  580.669682]  dump_stack_lvl+0x8b/0xb3
[  580.670097]  should_fail.cold+0x5/0xa
[  580.670511]  ? create_object.isra.0+0x3a/0xa20
[  580.670998]  should_failslab+0x5/0x10
[  580.671432]  kmem_cache_alloc+0x5b/0x480
[  580.671901]  create_object.isra.0+0x3a/0xa20
[  580.672376]  ? kasan_unpoison+0x23/0x50
[  580.672810]  __kmalloc_node_track_caller+0x1fb/0x330
[  580.673367]  ? netlbl_mgmt_listdef+0xba/0x580
[  580.673843]  __alloc_skb+0xe3/0x340
[  580.674245]  netlbl_mgmt_listdef+0xba/0x580
[  580.674721]  genl_family_rcv_msg_doit+0x22d/0x330
[  580.675234]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  580.675935]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  580.676452]  ? genl_op_from_small+0x23/0x3c0
[  580.676913]  ? genl_get_cmd+0x3cf/0x480
[  580.677345]  genl_rcv_msg+0x33c/0x5a0
[  580.677757]  ? genl_get_cmd+0x480/0x480
[  580.678194]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  580.678731]  ? lock_release+0x6f0/0x6f0
[  580.679177]  netlink_rcv_skb+0x14b/0x430
[  580.679626]  ? genl_get_cmd+0x480/0x480
[  580.680064]  ? netlink_ack+0xa60/0xa60
[  580.680507]  ? netlink_deliver_tap+0x1b2/0xc30
[  580.680999]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  580.681582]  ? is_vmalloc_addr+0x7b/0xb0
[  580.682046]  genl_rcv+0x24/0x40
[  580.682412]  netlink_unicast+0x53a/0x7e0
[  580.682858]  ? netlink_attachskb+0x870/0x870
[  580.683335]  ? __virt_addr_valid+0xe9/0x310
[  580.683797]  netlink_sendmsg+0x904/0xdf0
[  580.684234]  ? netlink_unicast+0x7e0/0x7e0
[  580.684685]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.685278]  ? netlink_unicast+0x7e0/0x7e0
[  580.685727]  sock_sendmsg+0x150/0x190
[  580.686140]  ____sys_sendmsg+0x709/0x870
[  580.686566]  ? kernel_sendmsg+0x50/0x50
[  580.686985]  ? __ia32_sys_recvmmsg+0x260/0x260
[  580.687466]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  580.688020]  ? lock_release+0x3b2/0x6f0
[  580.688442]  ? __might_fault+0xd1/0x170
[  580.688879]  ___sys_sendmsg+0xf3/0x170
[  580.689309]  ? sendmsg_copy_msghdr+0x160/0x160
[  580.689791]  ? lock_release+0x3b2/0x6f0
[  580.690210]  ? lock_downgrade+0x6d0/0x6d0
[  580.690646]  ? lock_release+0x3b2/0x6f0
[  580.691068]  ? ksys_write+0x212/0x250
[  580.691469]  ? lock_downgrade+0x6d0/0x6d0
[  580.691913]  ? __fget_files+0x28d/0x470
[  580.692341]  ? __fget_light+0xea/0x280
[  580.692750]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.693351]  __sys_sendmsg+0xe5/0x1b0
[  580.693759]  ? __sys_sendmsg_sock+0x30/0x30
[  580.694248]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.694852]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.695419]  do_syscall_64+0x3b/0x90
[  580.695824]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.696402] RIP: 0033:0x7f54fbbc7b19
[  580.696806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.698860] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  580.699657] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  580.700407] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  580.701167] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  580.701911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.702650] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  580.703409]  </TASK>
[  580.705046] FAULT_INJECTION: forcing a failure.
[  580.705046] name failslab, interval 1, probability 0, space 0, times 0
[  580.707198] CPU: 1 PID: 5680 Comm: syz-executor.6 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.708634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.710556] Call Trace:
[  580.710986]  <TASK>
[  580.711364]  dump_stack_lvl+0x8b/0xb3
[  580.712028]  should_fail.cold+0x5/0xa
[  580.712695]  should_failslab+0x5/0x10
[  580.713357]  __kmalloc_node_track_caller+0x7e/0x330
[  580.714214]  ? netlbl_mgmt_listdef+0xba/0x580
[  580.714988]  __alloc_skb+0xe3/0x340
[  580.715604]  netlbl_mgmt_listdef+0xba/0x580
[  580.716340]  genl_family_rcv_msg_doit+0x22d/0x330
[  580.717185]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  580.718311]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  580.719165]  ? genl_op_from_small+0x23/0x3c0
[  580.719924]  ? genl_get_cmd+0x3cf/0x480
[  580.720623]  genl_rcv_msg+0x33c/0x5a0
[  580.721305]  ? genl_get_cmd+0x480/0x480
[  580.722000]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  580.722842]  ? lock_release+0x6f0/0x6f0
[  580.723547]  netlink_rcv_skb+0x14b/0x430
[  580.724255]  ? genl_get_cmd+0x480/0x480
[  580.724943]  ? netlink_ack+0xa60/0xa60
[  580.725629]  ? netlink_deliver_tap+0x1b2/0xc30
[  580.726415]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  580.727274]  ? is_vmalloc_addr+0x7b/0xb0
[  580.727996]  genl_rcv+0x24/0x40
[  580.728569]  netlink_unicast+0x53a/0x7e0
[  580.729320]  ? netlink_attachskb+0x870/0x870
[  580.730083]  ? __virt_addr_valid+0xe9/0x310
[  580.730854]  netlink_sendmsg+0x904/0xdf0
[  580.731588]  ? netlink_unicast+0x7e0/0x7e0
[  580.732356]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.733315]  ? netlink_unicast+0x7e0/0x7e0
[  580.734058]  sock_sendmsg+0x150/0x190
[  580.734705]  ____sys_sendmsg+0x709/0x870
[  580.735392]  ? kernel_sendmsg+0x50/0x50
[  580.736070]  ? __ia32_sys_recvmmsg+0x260/0x260
[  580.736866]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  580.737769]  ? lock_release+0x3b2/0x6f0
[  580.738452]  ? __might_fault+0xd1/0x170
[  580.739138]  ___sys_sendmsg+0xf3/0x170
[  580.739796]  ? sendmsg_copy_msghdr+0x160/0x160
[  580.740563]  ? lock_release+0x3b2/0x6f0
[  580.741262]  ? lock_downgrade+0x6d0/0x6d0
[  580.741959]  ? lock_release+0x3b2/0x6f0
[  580.742664]  ? ksys_write+0x212/0x250
[  580.743328]  ? lock_downgrade+0x6d0/0x6d0
[  580.744023]  ? __fget_files+0x28d/0x470
[  580.744702]  ? __fget_light+0xea/0x280
[  580.745363]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.746279]  __sys_sendmsg+0xe5/0x1b0
[  580.746940]  ? __sys_sendmsg_sock+0x30/0x30
[  580.747691]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.748666]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.749562]  do_syscall_64+0x3b/0x90
[  580.750216]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.751070] RIP: 0033:0x7efdec8bab19
[  580.751704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.754767] RSP: 002b:00007efde9e30188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  580.756141] RAX: ffffffffffffffda RBX: 00007efdec9cdf60 RCX: 00007efdec8bab19
[  580.757497] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  580.758746] RBP: 00007efde9e301d0 R08: 0000000000000000 R09: 0000000000000000
[  580.760011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.761281] R13: 00007ffebd4ac02f R14: 00007efde9e30300 R15: 0000000000022000
[  580.762533]  </TASK>
23:02:38 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfec0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:38 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13)

[  580.789737] FAULT_INJECTION: forcing a failure.
[  580.789737] name failslab, interval 1, probability 0, space 0, times 0
[  580.791046] CPU: 0 PID: 5686 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  580.791942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  580.793172] Call Trace:
[  580.793453]  <TASK>
[  580.793691]  dump_stack_lvl+0x8b/0xb3
[  580.794122]  should_fail.cold+0x5/0xa
[  580.794552]  ? __register_sysctl_table+0x112/0x1090
[  580.795103]  should_failslab+0x5/0x10
[  580.795517]  __kmalloc+0x72/0x330
[  580.795883]  ? lock_downgrade+0x6d0/0x6d0
[  580.796343]  __register_sysctl_table+0x112/0x1090
[  580.796862]  ? proc_sys_evict_inode+0x180/0x180
[  580.797375]  ? trace_kmalloc+0x29/0xd0
[  580.797778]  ? __kmalloc_track_caller+0x1a5/0x310
[  580.798283]  ? setup_userns_sysctls+0x4d/0x180
[  580.798759]  ? memcpy+0x39/0x60
[  580.799132]  setup_userns_sysctls+0xc2/0x180
[  580.799613]  create_user_ns+0x8e5/0xd80
[  580.800062]  copy_creds+0x53d/0x930
[  580.800475]  copy_process+0x10d5/0x6d40
[  580.800915]  ? lock_is_held_type+0xd7/0x130
[  580.801396]  ? find_held_lock+0x2c/0x110
[  580.801839]  ? lock_release+0x3b2/0x6f0
[  580.802264]  ? __might_fault+0xd1/0x170
[  580.802712]  ? __cleanup_sighand+0xb0/0xb0
[  580.803184]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  580.803760]  ? _copy_from_user+0x139/0x170
[  580.804235]  ? kernel_clone+0x2f8/0xa60
[  580.804682]  kernel_clone+0xe7/0xa60
[  580.805092]  ? lock_is_held_type+0xd7/0x130
[  580.805556]  ? copy_init_mm+0x20/0x20
[  580.805991]  ? lock_is_held_type+0xd7/0x130
[  580.806470]  __do_sys_clone3+0x1c9/0x2d0
[  580.806922]  ? __ia32_sys_clone+0x150/0x150
[  580.807408]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  580.808016]  ? vfs_write+0x188/0xae0
[  580.808429]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  580.809030]  ? fput+0x2a/0x50
[  580.809376]  ? syscall_enter_from_user_mode+0x1d/0x50
[  580.809952]  do_syscall_64+0x3b/0x90
[  580.810368]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  580.810928] RIP: 0033:0x7fc730828b19
[  580.811334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  580.813335] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  580.814156] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  580.814926] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  580.815696] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  580.816464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  580.817252] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  580.818044]  </TASK>
[  594.135457] FAULT_INJECTION: forcing a failure.
[  594.135457] name failslab, interval 1, probability 0, space 0, times 0
[  594.136700] CPU: 1 PID: 5698 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  594.137589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  594.138784] Call Trace:
[  594.139052]  <TASK>
[  594.139293]  dump_stack_lvl+0x8b/0xb3
[  594.139714]  should_fail.cold+0x5/0xa
[  594.140126]  should_failslab+0x5/0x10
[  594.140535]  __kmalloc_node_track_caller+0x7e/0x330
[  594.141077]  ? netlink_trim+0x1ea/0x240
[  594.141520]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[  594.142058]  pskb_expand_head+0x15d/0x1100
[  594.142512]  ? nla_put+0xfe/0x130
[  594.142889]  netlink_trim+0x1ea/0x240
[  594.143291]  netlink_unicast+0xb9/0x7e0
[  594.143716]  ? netlbl_mgmt_listdef+0x1da/0x580
[  594.144201]  ? lock_downgrade+0x6d0/0x6d0
[  594.144661]  ? netlink_attachskb+0x870/0x870
[  594.145149]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.145783]  netlbl_mgmt_listdef+0x34f/0x580
[  594.146272]  genl_family_rcv_msg_doit+0x22d/0x330
[  594.146808]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  594.147535]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  594.148079]  ? genl_op_from_small+0x23/0x3c0
[  594.148566]  ? genl_get_cmd+0x3cf/0x480
[  594.149013]  genl_rcv_msg+0x33c/0x5a0
[  594.149451]  ? genl_get_cmd+0x480/0x480
[  594.149888]  ? netlbl_mgmt_listall_cb+0x390/0x390
[  594.150428]  ? lock_release+0x6f0/0x6f0
[  594.150874]  netlink_rcv_skb+0x14b/0x430
[  594.151304]  ? genl_get_cmd+0x480/0x480
[  594.151744]  ? netlink_ack+0xa60/0xa60
[  594.152184]  ? netlink_deliver_tap+0x1b2/0xc30
[  594.152686]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  594.153231]  ? is_vmalloc_addr+0x7b/0xb0
[  594.153702]  genl_rcv+0x24/0x40
[  594.154072]  netlink_unicast+0x53a/0x7e0
[  594.154523]  ? netlink_attachskb+0x870/0x870
[  594.155003]  ? __virt_addr_valid+0xe9/0x310
[  594.155492]  netlink_sendmsg+0x904/0xdf0
[  594.155924]  ? netlink_unicast+0x7e0/0x7e0
[  594.156407]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.157011]  ? netlink_unicast+0x7e0/0x7e0
[  594.157498]  sock_sendmsg+0x150/0x190
[  594.157923]  ____sys_sendmsg+0x709/0x870
[  594.158380]  ? kernel_sendmsg+0x50/0x50
[  594.158815]  ? __ia32_sys_recvmmsg+0x260/0x260
[  594.159318]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  594.159896]  ? lock_release+0x3b2/0x6f0
[  594.160335]  ? __might_fault+0xd1/0x170
[  594.160782]  ___sys_sendmsg+0xf3/0x170
[  594.161217]  ? sendmsg_copy_msghdr+0x160/0x160
[  594.161706]  ? lock_release+0x3b2/0x6f0
[  594.162156]  ? lock_downgrade+0x6d0/0x6d0
[  594.162615]  ? lock_release+0x3b2/0x6f0
[  594.163049]  ? ksys_write+0x212/0x250
[  594.163470]  ? lock_downgrade+0x6d0/0x6d0
[  594.163930]  ? __fget_files+0x28d/0x470
[  594.164380]  ? __fget_light+0xea/0x280
[  594.164808]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  594.165430]  __sys_sendmsg+0xe5/0x1b0
[  594.165836]  ? __sys_sendmsg_sock+0x30/0x30
[  594.166312]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.166924]  ? syscall_enter_from_user_mode+0x1d/0x50
[  594.167491]  do_syscall_64+0x3b/0x90
[  594.167908]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  594.168467] RIP: 0033:0x7f54fbbc7b19
[  594.168873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  594.170896] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  594.171723] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  594.172512] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  594.173292] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  594.174090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  594.174866] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  594.175662]  </TASK>
[  594.178627] FAULT_INJECTION: forcing a failure.
[  594.178627] name failslab, interval 1, probability 0, space 0, times 0
[  594.179932] CPU: 1 PID: 5707 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  594.180831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  594.182080] Call Trace:
[  594.182372]  <TASK>
[  594.182616]  dump_stack_lvl+0x8b/0xb3
[  594.183043]  should_fail.cold+0x5/0xa
[  594.183471]  ? create_object.isra.0+0x3a/0xa20
[  594.183978]  should_failslab+0x5/0x10
[  594.184391]  kmem_cache_alloc+0x5b/0x480
[  594.184841]  create_object.isra.0+0x3a/0xa20
[  594.185327]  ? kasan_unpoison+0x23/0x50
[  594.185772]  __kmalloc_node+0x201/0x360
[  594.186223]  kvmalloc_node+0x3e/0x100
[  594.186646]  alloc_fdtable+0xcd/0x270
[  594.187066]  dup_fd+0x718/0xca0
[  594.187435]  copy_process+0x1c74/0x6d40
[  594.187879]  ? lock_is_held_type+0xd7/0x130
[  594.188351]  ? find_held_lock+0x2c/0x110
[  594.188812]  ? __cleanup_sighand+0xb0/0xb0
[  594.189290]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  594.189907]  ? _copy_from_user+0x139/0x170
[  594.190379]  ? kernel_clone+0x2f8/0xa60
[  594.190830]  kernel_clone+0xe7/0xa60
[  594.191245]  ? lock_is_held_type+0xd7/0x130
[  594.191717]  ? copy_init_mm+0x20/0x20
[  594.192157]  ? lock_is_held_type+0xd7/0x130
[  594.192631]  __do_sys_clone3+0x1c9/0x2d0
[  594.193083]  ? __ia32_sys_clone+0x150/0x150
[  594.193570]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.194176]  ? vfs_write+0x188/0xae0
[  594.194591]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  594.195197]  ? fput+0x2a/0x50
[  594.195553]  ? syscall_enter_from_user_mode+0x1d/0x50
[  594.196126]  do_syscall_64+0x3b/0x90
[  594.196543]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  594.197108] RIP: 0033:0x7f3d8a0d9b19
[  594.197527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  594.199539] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  594.200370] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  594.201148] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  594.201947] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  594.202746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  594.203531] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  594.204326]  </TASK>
[  594.212273] FAULT_INJECTION: forcing a failure.
[  594.212273] name failslab, interval 1, probability 0, space 0, times 0
[  594.213551] CPU: 1 PID: 5712 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  594.214432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  594.215635] Call Trace:
[  594.215906]  <TASK>
[  594.216146]  dump_stack_lvl+0x8b/0xb3
[  594.216566]  should_fail.cold+0x5/0xa
[  594.216967]  ? create_object.isra.0+0x3a/0xa20
[  594.217478]  should_failslab+0x5/0x10
[  594.217883]  kmem_cache_alloc+0x5b/0x480
[  594.218327]  create_object.isra.0+0x3a/0xa20
[  594.218795]  ? kasan_unpoison+0x23/0x50
[  594.219238]  __kmalloc+0x1ed/0x330
[  594.219622]  __register_sysctl_table+0x112/0x1090
[  594.220154]  ? proc_sys_evict_inode+0x180/0x180
[  594.220647]  ? trace_kmalloc+0x29/0xd0
[  594.221058]  ? __kmalloc_track_caller+0x1a5/0x310
[  594.221580]  ? setup_userns_sysctls+0x4d/0x180
[  594.222074]  ? memcpy+0x39/0x60
[  594.222425]  setup_userns_sysctls+0xc2/0x180
[  594.222908]  create_user_ns+0x8e5/0xd80
[  594.223357]  copy_creds+0x53d/0x930
[  594.223752]  copy_process+0x10d5/0x6d40
[  594.224192]  ? lock_is_held_type+0xd7/0x130
[  594.224655]  ? find_held_lock+0x2c/0x110
[  594.225091]  ? lock_release+0x3b2/0x6f0
[  594.225542]  ? __might_fault+0xd1/0x170
[  594.225986]  ? __cleanup_sighand+0xb0/0xb0
[  594.226456]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  594.227035]  ? _copy_from_user+0x139/0x170
[  594.227476]  ? kernel_clone+0x2f8/0xa60
[  594.227908]  kernel_clone+0xe7/0xa60
[  594.228325]  ? lock_is_held_type+0xd7/0x130
[  594.228792]  ? copy_init_mm+0x20/0x20
[  594.229216]  ? lock_is_held_type+0xd7/0x130
[  594.229706]  __do_sys_clone3+0x1c9/0x2d0
[  594.230150]  ? __ia32_sys_clone+0x150/0x150
23:02:52 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0)
close(r2)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)

23:02:52 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {0xffffffffffffffff, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:02:52 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 14)

23:02:52 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24)

23:02:52 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 14)

23:02:52 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xff00, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:02:52 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14)

23:02:52 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23)

[  594.230628]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.231551]  ? vfs_write+0x188/0xae0
[  594.231993]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  594.232588]  ? fput+0x2a/0x50
[  594.232938]  ? syscall_enter_from_user_mode+0x1d/0x50
[  594.233517]  do_syscall_64+0x3b/0x90
[  594.233915]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  594.234480] RIP: 0033:0x7fc730828b19
[  594.234865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  594.236859] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  594.237687] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  594.238432] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  594.239186] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  594.239935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  594.240708] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  594.241484]  </TASK>
[  594.244623] FAULT_INJECTION: forcing a failure.
[  594.244623] name failslab, interval 1, probability 0, space 0, times 0
[  594.245840] CPU: 1 PID: 5714 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  594.246700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  594.247906] Call Trace:
[  594.248178]  <TASK>
[  594.248420]  dump_stack_lvl+0x8b/0xb3
[  594.248828]  should_fail.cold+0x5/0xa
[  594.249248]  ? kvmalloc_node+0x3e/0x100
[  594.249690]  should_failslab+0x5/0x10
[  594.250093]  __kmalloc_node+0x76/0x360
[  594.250507]  kvmalloc_node+0x3e/0x100
[  594.250917]  alloc_fdtable+0xcd/0x270
[  594.251328]  dup_fd+0x718/0xca0
[  594.251685]  copy_process+0x1c74/0x6d40
23:02:52 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfc000000, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  594.252137]  ? lock_is_held_type+0xd7/0x130
[  594.252782]  ? find_held_lock+0x2c/0x110
[  594.253226]  ? __cleanup_sighand+0xb0/0xb0
[  594.253691]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  594.254269]  ? _copy_from_user+0x139/0x170
[  594.254714]  ? kernel_clone+0x2f8/0xa60
[  594.255134]  kernel_clone+0xe7/0xa60
[  594.255534]  ? lock_is_held_type+0xd7/0x130
[  594.255991]  ? copy_init_mm+0x20/0x20
[  594.256406]  ? lock_is_held_type+0xd7/0x130
[  594.256865]  __do_sys_clone3+0x1c9/0x2d0
[  594.257292]  ? __ia32_sys_clone+0x150/0x150
[  594.257765]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  594.258341]  ? vfs_write+0x188/0xae0
[  594.258733]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  594.259312]  ? fput+0x2a/0x50
[  594.259650]  ? syscall_enter_from_user_mode+0x1d/0x50
[  594.260201]  do_syscall_64+0x3b/0x90
[  594.260596]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  594.261136] RIP: 0033:0x7f37c9f3ab19
[  594.261537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  594.263537] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  594.264383] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  594.265163] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  594.265952] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  594.266732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  594.267507] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  594.268296]  </TASK>
23:03:04 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfd000000, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:03:04 executing program 5:
sched_getattr(0x0, &(0x7f0000000280)={0x38}, 0x38, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000180)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@ethernet={0x0, @broadcast}, &(0x7f00000000c0)=0x80, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000240), 0xffffffff, 0x440000)
ioctl$HIDIOCGDEVINFO(r5, 0x801c4803, &(0x7f0000000840)=""/4096)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r4)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000002c0)={@broadcast, @broadcast}, &(0x7f00000004c0)=0xc)
sendmsg$IPSET_CMD_TEST(r4, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="e00100000b060300000000000000000007000001500008801c0007801800148014000240fc0200000000000000000000000000000c000780060004404e2200000c00078008001c40000000050c00078008000840519bf8c10c00078008000640000000074000078006001d400005000008001a004029240006001d407fff000006001d4080010000060004404e21000014001700766c616e3100000000000000000000004c0008800c00078008001c4000004bb40c00078008000840000000000c00078008000840000000050c00078008001c40000000010c00078008000840000000800c0007800500030000000000050001000700000008000940000000040500010007000000380008801c0007801800148014000240fe8000000000170074756e6c300000000000000000000000100007800c0019400000000000000005680008800c0007800600054000020000100007800c000280080001400a010101100007800900120073797a3200000000100007800900130073797a31000000000c00078008000a40000000401c000780180002801400024020010000000000000000000000000002280007800c001b000001011800168014000240fc00"/475], 0x1e0}, 0x1, 0x0, 0x0, 0x24000080}, 0x10)

23:03:04 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 15)

[  606.691084] FAULT_INJECTION: forcing a failure.
[  606.691084] name failslab, interval 1, probability 0, space 0, times 0
[  606.692440] CPU: 0 PID: 5731 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.693347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.694602] Call Trace:
[  606.694888]  <TASK>
[  606.694990] FAULT_INJECTION: forcing a failure.
[  606.694990] name failslab, interval 1, probability 0, space 0, times 0
[  606.695140]  dump_stack_lvl+0x8b/0xb3
[  606.695170]  should_fail.cold+0x5/0xa
[  606.695189]  ? kvmalloc_node+0x3e/0x100
[  606.698729]  should_failslab+0x5/0x10
[  606.699143]  __kmalloc_node+0x76/0x360
[  606.699579]  kvmalloc_node+0x3e/0x100
[  606.699996]  alloc_fdtable+0x139/0x270
[  606.700424]  dup_fd+0x718/0xca0
[  606.700789]  copy_process+0x1c74/0x6d40
[  606.701231]  ? lock_is_held_type+0xd7/0x130
[  606.701720]  ? find_held_lock+0x2c/0x110
[  606.702174]  ? __cleanup_sighand+0xb0/0xb0
[  606.702637]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.703234]  ? _copy_from_user+0x139/0x170
[  606.703682]  ? kernel_clone+0x2f8/0xa60
[  606.704132]  kernel_clone+0xe7/0xa60
[  606.704525]  ? lock_is_held_type+0xd7/0x130
[  606.705006]  ? copy_init_mm+0x20/0x20
[  606.705419]  ? lock_is_held_type+0xd7/0x130
[  606.705916]  __do_sys_clone3+0x1c9/0x2d0
[  606.706367]  ? __ia32_sys_clone+0x150/0x150
[  606.706856]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.707458]  ? vfs_write+0x188/0xae0
[  606.707874]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  606.708476]  ? fput+0x2a/0x50
[  606.708828]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.709398]  do_syscall_64+0x3b/0x90
[  606.709821]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.710388] RIP: 0033:0x7f3d8a0d9b19
[  606.710794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.712814] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  606.713655] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  606.714441] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  606.715215] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  606.715986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.716766] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  606.717581]  </TASK>
[  606.717840] CPU: 1 PID: 5729 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.719571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.721948] Call Trace:
[  606.722486]  <TASK>
[  606.722953]  dump_stack_lvl+0x8b/0xb3
[  606.723780]  should_fail.cold+0x5/0xa
[  606.724592]  ? create_object.isra.0+0x3a/0xa20
[  606.725572]  should_failslab+0x5/0x10
[  606.726366]  kmem_cache_alloc+0x5b/0x480
[  606.727227]  create_object.isra.0+0x3a/0xa20
23:03:04 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25)

23:03:04 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:04 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15)

23:03:04 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24)

23:03:04 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  606.728279]  ? kasan_unpoison+0x23/0x50
[  606.729220]  __kmalloc_node_track_caller+0x1fb/0x330
[  606.730337]  ? netlink_trim+0x1ea/0x240
[  606.731147]  pskb_expand_head+0x15d/0x1100
[  606.732044]  ? nla_put+0xfe/0x130
[  606.732786]  netlink_trim+0x1ea/0x240
[  606.733608]  netlink_unicast+0xb9/0x7e0
[  606.734442]  ? netlbl_mgmt_listdef+0x1da/0x580
[  606.735404]  ? lock_downgrade+0x6d0/0x6d0
[  606.736276]  ? netlink_attachskb+0x870/0x870
[  606.737214]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.738379]  netlbl_mgmt_listdef+0x34f/0x580
[  606.739312]  genl_family_rcv_msg_doit+0x22d/0x330
[  606.740317]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  606.741709]  ? mutex_lock_io_nested+0x12c0/0x12c0
[  606.742730]  ? genl_op_from_small+0x23/0x3c0
[  606.743663]  ? genl_get_cmd+0x3cf/0x480
[  606.744565]  genl_rcv_msg+0x33c/0x5a0
[  606.745422]  ? genl_get_cmd+0x480/0x480
[  606.746327]  ? netlbl_mgmt_listall_cb+0x390/0x390
23:03:04 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26)

[  606.747404]  ? lock_release+0x6f0/0x6f0
[  606.748354]  netlink_rcv_skb+0x14b/0x430
[  606.749261]  ? genl_get_cmd+0x480/0x480
[  606.750182]  ? netlink_ack+0xa60/0xa60
[  606.751061]  ? netlink_deliver_tap+0x1b2/0xc30
[  606.752065]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  606.753164]  ? is_vmalloc_addr+0x7b/0xb0
[  606.754089]  genl_rcv+0x24/0x40
[  606.754826]  netlink_unicast+0x53a/0x7e0
[  606.755734]  ? netlink_attachskb+0x870/0x870
[  606.756702]  ? __virt_addr_valid+0xe9/0x310
[  606.757692]  netlink_sendmsg+0x904/0xdf0
[  606.758559]  ? netlink_unicast+0x7e0/0x7e0
[  606.759507]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.760710]  ? netlink_unicast+0x7e0/0x7e0
[  606.761672]  sock_sendmsg+0x150/0x190
[  606.762519]  ____sys_sendmsg+0x709/0x870
[  606.763424]  ? kernel_sendmsg+0x50/0x50
[  606.764300]  ? __ia32_sys_recvmmsg+0x260/0x260
23:03:04 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfdffffff, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  606.765380]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  606.766576]  ? lock_release+0x3b2/0x6f0
[  606.767454]  ? __might_fault+0xd1/0x170
[  606.768356]  ___sys_sendmsg+0xf3/0x170
[  606.769219]  ? sendmsg_copy_msghdr+0x160/0x160
[  606.770248]  ? lock_release+0x3b2/0x6f0
[  606.771129]  ? lock_downgrade+0x6d0/0x6d0
[  606.772044]  ? lock_release+0x3b2/0x6f0
[  606.772922]  ? ksys_write+0x212/0x250
[  606.773792]  ? lock_downgrade+0x6d0/0x6d0
[  606.774717]  ? __fget_files+0x28d/0x470
[  606.775582]  ? __fget_light+0xea/0x280
[  606.775596] FAULT_INJECTION: forcing a failure.
[  606.775596] name failslab, interval 1, probability 0, space 0, times 0
[  606.778861]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.780086]  __sys_sendmsg+0xe5/0x1b0
[  606.780933]  ? __sys_sendmsg_sock+0x30/0x30
[  606.781907]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.783137]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.784287]  do_syscall_64+0x3b/0x90
[  606.785119]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.786266] RIP: 0033:0x7f54fbbc7b19
[  606.787080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.791081] RSP: 002b:00007f54f913d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  606.792737] RAX: ffffffffffffffda RBX: 00007f54fbcdaf60 RCX: 00007f54fbbc7b19
[  606.794300] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000004
[  606.795852] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  606.797407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.798976] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  606.800557]  </TASK>
[  606.801068] CPU: 0 PID: 5737 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.801997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.803213] Call Trace:
[  606.803493]  <TASK>
[  606.803733]  dump_stack_lvl+0x8b/0xb3
[  606.804162]  should_fail.cold+0x5/0xa
[  606.804581]  ? create_object.isra.0+0x3a/0xa20
[  606.805086]  should_failslab+0x5/0x10
[  606.805499]  kmem_cache_alloc+0x5b/0x480
[  606.805978]  create_object.isra.0+0x3a/0xa20
[  606.806470]  ? kasan_unpoison+0x23/0x50
[  606.806905]  __kmalloc_node+0x201/0x360
[  606.807338]  kvmalloc_node+0x3e/0x100
[  606.807748]  alloc_fdtable+0x139/0x270
[  606.808169]  dup_fd+0x718/0xca0
[  606.808538]  copy_process+0x1c74/0x6d40
[  606.808970]  ? lock_is_held_type+0xd7/0x130
[  606.809443]  ? find_held_lock+0x2c/0x110
[  606.809912]  ? __cleanup_sighand+0xb0/0xb0
[  606.810381]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.810975]  ? _copy_from_user+0x139/0x170
[  606.811432]  ? kernel_clone+0x2f8/0xa60
[  606.811868]  kernel_clone+0xe7/0xa60
[  606.812275]  ? lock_is_held_type+0xd7/0x130
[  606.812748]  ? copy_init_mm+0x20/0x20
[  606.813175]  ? lock_is_held_type+0xd7/0x130
[  606.813663]  __do_sys_clone3+0x1c9/0x2d0
[  606.814101]  ? __ia32_sys_clone+0x150/0x150
[  606.814578]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.815169]  ? vfs_write+0x188/0xae0
[  606.815574]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  606.816170]  ? fput+0x2a/0x50
[  606.816518]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.817079]  do_syscall_64+0x3b/0x90
[  606.817487]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.818050] RIP: 0033:0x7f3d8a0d9b19
[  606.818448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.820431] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  606.821248] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  606.822025] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  606.822804] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  606.823558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.824326] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  606.825107]  </TASK>
[  606.848955] FAULT_INJECTION: forcing a failure.
[  606.848955] name failslab, interval 1, probability 0, space 0, times 0
[  606.850391] CPU: 0 PID: 5746 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.851305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.852532] Call Trace:
[  606.852810]  <TASK>
[  606.853051]  dump_stack_lvl+0x8b/0xb3
[  606.853475]  should_fail.cold+0x5/0xa
[  606.853905]  ? create_object.isra.0+0x3a/0xa20
[  606.854406]  should_failslab+0x5/0x10
[  606.854817]  kmem_cache_alloc+0x5b/0x480
[  606.855264]  create_object.isra.0+0x3a/0xa20
[  606.855744]  ? kasan_unpoison+0x23/0x50
[  606.856182]  __kmalloc_node+0x201/0x360
[  606.856621]  kvmalloc_node+0x3e/0x100
[  606.857037]  alloc_fdtable+0xcd/0x270
[  606.857453]  dup_fd+0x718/0xca0
[  606.857838]  copy_process+0x1c74/0x6d40
[  606.858276]  ? lock_is_held_type+0xd7/0x130
[  606.858746]  ? find_held_lock+0x2c/0x110
[  606.858845] FAULT_INJECTION: forcing a failure.
[  606.858845] name failslab, interval 1, probability 0, space 0, times 0
[  606.859198]  ? __cleanup_sighand+0xb0/0xb0
[  606.859224]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.862674]  ? _copy_from_user+0x139/0x170
[  606.863141]  ? kernel_clone+0x2f8/0xa60
[  606.863590]  kernel_clone+0xe7/0xa60
[  606.864009]  ? lock_is_held_type+0xd7/0x130
[  606.864479]  ? copy_init_mm+0x20/0x20
[  606.864917]  ? lock_is_held_type+0xd7/0x130
[  606.865399]  __do_sys_clone3+0x1c9/0x2d0
[  606.865861]  ? __ia32_sys_clone+0x150/0x150
[  606.866348]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.866950]  ? vfs_write+0x188/0xae0
[  606.867361]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  606.867957]  ? fput+0x2a/0x50
[  606.868309]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.868875]  do_syscall_64+0x3b/0x90
[  606.869289]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.869859] RIP: 0033:0x7f37c9f3ab19
[  606.870267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.872246] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  606.873071] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  606.873851] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  606.874618] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  606.875381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.876147] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  606.876926]  </TASK>
[  606.877176] CPU: 1 PID: 5747 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.879003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.881470] Call Trace:
[  606.882059]  <TASK>
[  606.882556]  dump_stack_lvl+0x8b/0xb3
[  606.883426]  should_fail.cold+0x5/0xa
[  606.884280]  ? __register_sysctl_table+0x9e2/0x1090
[  606.885392]  should_failslab+0x5/0x10
[  606.886239]  __kmalloc+0x72/0x330
[  606.887003]  __register_sysctl_table+0x9e2/0x1090
[  606.888060]  ? proc_sys_evict_inode+0x180/0x180
[  606.889089]  ? trace_kmalloc+0x29/0xd0
[  606.889968]  ? __kmalloc_track_caller+0x1a5/0x310
[  606.891024]  ? setup_userns_sysctls+0x4d/0x180
[  606.892035]  ? memcpy+0x39/0x60
[  606.892784]  setup_userns_sysctls+0xc2/0x180
[  606.893771]  create_user_ns+0x8e5/0xd80
[  606.894669]  copy_creds+0x53d/0x930
23:03:04 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  606.895484]  copy_process+0x10d5/0x6d40
[  606.896496]  ? lock_is_held_type+0xd7/0x130
[  606.897392]  ? find_held_lock+0x2c/0x110
[  606.898262]  ? lock_release+0x3b2/0x6f0
[  606.899085]  ? __might_fault+0xd1/0x170
[  606.899929]  ? __cleanup_sighand+0xb0/0xb0
[  606.900822]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.901972]  ? _copy_from_user+0x139/0x170
[  606.902854]  ? kernel_clone+0x2f8/0xa60
[  606.903685]  kernel_clone+0xe7/0xa60
[  606.904464]  ? lock_is_held_type+0xd7/0x130
[  606.905357]  ? copy_init_mm+0x20/0x20
[  606.906195]  ? lock_is_held_type+0xd7/0x130
[  606.907095]  __do_sys_clone3+0x1c9/0x2d0
[  606.907957]  ? __ia32_sys_clone+0x150/0x150
[  606.908878]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.910058]  ? vfs_write+0x188/0xae0
[  606.910844]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  606.911999]  ? fput+0x2a/0x50
[  606.912676]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.913755]  do_syscall_64+0x3b/0x90
[  606.914534]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.915596] RIP: 0033:0x7fc730828b19
[  606.916357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.920120] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  606.921676] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  606.923130] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  606.924578] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  606.926048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.927499] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  606.928975]  </TASK>
[  606.929753] sysctl could not get directory: //user -12
[  606.930907] CPU: 1 PID: 5747 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  606.932591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  606.934916] Call Trace:
23:03:04 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x2, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  606.935446]  <TASK>
[  606.936067]  dump_stack_lvl+0x8b/0xb3
[  606.936877]  __register_sysctl_table+0xde7/0x1090
[  606.937910]  ? proc_sys_evict_inode+0x180/0x180
[  606.938876]  ? trace_kmalloc+0x29/0xd0
[  606.939681]  ? __kmalloc_track_caller+0x1a5/0x310
[  606.940677]  ? setup_userns_sysctls+0x4d/0x180
[  606.941636]  ? memcpy+0x39/0x60
[  606.942334]  setup_userns_sysctls+0xc2/0x180
[  606.943246]  create_user_ns+0x8e5/0xd80
[  606.944084]  copy_creds+0x53d/0x930
[  606.944854]  copy_process+0x10d5/0x6d40
[  606.945709]  ? lock_is_held_type+0xd7/0x130
[  606.946600]  ? find_held_lock+0x2c/0x110
[  606.947441]  ? lock_release+0x3b2/0x6f0
[  606.948266]  ? __might_fault+0xd1/0x170
[  606.949109]  ? __cleanup_sighand+0xb0/0xb0
23:03:04 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27)

[  606.950011]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  606.951268]  ? _copy_from_user+0x139/0x170
[  606.952153]  ? kernel_clone+0x2f8/0xa60
[  606.953004]  kernel_clone+0xe7/0xa60
[  606.953807]  ? lock_is_held_type+0xd7/0x130
[  606.954718]  ? copy_init_mm+0x20/0x20
[  606.955548]  ? lock_is_held_type+0xd7/0x130
[  606.956445]  __do_sys_clone3+0x1c9/0x2d0
[  606.957312]  ? __ia32_sys_clone+0x150/0x150
[  606.958248]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  606.959407]  ? vfs_write+0x188/0xae0
[  606.960192]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  606.961379]  ? fput+0x2a/0x50
[  606.962060]  ? syscall_enter_from_user_mode+0x1d/0x50
[  606.963186]  do_syscall_64+0x3b/0x90
[  606.964000]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  606.965071] RIP: 0033:0x7fc730828b19
[  606.965878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  606.969651] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  606.971262] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  606.972759] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  606.974255] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  606.975748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  606.977235] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  606.978777]  </TASK>
23:03:04 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfe800000, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:03:05 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25)

23:03:05 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x3, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  607.019432] FAULT_INJECTION: forcing a failure.
[  607.019432] name failslab, interval 1, probability 0, space 0, times 0
[  607.020743] CPU: 0 PID: 5757 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  607.021622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  607.022832] Call Trace:
[  607.023106]  <TASK>
[  607.023350]  dump_stack_lvl+0x8b/0xb3
[  607.023774]  should_fail.cold+0x5/0xa
[  607.024192]  ? copy_fs_struct+0x45/0x340
[  607.024638]  should_failslab+0x5/0x10
[  607.025035]  kmem_cache_alloc+0x5b/0x480
[  607.025490]  copy_fs_struct+0x45/0x340
[  607.025915]  ? copy_process+0x1d05/0x6d40
[  607.026370]  copy_process+0x3323/0x6d40
[  607.026804]  ? lock_is_held_type+0xd7/0x130
[  607.027278]  ? find_held_lock+0x2c/0x110
[  607.027719]  ? __cleanup_sighand+0xb0/0xb0
[  607.028189]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  607.028795]  ? _copy_from_user+0x139/0x170
[  607.029270]  ? kernel_clone+0x2f8/0xa60
[  607.029738]  kernel_clone+0xe7/0xa60
[  607.030163]  ? lock_is_held_type+0xd7/0x130
[  607.030628]  ? copy_init_mm+0x20/0x20
[  607.031057]  ? lock_is_held_type+0xd7/0x130
[  607.031537]  __do_sys_clone3+0x1c9/0x2d0
[  607.031985]  ? __ia32_sys_clone+0x150/0x150
[  607.032480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  607.033073]  ? vfs_write+0x188/0xae0
[  607.033496]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  607.034104]  ? fput+0x2a/0x50
[  607.034454]  ? syscall_enter_from_user_mode+0x1d/0x50
[  607.035015]  do_syscall_64+0x3b/0x90
[  607.035425]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  607.035986] RIP: 0033:0x7f3d8a0d9b19
[  607.036395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  607.038401] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  607.039223] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  607.039995] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  607.040772] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  607.041556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  607.042340] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  607.043115]  </TASK>
[  607.098014] FAULT_INJECTION: forcing a failure.
[  607.098014] name failslab, interval 1, probability 0, space 0, times 0
[  607.100574] CPU: 1 PID: 5765 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  607.102317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  607.104647] Call Trace:
[  607.105191]  <TASK>
[  607.105664]  dump_stack_lvl+0x8b/0xb3
[  607.106483]  should_fail.cold+0x5/0xa
[  607.107286]  ? kvmalloc_node+0x3e/0x100
[  607.108115]  should_failslab+0x5/0x10
[  607.108901]  __kmalloc_node+0x76/0x360
[  607.109746]  kvmalloc_node+0x3e/0x100
[  607.110540]  alloc_fdtable+0x139/0x270
[  607.111355]  dup_fd+0x718/0xca0
[  607.112058]  copy_process+0x1c74/0x6d40
[  607.112895]  ? lock_is_held_type+0xd7/0x130
[  607.113802]  ? find_held_lock+0x2c/0x110
[  607.114670]  ? __cleanup_sighand+0xb0/0xb0
[  607.115566]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  607.116709]  ? _copy_from_user+0x139/0x170
[  607.117604]  ? kernel_clone+0x2f8/0xa60
[  607.118449]  kernel_clone+0xe7/0xa60
[  607.119234]  ? lock_is_held_type+0xd7/0x130
[  607.120128]  ? copy_init_mm+0x20/0x20
[  607.120948]  ? lock_is_held_type+0xd7/0x130
[  607.121879]  __do_sys_clone3+0x1c9/0x2d0
[  607.122734]  ? __ia32_sys_clone+0x150/0x150
[  607.123662]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  607.124802]  ? vfs_write+0x188/0xae0
[  607.125598]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  607.126742]  ? fput+0x2a/0x50
[  607.127415]  ? syscall_enter_from_user_mode+0x1d/0x50
[  607.128495]  do_syscall_64+0x3b/0x90
[  607.129281]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  607.130360] RIP: 0033:0x7f37c9f3ab19
[  607.131124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  607.134914] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  607.136484] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  607.137962] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  607.139439] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  607.140899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  607.142381] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  607.143872]  </TASK>
[  618.414782] FAULT_INJECTION: forcing a failure.
[  618.414782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  618.416185] CPU: 0 PID: 5777 Comm: syz-executor.7 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.417074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.418332] Call Trace:
[  618.418610]  <TASK>
[  618.418845]  dump_stack_lvl+0x8b/0xb3
[  618.419278]  should_fail.cold+0x5/0xa
[  618.419698]  _copy_to_user+0x2e/0x150
23:03:16 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:03:16 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26)

23:03:16 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16)

23:03:16 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfec00000, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:03:16 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000000040)={0xe2, 0x2, 0x5})

23:03:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 16)

23:03:16 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28)

23:03:16 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  618.420122]  simple_read_from_buffer+0xcc/0x160
[  618.420867]  proc_fail_nth_read+0x194/0x220
[  618.421352]  ? proc_fault_inject_read+0x230/0x230
[  618.421894]  ? security_file_permission+0xb1/0xd0
[  618.422436]  ? proc_fault_inject_read+0x230/0x230
[  618.422962]  vfs_read+0x1b6/0x5f0
[  618.423355]  ksys_read+0x12d/0x250
[  618.423745]  ? __ia32_sys_pwrite64+0x230/0x230
[  618.424254]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.424828]  do_syscall_64+0x3b/0x90
[  618.425240]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.425813] RIP: 0033:0x7f54fbb7a69c
[  618.426228] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  618.428226] RSP: 002b:00007f54f913d170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  618.429061] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00007f54fbb7a69c
[  618.429850] RDX: 000000000000000f RSI: 00007f54f913d1e0 RDI: 0000000000000003
[  618.430625] RBP: 00007f54f913d1d0 R08: 0000000000000000 R09: 0000000000000000
[  618.431396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.432167] R13: 00007ffd64ee2c0f R14: 00007f54f913d300 R15: 0000000000022000
[  618.432954]  </TASK>
[  618.438688] FAULT_INJECTION: forcing a failure.
[  618.438688] name failslab, interval 1, probability 0, space 0, times 0
[  618.439946] CPU: 0 PID: 5782 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.440836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.442073] Call Trace:
[  618.442353]  <TASK>
[  618.442595]  dump_stack_lvl+0x8b/0xb3
[  618.443022]  should_fail.cold+0x5/0xa
[  618.443260] FAULT_INJECTION: forcing a failure.
[  618.443260] name failslab, interval 1, probability 0, space 0, times 0
[  618.443444]  ? create_object.isra.0+0x3a/0xa20
[  618.446147]  should_failslab+0x5/0x10
[  618.446565]  kmem_cache_alloc+0x5b/0x480
[  618.447014]  create_object.isra.0+0x3a/0xa20
[  618.447507]  ? kasan_unpoison+0x23/0x50
[  618.447949]  __kmalloc+0x1ed/0x330
[  618.448345]  __register_sysctl_table+0x9e2/0x1090
[  618.448882]  ? proc_sys_evict_inode+0x180/0x180
[  618.449402]  ? trace_kmalloc+0x29/0xd0
[  618.449835]  ? __kmalloc_track_caller+0x1a5/0x310
[  618.450368]  ? setup_userns_sysctls+0x4d/0x180
[  618.450869]  ? memcpy+0x39/0x60
[  618.451243]  setup_userns_sysctls+0xc2/0x180
[  618.451733]  create_user_ns+0x8e5/0xd80
[  618.452174]  copy_creds+0x53d/0x930
[  618.452578]  copy_process+0x10d5/0x6d40
[  618.453012]  ? lock_is_held_type+0xd7/0x130
[  618.453482]  ? find_held_lock+0x2c/0x110
[  618.453948]  ? lock_release+0x3b2/0x6f0
[  618.454380]  ? __might_fault+0xd1/0x170
[  618.454834]  ? __cleanup_sighand+0xb0/0xb0
[  618.455306]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.455902]  ? _copy_from_user+0x139/0x170
[  618.456373]  ? kernel_clone+0x2f8/0xa60
[  618.456817]  kernel_clone+0xe7/0xa60
[  618.457231]  ? lock_is_held_type+0xd7/0x130
[  618.457716]  ? copy_init_mm+0x20/0x20
[  618.458151]  ? lock_is_held_type+0xd7/0x130
[  618.458620]  __do_sys_clone3+0x1c9/0x2d0
[  618.459061]  ? __ia32_sys_clone+0x150/0x150
[  618.459546]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.460148]  ? vfs_write+0x188/0xae0
[  618.460567]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.461165]  ? fput+0x2a/0x50
[  618.461521]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.462096]  do_syscall_64+0x3b/0x90
[  618.462514]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.463070] RIP: 0033:0x7fc730828b19
[  618.463474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.465480] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.466318] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  618.467089] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.467866] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  618.468646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.469424] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  618.470219]  </TASK>
[  618.470478] CPU: 1 PID: 5778 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.472120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.474359] Call Trace:
[  618.474854]  <TASK>
[  618.475301]  dump_stack_lvl+0x8b/0xb3
[  618.476073]  should_fail.cold+0x5/0xa
[  618.476835]  ? create_object.isra.0+0x3a/0xa20
[  618.477765]  should_failslab+0x5/0x10
[  618.478490]  kmem_cache_alloc+0x5b/0x480
[  618.479293]  create_object.isra.0+0x3a/0xa20
[  618.480162]  ? kasan_unpoison+0x23/0x50
[  618.480971]  kmem_cache_alloc+0x239/0x480
[  618.481793]  copy_fs_struct+0x45/0x340
[  618.482560]  ? copy_process+0x1d05/0x6d40
[  618.483387]  copy_process+0x3323/0x6d40
[  618.484188]  ? lock_is_held_type+0xd7/0x130
[  618.485042]  ? find_held_lock+0x2c/0x110
[  618.485883]  ? __cleanup_sighand+0xb0/0xb0
[  618.486737]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.487815]  ? _copy_from_user+0x139/0x170
[  618.488650]  ? kernel_clone+0x2f8/0xa60
[  618.489441]  kernel_clone+0xe7/0xa60
[  618.490196]  ? lock_is_held_type+0xd7/0x130
[  618.491044]  ? copy_init_mm+0x20/0x20
[  618.491821]  ? lock_is_held_type+0xd7/0x130
[  618.492665]  __do_sys_clone3+0x1c9/0x2d0
[  618.493461]  ? __ia32_sys_clone+0x150/0x150
[  618.494360]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.495420]  ? vfs_write+0x188/0xae0
[  618.496151]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.497217]  ? fput+0x2a/0x50
[  618.497871]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.498893]  do_syscall_64+0x3b/0x90
[  618.499649]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.500681] RIP: 0033:0x7f3d8a0d9b19
[  618.501418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.505112] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.506653] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  618.508067] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.509476] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  618.510908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.512320] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  618.513763]  </TASK>
[  618.529693] FAULT_INJECTION: forcing a failure.
[  618.529693] name failslab, interval 1, probability 0, space 0, times 0
[  618.532301] CPU: 0 PID: 5790 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.532318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
23:03:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:16 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17)

23:03:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:16 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  618.532328] Call Trace:
[  618.532332]  <TASK>
[  618.532337]  dump_stack_lvl+0x8b/0xb3
[  618.532365]  should_fail.cold+0x5/0xa
[  618.532385]  ? create_object.isra.0+0x3a/0xa20
[  618.532409]  should_failslab+0x5/0x10
[  618.532421]  kmem_cache_alloc+0x5b/0x480
23:03:16 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27)

[  618.532441]  create_object.isra.0+0x3a/0xa20
[  618.532459]  ? kasan_unpoison+0x23/0x50
[  618.532481]  __kmalloc_node+0x201/0x360
[  618.532499]  kvmalloc_node+0x3e/0x100
[  618.532514]  alloc_fdtable+0x139/0x270
[  618.532529]  dup_fd+0x718/0xca0
[  618.532550]  copy_process+0x1c74/0x6d40
[  618.532569]  ? lock_is_held_type+0xd7/0x130
[  618.532584]  ? find_held_lock+0x2c/0x110
23:03:16 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xff000000, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  618.532611]  ? __cleanup_sighand+0xb0/0xb0
[  618.532634]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.532651]  ? _copy_from_user+0x139/0x170
[  618.532670]  ? kernel_clone+0x2f8/0xa60
23:03:16 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18)

23:03:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x2, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  618.532690]  kernel_clone+0xe7/0xa60
[  618.532708]  ? lock_is_held_type+0xd7/0x130
[  618.532722]  ? copy_init_mm+0x20/0x20
[  618.532749]  ? lock_is_held_type+0xd7/0x130
[  618.532767]  __do_sys_clone3+0x1c9/0x2d0
[  618.532785]  ? __ia32_sys_clone+0x150/0x150
[  618.532815]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.532831]  ? vfs_write+0x188/0xae0
[  618.532848]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.532865]  ? fput+0x2a/0x50
[  618.532886]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.532905]  do_syscall_64+0x3b/0x90
[  618.532925]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.532938] RIP: 0033:0x7f37c9f3ab19
[  618.532949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.532962] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.532976] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  618.532985] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.532993] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  618.533002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.533010] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  618.533031]  </TASK>
[  618.568445] FAULT_INJECTION: forcing a failure.
[  618.568445] name failslab, interval 1, probability 0, space 0, times 0
[  618.568467] CPU: 0 PID: 5796 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.568482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.568491] Call Trace:
[  618.568495]  <TASK>
[  618.568501]  dump_stack_lvl+0x8b/0xb3
[  618.568527]  should_fail.cold+0x5/0xa
[  618.568547]  ? alloc_ucounts+0x1bf/0x580
[  618.568562]  should_failslab+0x5/0x10
[  618.568575]  kmem_cache_alloc_trace+0x55/0x3c0
[  618.568594]  alloc_ucounts+0x1bf/0x580
[  618.568610]  ? get_ucounts+0x60/0x60
[  618.568622]  ? setup_userns_sysctls+0x103/0x180
[  618.568640]  set_cred_ucounts+0x163/0x320
[  618.568664]  copy_creds+0x55b/0x930
[  618.568684]  copy_process+0x10d5/0x6d40
[  618.568703]  ? lock_is_held_type+0xd7/0x130
[  618.568718]  ? find_held_lock+0x2c/0x110
[  618.568734]  ? lock_release+0x3b2/0x6f0
[  618.568749]  ? __might_fault+0xd1/0x170
[  618.568774]  ? __cleanup_sighand+0xb0/0xb0
[  618.568798]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.568815]  ? _copy_from_user+0x139/0x170
[  618.568834]  ? kernel_clone+0x2f8/0xa60
[  618.568853]  kernel_clone+0xe7/0xa60
[  618.568871]  ? lock_is_held_type+0xd7/0x130
[  618.568885]  ? copy_init_mm+0x20/0x20
[  618.568916]  ? lock_is_held_type+0xd7/0x130
[  618.568933]  __do_sys_clone3+0x1c9/0x2d0
[  618.568952]  ? __ia32_sys_clone+0x150/0x150
[  618.568981]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.568997]  ? vfs_write+0x188/0xae0
[  618.569015]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.569032]  ? fput+0x2a/0x50
[  618.569053]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.569073]  do_syscall_64+0x3b/0x90
[  618.569092]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.569106] RIP: 0033:0x7fc730828b19
[  618.569116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.569129] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.569143] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  618.569152] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.569160] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  618.569168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.569176] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  618.569197]  </TASK>
[  618.664619] FAULT_INJECTION: forcing a failure.
[  618.664619] name failslab, interval 1, probability 0, space 0, times 0
[  618.664643] CPU: 0 PID: 5807 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.664658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.664667] Call Trace:
[  618.664672]  <TASK>
[  618.664678]  dump_stack_lvl+0x8b/0xb3
[  618.664706]  should_fail.cold+0x5/0xa
[  618.664726]  ? create_object.isra.0+0x3a/0xa20
[  618.664748]  should_failslab+0x5/0x10
[  618.664761]  kmem_cache_alloc+0x5b/0x480
[  618.664781]  create_object.isra.0+0x3a/0xa20
[  618.664800]  ? kasan_unpoison+0x23/0x50
[  618.664821]  kmem_cache_alloc_trace+0x22e/0x3c0
[  618.664840]  alloc_ucounts+0x1bf/0x580
[  618.664857]  ? get_ucounts+0x60/0x60
[  618.664870]  ? setup_userns_sysctls+0x103/0x180
[  618.664889]  set_cred_ucounts+0x163/0x320
[  618.664912]  copy_creds+0x55b/0x930
[  618.664933]  copy_process+0x10d5/0x6d40
[  618.664951]  ? lock_is_held_type+0xd7/0x130
[  618.664966]  ? find_held_lock+0x2c/0x110
[  618.664983]  ? lock_release+0x3b2/0x6f0
[  618.664998]  ? __might_fault+0xd1/0x170
[  618.665023]  ? __cleanup_sighand+0xb0/0xb0
[  618.665047]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.665064]  ? _copy_from_user+0x139/0x170
[  618.665083]  ? kernel_clone+0x2f8/0xa60
[  618.665102]  kernel_clone+0xe7/0xa60
[  618.665120]  ? lock_is_held_type+0xd7/0x130
[  618.665135]  ? copy_init_mm+0x20/0x20
[  618.665165]  ? lock_is_held_type+0xd7/0x130
[  618.665183]  __do_sys_clone3+0x1c9/0x2d0
[  618.665202]  ? __ia32_sys_clone+0x150/0x150
[  618.665231]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.665248]  ? vfs_write+0x188/0xae0
[  618.665265]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.665282]  ? fput+0x2a/0x50
[  618.665303]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.665323]  do_syscall_64+0x3b/0x90
[  618.665342]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.665355] RIP: 0033:0x7fc730828b19
[  618.665366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.665379] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.665393] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  618.665402] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.665410] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  618.665419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.665427] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  618.665448]  </TASK>
[  618.683682] FAULT_INJECTION: forcing a failure.
[  618.683682] name failslab, interval 1, probability 0, space 0, times 0
[  618.683737] CPU: 1 PID: 5813 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  618.683767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  618.683787] Call Trace:
[  618.683794]  <TASK>
[  618.683803]  dump_stack_lvl+0x8b/0xb3
[  618.683850]  should_fail.cold+0x5/0xa
[  618.683888]  ? copy_fs_struct+0x45/0x340
[  618.683918]  should_failslab+0x5/0x10
[  618.683941]  kmem_cache_alloc+0x5b/0x480
[  618.683977]  copy_fs_struct+0x45/0x340
[  618.684003]  ? copy_process+0x1d05/0x6d40
[  618.684041]  copy_process+0x3323/0x6d40
[  618.684073]  ? lock_is_held_type+0xd7/0x130
[  618.684101]  ? find_held_lock+0x2c/0x110
[  618.684159]  ? __cleanup_sighand+0xb0/0xb0
[  618.684206]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  618.684241]  ? _copy_from_user+0x139/0x170
[  618.684274]  ? kernel_clone+0x2f8/0xa60
[  618.684311]  kernel_clone+0xe7/0xa60
[  618.684345]  ? lock_is_held_type+0xd7/0x130
[  618.684372]  ? copy_init_mm+0x20/0x20
[  618.684423]  ? lock_is_held_type+0xd7/0x130
[  618.684456]  __do_sys_clone3+0x1c9/0x2d0
[  618.684490]  ? __ia32_sys_clone+0x150/0x150
[  618.684545]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  618.684575]  ? vfs_write+0x188/0xae0
[  618.684608]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  618.684641]  ? fput+0x2a/0x50
[  618.684681]  ? syscall_enter_from_user_mode+0x1d/0x50
[  618.684717]  do_syscall_64+0x3b/0x90
[  618.684752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  618.684778] RIP: 0033:0x7f37c9f3ab19
[  618.684797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  618.684821] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  618.684848] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  618.684867] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  618.684884] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  618.684900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  618.684915] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  618.684954]  </TASK>
[  634.974615] FAULT_INJECTION: forcing a failure.
23:03:32 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x9, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:32 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x4006}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:03:32 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000180)={0x0, 0x1, 0x5, 0x400})
r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0xd8b0e1eb73efb33, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
sendmsg$NL80211_CMD_TDLS_MGMT(r7, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x8c, r9, 0x10, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x2e, 0x2a, [@gcr_ga={0xbd, 0x6, @broadcast}, @gcr_ga={0xbd, 0x6, @broadcast}, @ibss={0x6, 0x2, 0x8}, @tim={0x5, 0x14, {0x7f, 0xc8, 0x8, "9e14beaa4b4a100ab1d9ead848d09f28c1"}}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x6}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_IE={0x7, 0x2a, [@sec_chan_ofs={0x3e, 0x1, 0x1}]}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x1}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0xa}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0xffffffe1}]}, 0x8c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$LOOP_SET_FD(r2, 0x4c00, r6)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r10=>r3, {0x0, 0x100}}, './file0\x00'})
setsockopt$inet_udp_int(r10, 0x11, 0x9, &(0x7f00000000c0), 0x4)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:03:32 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

23:03:32 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19)

23:03:32 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x3, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:32 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28)

23:03:32 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29)

[  634.974615] name failslab, interval 1, probability 0, space 0, times 0
[  634.977442] CPU: 1 PID: 5827 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  634.979118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  634.981397] Call Trace:
[  634.981408]  <TASK>
[  634.981417]  dump_stack_lvl+0x8b/0xb3
[  634.981463]  should_fail.cold+0x5/0xa
[  634.981501]  ? dup_fd+0x89/0xca0
[  634.981529]  should_failslab+0x5/0x10
[  634.981550]  kmem_cache_alloc+0x5b/0x480
[  634.981584]  dup_fd+0x89/0xca0
[  634.981604]  ? audit_filter_inodes+0x40/0x40
[  634.981634]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  634.981662]  ? security_task_alloc+0xe6/0x260
[  634.981699]  copy_process+0x1c74/0x6d40
[  634.981732]  ? lock_is_held_type+0xd7/0x130
[  634.981757]  ? find_held_lock+0x2c/0x110
[  634.981805]  ? __cleanup_sighand+0xb0/0xb0
[  634.981847]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  634.981875]  ? _copy_from_user+0x139/0x170
[  634.981906]  ? kernel_clone+0x2f8/0xa60
[  634.981964]  kernel_clone+0xe7/0xa60
[  634.981996]  ? lock_is_held_type+0xd7/0x130
23:03:33 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29)

[  634.982022]  ? copy_init_mm+0x20/0x20
[  634.982070]  ? lock_is_held_type+0xd7/0x130
[  634.982102]  __do_sys_clone3+0x1c9/0x2d0
[  634.982135]  ? __ia32_sys_clone+0x150/0x150
[  634.982187]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  634.982216]  ? vfs_write+0x188/0xae0
23:03:33 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000001}}, 0x1c)

[  634.982247]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  634.982277]  ? fput+0x2a/0x50
[  634.982315]  ? syscall_enter_from_user_mode+0x1d/0x50
[  634.982350]  do_syscall_64+0x3b/0x90
[  634.982383]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  634.982408] RIP: 0033:0x7fc730828b19
[  634.982425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  634.982447] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  634.982471] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  634.982488] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  634.982502] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  634.982517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  634.982531] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  634.982569]  </TASK>
[  634.987056] FAULT_INJECTION: forcing a failure.
[  634.987056] name failslab, interval 1, probability 0, space 0, times 0
[  634.987081] CPU: 0 PID: 5832 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  634.987098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  634.987110] Call Trace:
[  634.987115]  <TASK>
[  634.987122]  dump_stack_lvl+0x8b/0xb3
[  634.987158]  should_fail.cold+0x5/0xa
[  634.987184]  ? copy_process+0x1ddf/0x6d40
[  634.987208]  should_failslab+0x5/0x10
[  634.987223]  kmem_cache_alloc+0x5b/0x480
[  634.987245]  copy_process+0x1ddf/0x6d40
[  634.987265]  ? lock_is_held_type+0xd7/0x130
[  634.987282]  ? find_held_lock+0x2c/0x110
[  634.987313]  ? __cleanup_sighand+0xb0/0xb0
[  634.987339]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  634.987359]  ? _copy_from_user+0x139/0x170
[  634.987380]  ? kernel_clone+0x2f8/0xa60
[  634.987403]  kernel_clone+0xe7/0xa60
[  634.987423]  ? lock_is_held_type+0xd7/0x130
[  634.987439]  ? copy_init_mm+0x20/0x20
[  634.987469]  ? lock_is_held_type+0xd7/0x130
[  634.987489]  __do_sys_clone3+0x1c9/0x2d0
[  634.987510]  ? __ia32_sys_clone+0x150/0x150
[  634.987542]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  634.987561]  ? vfs_write+0x188/0xae0
[  634.987581]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  634.987600]  ? fput+0x2a/0x50
[  634.987624]  ? syscall_enter_from_user_mode+0x1d/0x50
[  634.987646]  do_syscall_64+0x3b/0x90
[  634.987667]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  634.987683] RIP: 0033:0x7f3d8a0d9b19
[  634.987695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  634.987709] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  634.987725] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  634.987735] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  634.987744] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  634.987754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  634.987762] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  634.987786]  </TASK>
[  635.006871] FAULT_INJECTION: forcing a failure.
[  635.006871] name failslab, interval 1, probability 0, space 0, times 0
[  635.006904] CPU: 1 PID: 5840 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  635.006929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  635.006945] Call Trace:
[  635.006952]  <TASK>
[  635.006961]  dump_stack_lvl+0x8b/0xb3
[  635.007002]  should_fail.cold+0x5/0xa
[  635.007038]  ? create_object.isra.0+0x3a/0xa20
[  635.007076]  should_failslab+0x5/0x10
[  635.007096]  kmem_cache_alloc+0x5b/0x480
[  635.007129]  create_object.isra.0+0x3a/0xa20
[  635.007169]  ? kasan_unpoison+0x23/0x50
[  635.007208]  kmem_cache_alloc+0x239/0x480
[  635.007241]  copy_fs_struct+0x45/0x340
[  635.007267]  ? copy_process+0x1d05/0x6d40
[  635.007302]  copy_process+0x3323/0x6d40
[  635.007333]  ? lock_is_held_type+0xd7/0x130
[  635.007358]  ? find_held_lock+0x2c/0x110
[  635.007404]  ? __cleanup_sighand+0xb0/0xb0
[  635.007446]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  635.007475]  ? _copy_from_user+0x139/0x170
[  635.007507]  ? kernel_clone+0x2f8/0xa60
[  635.007542]  kernel_clone+0xe7/0xa60
[  635.007575]  ? lock_is_held_type+0xd7/0x130
[  635.007601]  ? copy_init_mm+0x20/0x20
[  635.007649]  ? lock_is_held_type+0xd7/0x130
[  635.007681]  __do_sys_clone3+0x1c9/0x2d0
[  635.007715]  ? __ia32_sys_clone+0x150/0x150
[  635.007768]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  635.007797]  ? vfs_write+0x188/0xae0
[  635.007828]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  635.007858]  ? fput+0x2a/0x50
[  635.007897]  ? syscall_enter_from_user_mode+0x1d/0x50
[  635.007931]  do_syscall_64+0x3b/0x90
[  635.007965]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  635.007989] RIP: 0033:0x7f37c9f3ab19
[  635.008006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  635.008028] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  635.008052] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  635.008068] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  635.008083] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  635.008097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  635.008111] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  635.008149]  </TASK>
[  635.067661] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  635.095930] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  635.148588] FAULT_INJECTION: forcing a failure.
[  635.148588] name failslab, interval 1, probability 0, space 0, times 0
[  635.148658] CPU: 1 PID: 5850 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  635.148684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  635.148700] Call Trace:
[  635.148707]  <TASK>
[  635.148716]  dump_stack_lvl+0x8b/0xb3
[  635.148761]  should_fail.cold+0x5/0xa
[  635.148796]  ? copy_process+0x1ddf/0x6d40
[  635.148832]  should_failslab+0x5/0x10
[  635.148854]  kmem_cache_alloc+0x5b/0x480
[  635.148887]  copy_process+0x1ddf/0x6d40
[  635.148918]  ? lock_is_held_type+0xd7/0x130
[  635.148944]  ? find_held_lock+0x2c/0x110
[  635.148991]  ? __cleanup_sighand+0xb0/0xb0
[  635.149033]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  635.149062]  ? _copy_from_user+0x139/0x170
[  635.149093]  ? kernel_clone+0x2f8/0xa60
[  635.149129]  kernel_clone+0xe7/0xa60
[  635.149165]  ? lock_is_held_type+0xd7/0x130
[  635.149191]  ? copy_init_mm+0x20/0x20
[  635.149239]  ? lock_is_held_type+0xd7/0x130
[  635.149271]  __do_sys_clone3+0x1c9/0x2d0
[  635.149304]  ? __ia32_sys_clone+0x150/0x150
[  635.149356]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  635.149385]  ? vfs_write+0x188/0xae0
[  635.149417]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  635.149446]  ? fput+0x2a/0x50
[  635.149485]  ? syscall_enter_from_user_mode+0x1d/0x50
[  635.149519]  do_syscall_64+0x3b/0x90
[  635.149553]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  635.149577] RIP: 0033:0x7f37c9f3ab19
[  635.149594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  635.149617] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  635.149642] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  635.149658] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  635.149673] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  635.149688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  635.149702] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  635.149740]  </TASK>
[  635.367873] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  635.370730] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
23:03:46 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30)

23:03:46 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x4006}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  648.350124] FAULT_INJECTION: forcing a failure.
[  648.350124] name failslab, interval 1, probability 0, space 0, times 0
[  648.351424] CPU: 0 PID: 5863 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.352281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.353463] Call Trace:
[  648.353754]  <TASK>
[  648.353990]  dump_stack_lvl+0x8b/0xb3
[  648.354417]  should_fail.cold+0x5/0xa
[  648.354827]  ? create_object.isra.0+0x3a/0xa20
[  648.355316]  should_failslab+0x5/0x10
[  648.355716]  kmem_cache_alloc+0x5b/0x480
[  648.356152]  create_object.isra.0+0x3a/0xa20
[  648.356615]  ? kasan_unpoison+0x23/0x50
[  648.357043]  kmem_cache_alloc+0x239/0x480
[  648.357480]  dup_fd+0x89/0xca0
[  648.357818]  ? audit_filter_inodes+0x40/0x40
[  648.358287]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.358867]  ? security_task_alloc+0xe6/0x260
[  648.359347]  copy_process+0x1c74/0x6d40
[  648.359773]  ? lock_is_held_type+0xd7/0x130
23:03:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000040)={{0x0, 0x0, 0x4, 0x3, 0x1}, 0x401, 0x95, 'id1\x00', 'timer0\x00', 0x0, 0x9, 0xffffffffffff0001, 0x1, 0x9})
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:03:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20)

23:03:46 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe00000fc}}, 0x1c)

[  648.360224]  ? find_held_lock+0x2c/0x110
[  648.360902]  ? __cleanup_sighand+0xb0/0xb0
[  648.361378]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.361983]  ? _copy_from_user+0x139/0x170
[  648.362467]  ? kernel_clone+0x2f8/0xa60
[  648.362910]  kernel_clone+0xe7/0xa60
[  648.363326]  ? lock_is_held_type+0xd7/0x130
[  648.363793]  ? copy_init_mm+0x20/0x20
[  648.364226]  ? lock_is_held_type+0xd7/0x130
[  648.364697]  __do_sys_clone3+0x1c9/0x2d0
[  648.365139]  ? __ia32_sys_clone+0x150/0x150
[  648.365622]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.366241]  ? vfs_write+0x188/0xae0
[  648.366644]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.367244]  ? fput+0x2a/0x50
[  648.367594]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.368162]  do_syscall_64+0x3b/0x90
[  648.368578]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.369145] RIP: 0033:0x7fc730828b19
[  648.369547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.371543] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.372330] FAULT_INJECTION: forcing a failure.
[  648.372330] name failslab, interval 1, probability 0, space 0, times 0
[  648.373527] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  648.374306] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.375082] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  648.375846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.376618] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  648.377406]  </TASK>
[  648.377662] CPU: 1 PID: 5860 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.379494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.381950] Call Trace:
[  648.382516]  <TASK>
[  648.382994]  dump_stack_lvl+0x8b/0xb3
[  648.383837]  should_fail.cold+0x5/0xa
[  648.384672]  ? create_object.isra.0+0x3a/0xa20
[  648.385672]  should_failslab+0x5/0x10
[  648.385698]  kmem_cache_alloc+0x5b/0x480
[  648.385736]  create_object.isra.0+0x3a/0xa20
[  648.385774]  ? kasan_unpoison+0x23/0x50
[  648.388789]  kmem_cache_alloc+0x239/0x480
[  648.389686]  copy_process+0x1ddf/0x6d40
[  648.390556]  ? lock_is_held_type+0xd7/0x130
[  648.391486]  ? find_held_lock+0x2c/0x110
[  648.392384]  ? __cleanup_sighand+0xb0/0xb0
[  648.393317]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.394507]  ? _copy_from_user+0x139/0x170
[  648.395418]  ? kernel_clone+0x2f8/0xa60
[  648.396279]  kernel_clone+0xe7/0xa60
[  648.397080]  ? lock_is_held_type+0xd7/0x130
[  648.397996]  ? copy_init_mm+0x20/0x20
[  648.398859]  ? lock_is_held_type+0xd7/0x130
[  648.399779]  __do_sys_clone3+0x1c9/0x2d0
[  648.400656]  ? __ia32_sys_clone+0x150/0x150
[  648.401599]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.402766]  ? vfs_write+0x188/0xae0
[  648.403559]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.404721]  ? fput+0x2a/0x50
[  648.405408]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.406545]  do_syscall_64+0x3b/0x90
[  648.407390]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.408504] RIP: 0033:0x7f3d8a0d9b19
[  648.409339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.413216] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.414829] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  648.416318] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.417810] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  648.419327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.420849] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  648.422397]  </TASK>
[  648.426783] FAULT_INJECTION: forcing a failure.
[  648.426783] name failslab, interval 1, probability 0, space 0, times 0
[  648.428064] CPU: 0 PID: 5874 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.428938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.430133] Call Trace:
[  648.430407]  <TASK>
[  648.430641]  dump_stack_lvl+0x8b/0xb3
[  648.431053]  should_fail.cold+0x5/0xa
[  648.431462]  ? create_object.isra.0+0x3a/0xa20
[  648.431950]  should_failslab+0x5/0x10
[  648.432354]  kmem_cache_alloc+0x5b/0x480
[  648.432782]  create_object.isra.0+0x3a/0xa20
[  648.433250]  ? kasan_unpoison+0x23/0x50
[  648.433679]  kmem_cache_alloc+0x239/0x480
[  648.434124]  copy_process+0x1ddf/0x6d40
[  648.434548]  ? lock_is_held_type+0xd7/0x130
[  648.435000]  ? find_held_lock+0x2c/0x110
[  648.435439]  ? __cleanup_sighand+0xb0/0xb0
23:03:46 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30)

23:03:46 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21)

[  648.435894]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.436646]  ? _copy_from_user+0x139/0x170
[  648.437108]  ? kernel_clone+0x2f8/0xa60
[  648.437536]  kernel_clone+0xe7/0xa60
[  648.437937]  ? lock_is_held_type+0xd7/0x130
[  648.438396]  ? copy_init_mm+0x20/0x20
[  648.438813]  ? lock_is_held_type+0xd7/0x130
[  648.439275]  __do_sys_clone3+0x1c9/0x2d0
[  648.439705]  ? __ia32_sys_clone+0x150/0x150
[  648.440167]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.440755]  ? vfs_write+0x188/0xae0
[  648.441152]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.441737]  ? fput+0x2a/0x50
[  648.442078]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.442645]  do_syscall_64+0x3b/0x90
[  648.443037]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.443587] RIP: 0033:0x7f37c9f3ab19
[  648.443972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.445944] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.446798] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  648.447578] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.448359] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  648.449133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.449917] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  648.450716]  </TASK>
23:03:46 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x4006}], 0x1, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  648.492870] FAULT_INJECTION: forcing a failure.
[  648.492870] name failslab, interval 1, probability 0, space 0, times 0
[  648.494260] CPU: 0 PID: 5880 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.495121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.496323] Call Trace:
[  648.496594]  <TASK>
[  648.496828]  dump_stack_lvl+0x8b/0xb3
[  648.497242]  should_fail.cold+0x5/0xa
[  648.497655]  ? create_object.isra.0+0x3a/0xa20
[  648.498161]  should_failslab+0x5/0x10
[  648.498562]  kmem_cache_alloc+0x5b/0x480
[  648.498994]  create_object.isra.0+0x3a/0xa20
[  648.499473]  ? kasan_unpoison+0x23/0x50
[  648.499894]  kmem_cache_alloc_trace+0x22e/0x3c0
[  648.500386]  alloc_ucounts+0x1bf/0x580
[  648.500794]  ? get_ucounts+0x60/0x60
[  648.501185]  ? setup_userns_sysctls+0x103/0x180
[  648.501691]  set_cred_ucounts+0x163/0x320
[  648.502148]  copy_creds+0x55b/0x930
[  648.502533]  copy_process+0x10d5/0x6d40
[  648.502950]  ? lock_is_held_type+0xd7/0x130
[  648.503422]  ? find_held_lock+0x2c/0x110
[  648.503866]  ? lock_release+0x3b2/0x6f0
[  648.504300]  ? __might_fault+0xd1/0x170
[  648.504747]  ? __cleanup_sighand+0xb0/0xb0
[  648.505226]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.505823]  ? _copy_from_user+0x139/0x170
[  648.506308]  ? kernel_clone+0x2f8/0xa60
[  648.506749]  kernel_clone+0xe7/0xa60
[  648.507160]  ? lock_is_held_type+0xd7/0x130
[  648.507633]  ? copy_init_mm+0x20/0x20
[  648.508060]  ? lock_is_held_type+0xd7/0x130
[  648.508533]  __do_sys_clone3+0x1c9/0x2d0
[  648.508977]  ? __ia32_sys_clone+0x150/0x150
[  648.509459]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.510064]  ? vfs_write+0x188/0xae0
[  648.510488]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.511090]  ? fput+0x2a/0x50
[  648.511439]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.512008]  do_syscall_64+0x3b/0x90
[  648.512422]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.512977] RIP: 0033:0x7fc730828b19
[  648.513391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.515405] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.516221] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  648.517004] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.517768] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  648.518536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.519302] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  648.520081]  </TASK>
23:03:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x9, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r0, {0x7}}, './file0\x00'})
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r4)

23:03:46 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe00000fd}}, 0x1c)

23:03:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x60, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31)

23:03:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31)

23:03:46 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe00080fe}}, 0x1c)

23:03:46 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22)

[  648.634825] FAULT_INJECTION: forcing a failure.
[  648.634825] name failslab, interval 1, probability 0, space 0, times 0
[  648.636107] CPU: 0 PID: 5901 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.636968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.638171] Call Trace:
[  648.638442]  <TASK>
[  648.638680]  dump_stack_lvl+0x8b/0xb3
[  648.639094]  should_fail.cold+0x5/0xa
[  648.639527]  ? create_object.isra.0+0x3a/0xa20
[  648.640019]  should_failslab+0x5/0x10
[  648.640432]  kmem_cache_alloc+0x5b/0x480
[  648.640882]  create_object.isra.0+0x3a/0xa20
[  648.641370]  ? kasan_unpoison+0x23/0x50
[  648.641815]  kmem_cache_alloc+0x239/0x480
[  648.642276]  copy_fs_struct+0x45/0x340
[  648.642704]  ? copy_process+0x1d05/0x6d40
[  648.643150]  copy_process+0x3323/0x6d40
[  648.643582]  ? lock_is_held_type+0xd7/0x130
[  648.644064]  ? find_held_lock+0x2c/0x110
[  648.644534]  ? __cleanup_sighand+0xb0/0xb0
[  648.645018]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.645625]  ? _copy_from_user+0x139/0x170
[  648.646095]  ? kernel_clone+0x2f8/0xa60
[  648.646553]  kernel_clone+0xe7/0xa60
[  648.646968]  ? lock_is_held_type+0xd7/0x130
[  648.647451]  ? copy_init_mm+0x20/0x20
[  648.647870]  ? lock_is_held_type+0xd7/0x130
[  648.648355]  __do_sys_clone3+0x1c9/0x2d0
[  648.648804]  ? __ia32_sys_clone+0x150/0x150
[  648.649292]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.649893]  ? vfs_write+0x188/0xae0
[  648.650328]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.650929]  ? fput+0x2a/0x50
[  648.651284]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.651852]  do_syscall_64+0x3b/0x90
[  648.652267]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.652820] RIP: 0033:0x7f3d8a0d9b19
[  648.653228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.655240] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.656080] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  648.656863] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.657657] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  648.658459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.659233] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  648.660022]  </TASK>
23:03:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x60, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:03:46 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:03:46 executing program 5:
syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xf030}}, './file0\x00'})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
ioctl$LOOP_SET_FD(r1, 0x1269, 0xffffffffffffffff)

[  648.710280] FAULT_INJECTION: forcing a failure.
[  648.710280] name failslab, interval 1, probability 0, space 0, times 0
[  648.711531] CPU: 0 PID: 5908 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.712379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.713572] Call Trace:
[  648.713842]  <TASK>
[  648.714075]  dump_stack_lvl+0x8b/0xb3
[  648.714502]  should_fail.cold+0x5/0xa
[  648.714907]  ? create_object.isra.0+0x3a/0xa20
[  648.715401]  should_failslab+0x5/0x10
[  648.715804]  kmem_cache_alloc+0x5b/0x480
[  648.716234]  create_object.isra.0+0x3a/0xa20
[  648.716702]  ? kasan_unpoison+0x23/0x50
[  648.717130]  kmem_cache_alloc_trace+0x22e/0x3c0
[  648.717626]  alloc_fdtable+0x7e/0x270
[  648.718028]  dup_fd+0x718/0xca0
[  648.718392]  copy_process+0x1c74/0x6d40
[  648.718824]  ? lock_is_held_type+0xd7/0x130
[  648.719278]  ? find_held_lock+0x2c/0x110
[  648.719714]  ? __cleanup_sighand+0xb0/0xb0
[  648.720167]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.720751]  ? _copy_from_user+0x139/0x170
[  648.721200]  ? kernel_clone+0x2f8/0xa60
[  648.721626]  kernel_clone+0xe7/0xa60
[  648.722018]  ? lock_is_held_type+0xd7/0x130
[  648.722478]  ? copy_init_mm+0x20/0x20
[  648.722884]  ? lock_is_held_type+0xd7/0x130
[  648.723333]  __do_sys_clone3+0x1c9/0x2d0
[  648.723759]  ? __ia32_sys_clone+0x150/0x150
[  648.724216]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.724782]  ? vfs_write+0x188/0xae0
[  648.725176]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.725742]  ? fput+0x2a/0x50
[  648.726071]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.726626]  do_syscall_64+0x3b/0x90
[  648.727019]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.727564] RIP: 0033:0x7fc730828b19
[  648.727953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.729843] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.730624] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  648.731353] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.732091] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  648.732823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.733558] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  648.734344]  </TASK>
23:03:46 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x300, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  648.821864] FAULT_INJECTION: forcing a failure.
[  648.821864] name failslab, interval 1, probability 0, space 0, times 0
[  648.823101] CPU: 0 PID: 5922 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  648.823960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  648.825133] Call Trace:
[  648.825407]  <TASK>
[  648.825645]  dump_stack_lvl+0x8b/0xb3
[  648.826054]  should_fail.cold+0x5/0xa
[  648.826464]  ? copy_process+0x1f5d/0x6d40
[  648.826913]  should_failslab+0x5/0x10
[  648.827310]  kmem_cache_alloc+0x5b/0x480
[  648.827736]  copy_process+0x1f5d/0x6d40
[  648.828148]  ? lock_is_held_type+0xd7/0x130
[  648.828599]  ? find_held_lock+0x2c/0x110
[  648.829030]  ? __cleanup_sighand+0xb0/0xb0
[  648.829480]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  648.830048]  ? _copy_from_user+0x139/0x170
[  648.830516]  ? kernel_clone+0x2f8/0xa60
[  648.830934]  kernel_clone+0xe7/0xa60
[  648.831324]  ? lock_is_held_type+0xd7/0x130
[  648.831776]  ? copy_init_mm+0x20/0x20
[  648.832182]  ? lock_is_held_type+0xd7/0x130
[  648.832643]  __do_sys_clone3+0x1c9/0x2d0
[  648.833067]  ? __ia32_sys_clone+0x150/0x150
[  648.833524]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  648.834093]  ? vfs_write+0x188/0xae0
[  648.834497]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  648.835071]  ? fput+0x2a/0x50
[  648.835413]  ? syscall_enter_from_user_mode+0x1d/0x50
[  648.835947]  do_syscall_64+0x3b/0x90
[  648.836336]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  648.836864] RIP: 0033:0x7f37c9f3ab19
[  648.837258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  648.839150] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  648.839960] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  648.840695] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  648.841455] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  648.842213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  648.842949] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  648.843734]  </TASK>
23:04:01 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x300, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:01 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32)

23:04:01 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32)

23:04:01 executing program 5:
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r0)
r1 = add_key$keyring(&(0x7f0000000980), &(0x7f0000000940)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r1, r0, r1, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, r1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2008}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="00d38e8228e14774000000", @ANYRES16=r2, @ANYBLOB="20002bbde700fbdbdf25690015000c009900040000001b0000000a00060000021100000000000500d300070000000500d300030000000600d400000200f80a000600ffffffffffff0000"], 0x50}, 0x1, 0x0, 0x0, 0x20008000}, 0x4004)
r3 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
ioctl$LOOP_SET_FD(r3, 0x1269, 0xffffffffffffffff)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r3)

23:04:01 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000c0fe}}, 0x1c)

23:04:01 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x900, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:01 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23)

23:04:01 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  663.329915] FAULT_INJECTION: forcing a failure.
[  663.329915] name failslab, interval 1, probability 0, space 0, times 0
[  663.331161] CPU: 0 PID: 5936 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  663.332020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  663.332030] Call Trace:
[  663.332034]  <TASK>
[  663.332039]  dump_stack_lvl+0x8b/0xb3
[  663.332067]  should_fail.cold+0x5/0xa
[  663.332087]  ? kvmalloc_node+0x3e/0x100
[  663.332102]  should_failslab+0x5/0x10
[  663.332114]  __kmalloc_node+0x76/0x360
[  663.332135]  kvmalloc_node+0x3e/0x100
[  663.332149]  alloc_fdtable+0xcd/0x270
[  663.332164]  dup_fd+0x718/0xca0
[  663.332184]  copy_process+0x1c74/0x6d40
[  663.332202]  ? lock_is_held_type+0xd7/0x130
[  663.332217]  ? find_held_lock+0x2c/0x110
[  663.332243]  ? __cleanup_sighand+0xb0/0xb0
[  663.332266]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  663.332282]  ? _copy_from_user+0x139/0x170
[  663.332300]  ? kernel_clone+0x2f8/0xa60
[  663.332319]  kernel_clone+0xe7/0xa60
[  663.332336]  ? lock_is_held_type+0xd7/0x130
[  663.332349]  ? copy_init_mm+0x20/0x20
[  663.332375]  ? lock_is_held_type+0xd7/0x130
[  663.332392]  __do_sys_clone3+0x1c9/0x2d0
[  663.332410]  ? __ia32_sys_clone+0x150/0x150
[  663.332439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  663.332454]  ? vfs_write+0x188/0xae0
[  663.332471]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  663.332488]  ? fput+0x2a/0x50
[  663.332508]  ? syscall_enter_from_user_mode+0x1d/0x50
[  663.332527]  do_syscall_64+0x3b/0x90
[  663.332545]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  663.332559] RIP: 0033:0x7fc730828b19
[  663.332569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  663.332581] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  663.332594] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  663.332603] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  663.332611] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  663.332619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.332626] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  663.332647]  </TASK>
[  663.347242] FAULT_INJECTION: forcing a failure.
[  663.347242] name failslab, interval 1, probability 0, space 0, times 0
[  663.347280] CPU: 1 PID: 5938 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  663.347306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  663.347323] Call Trace:
[  663.347330]  <TASK>
[  663.347338]  dump_stack_lvl+0x8b/0xb3
[  663.347385]  should_fail.cold+0x5/0xa
[  663.347422]  ? create_object.isra.0+0x3a/0xa20
[  663.347462]  should_failslab+0x5/0x10
[  663.347484]  kmem_cache_alloc+0x5b/0x480
[  663.347520]  create_object.isra.0+0x3a/0xa20
[  663.347553]  ? kasan_unpoison+0x23/0x50
[  663.347593]  kmem_cache_alloc+0x239/0x480
[  663.347626]  copy_process+0x1f5d/0x6d40
[  663.347661]  ? lock_is_held_type+0xd7/0x130
[  663.347688]  ? find_held_lock+0x2c/0x110
[  663.347736]  ? __cleanup_sighand+0xb0/0xb0
[  663.347780]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  663.347810]  ? _copy_from_user+0x139/0x170
[  663.347844]  ? kernel_clone+0x2f8/0xa60
[  663.347880]  kernel_clone+0xe7/0xa60
[  663.347913]  ? lock_is_held_type+0xd7/0x130
[  663.347939]  ? copy_init_mm+0x20/0x20
[  663.347989]  ? lock_is_held_type+0xd7/0x130
[  663.348021]  __do_sys_clone3+0x1c9/0x2d0
[  663.348056]  ? __ia32_sys_clone+0x150/0x150
[  663.348110]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  663.348145]  ? vfs_write+0x188/0xae0
[  663.348178]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  663.348209]  ? fput+0x2a/0x50
[  663.348248]  ? syscall_enter_from_user_mode+0x1d/0x50
[  663.348284]  do_syscall_64+0x3b/0x90
[  663.348319]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  663.348344] RIP: 0033:0x7f3d8a0d9b19
[  663.348362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  663.348385] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  663.348410] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  663.348427] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  663.348442] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  663.348457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.348471] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  663.348511]  </TASK>
[  663.359528] FAULT_INJECTION: forcing a failure.
[  663.359528] name failslab, interval 1, probability 0, space 0, times 0
[  663.359549] CPU: 0 PID: 5948 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  663.359564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  663.359573] Call Trace:
[  663.359577]  <TASK>
[  663.359583]  dump_stack_lvl+0x8b/0xb3
[  663.359608]  should_fail.cold+0x5/0xa
[  663.359628]  ? create_object.isra.0+0x3a/0xa20
[  663.359650]  should_failslab+0x5/0x10
[  663.359662]  kmem_cache_alloc+0x5b/0x480
[  663.359681]  create_object.isra.0+0x3a/0xa20
[  663.359699]  ? kasan_unpoison+0x23/0x50
[  663.359720]  kmem_cache_alloc+0x239/0x480
[  663.359737]  copy_process+0x1f5d/0x6d40
[  663.359755]  ? lock_is_held_type+0xd7/0x130
[  663.359771]  ? find_held_lock+0x2c/0x110
[  663.359796]  ? __cleanup_sighand+0xb0/0xb0
[  663.359819]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  663.359835]  ? _copy_from_user+0x139/0x170
[  663.359852]  ? kernel_clone+0x2f8/0xa60
[  663.359871]  kernel_clone+0xe7/0xa60
[  663.359888]  ? lock_is_held_type+0xd7/0x130
[  663.359902]  ? copy_init_mm+0x20/0x20
[  663.359928]  ? lock_is_held_type+0xd7/0x130
[  663.359945]  __do_sys_clone3+0x1c9/0x2d0
[  663.359963]  ? __ia32_sys_clone+0x150/0x150
[  663.359991]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  663.360006]  ? vfs_write+0x188/0xae0
[  663.360023]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  663.360039]  ? fput+0x2a/0x50
[  663.360060]  ? syscall_enter_from_user_mode+0x1d/0x50
[  663.360078]  do_syscall_64+0x3b/0x90
[  663.360097]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  663.360110] RIP: 0033:0x7f37c9f3ab19
[  663.360119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  663.360135] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  663.360149] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  663.360157] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  663.360165] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  663.360173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.360181] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  663.360201]  </TASK>
23:04:13 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x1}, {r0, 0x4006}], 0x2, 0xffff)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r1}, {r2, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  675.687298] FAULT_INJECTION: forcing a failure.
[  675.687298] name failslab, interval 1, probability 0, space 0, times 0
[  675.688490] CPU: 0 PID: 5962 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  675.689288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  675.690465] Call Trace:
[  675.690756]  <TASK>
[  675.690977]  dump_stack_lvl+0x8b/0xb3
[  675.691364]  should_fail.cold+0x5/0xa
[  675.691779]  ? create_object.isra.0+0x3a/0xa20
[  675.692237]  should_failslab+0x5/0x10
[  675.692613]  kmem_cache_alloc+0x5b/0x480
[  675.693017]  create_object.isra.0+0x3a/0xa20
[  675.693451]  ? kasan_unpoison+0x23/0x50
[  675.693854]  __kmalloc_node+0x201/0x360
[  675.694251]  kvmalloc_node+0x3e/0x100
[  675.694636]  alloc_fdtable+0xcd/0x270
[  675.695013]  dup_fd+0x718/0xca0
[  675.695368]  copy_process+0x1c74/0x6d40
[  675.695768]  ? lock_is_held_type+0xd7/0x130
[  675.696196]  ? find_held_lock+0x2c/0x110
[  675.696606]  ? __cleanup_sighand+0xb0/0xb0
[  675.697028]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  675.697593]  ? _copy_from_user+0x139/0x170
[  675.698042]  ? kernel_clone+0x2f8/0xa60
[  675.698464]  kernel_clone+0xe7/0xa60
[  675.698875]  ? lock_is_held_type+0xd7/0x130
[  675.699333]  ? copy_init_mm+0x20/0x20
[  675.699750]  ? lock_is_held_type+0xd7/0x130
[  675.700201]  __do_sys_clone3+0x1c9/0x2d0
[  675.700638]  ? __ia32_sys_clone+0x150/0x150
[  675.701113]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  675.701686]  ? vfs_write+0x188/0xae0
[  675.702083]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  675.702682]  ? fput+0x2a/0x50
[  675.703020]  ? syscall_enter_from_user_mode+0x1d/0x50
[  675.703563]  do_syscall_64+0x3b/0x90
[  675.703969]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  675.704511] RIP: 0033:0x7fc730828b19
[  675.704904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  675.706854] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  675.707643] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  675.708409] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  675.709142] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  675.709892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  675.710649] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  675.711408]  </TASK>
[  675.730983] FAULT_INJECTION: forcing a failure.
[  675.730983] name failslab, interval 1, probability 0, space 0, times 0
[  675.732190] CPU: 0 PID: 5976 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  675.733048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  675.734219] Call Trace:
[  675.734499]  <TASK>
[  675.734734]  dump_stack_lvl+0x8b/0xb3
[  675.735142]  should_fail.cold+0x5/0xa
[  675.735547]  ? create_new_namespaces+0x30/0xb30
[  675.736038]  should_failslab+0x5/0x10
[  675.736443]  kmem_cache_alloc+0x5b/0x480
[  675.736869]  ? cap_capable+0x1eb/0x250
[  675.737296]  create_new_namespaces+0x30/0xb30
[  675.737782]  copy_namespaces+0x391/0x450
[  675.738208]  copy_process+0x2832/0x6d40
[  675.738651]  ? lock_is_held_type+0xd7/0x130
[  675.739099]  ? find_held_lock+0x2c/0x110
[  675.739532]  ? __cleanup_sighand+0xb0/0xb0
[  675.739994]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  675.740580]  ? _copy_from_user+0x139/0x170
[  675.741032]  ? kernel_clone+0x2f8/0xa60
[  675.741461]  kernel_clone+0xe7/0xa60
[  675.741605] FAULT_INJECTION: forcing a failure.
[  675.741605] name failslab, interval 1, probability 0, space 0, times 0
[  675.741856]  ? lock_is_held_type+0xd7/0x130
[  675.744803]  ? copy_init_mm+0x20/0x20
[  675.745221]  ? lock_is_held_type+0xd7/0x130
[  675.745674]  __do_sys_clone3+0x1c9/0x2d0
[  675.746103]  ? __ia32_sys_clone+0x150/0x150
[  675.746591]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  675.747165]  ? vfs_write+0x188/0xae0
[  675.747558]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  675.748137]  ? fput+0x2a/0x50
[  675.748478]  ? syscall_enter_from_user_mode+0x1d/0x50
[  675.749026]  do_syscall_64+0x3b/0x90
[  675.749428]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  675.749975] RIP: 0033:0x7f37c9f3ab19
[  675.750364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  675.752291] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  675.753080] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  675.753822] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  675.754581] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  675.755321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  675.756059] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  675.756817]  </TASK>
[  675.757060] CPU: 1 PID: 5977 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  675.758733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  675.760993] Call Trace:
23:04:13 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24)

23:04:13 executing program 5:
syz_open_dev$loop(&(0x7f0000000040), 0x8, 0x1b2000)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0xe16}}, './file0\x00'})
creat(&(0x7f00000000c0)='./file0\x00', 0x61)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$LOOP_SET_FD(r2, 0x1269, r0)

23:04:13 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33)

23:04:13 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000fc00}}, 0x1c)

23:04:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x900, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:13 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33)

23:04:13 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf00, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  675.761513]  <TASK>
[  675.762082]  dump_stack_lvl+0x8b/0xb3
[  675.762939]  should_fail.cold+0x5/0xa
[  675.763717]  ? create_new_namespaces+0x30/0xb30
[  675.764658]  should_failslab+0x5/0x10
[  675.765421]  kmem_cache_alloc+0x5b/0x480
[  675.766249]  ? cap_capable+0x1eb/0x250
[  675.767070]  create_new_namespaces+0x30/0xb30
[  675.768012]  copy_namespaces+0x391/0x450
[  675.768914]  copy_process+0x2832/0x6d40
[  675.769745]  ? lock_is_held_type+0xd7/0x130
[  675.770686]  ? find_held_lock+0x2c/0x110
[  675.771676]  ? __cleanup_sighand+0xb0/0xb0
[  675.772547]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  675.773658]  ? _copy_from_user+0x139/0x170
[  675.774532]  ? kernel_clone+0x2f8/0xa60
[  675.775333]  kernel_clone+0xe7/0xa60
[  675.776097]  ? lock_is_held_type+0xd7/0x130
[  675.776962]  ? copy_init_mm+0x20/0x20
[  675.777766]  ? lock_is_held_type+0xd7/0x130
[  675.778669]  __do_sys_clone3+0x1c9/0x2d0
[  675.779497]  ? __ia32_sys_clone+0x150/0x150
[  675.780375]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[  675.781436]  ? syscall_enter_from_user_mode+0x1d/0x50
[  675.782490]  do_syscall_64+0x3b/0x90
[  675.783237]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  675.784273] RIP: 0033:0x7f3d8a0d9b19
[  675.785014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  675.788714] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
23:04:13 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25)

[  675.790207] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  675.791780] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  675.793215] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  675.794669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  675.796076] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  675.797534]  </TASK>
23:04:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf00, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:13 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34)

23:04:13 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x6000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:13 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:04:13 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000fd00}}, 0x1c)

[  675.935001] FAULT_INJECTION: forcing a failure.
[  675.935001] name failslab, interval 1, probability 0, space 0, times 0
[  675.937189] CPU: 0 PID: 5987 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  675.938610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  675.940539] Call Trace:
[  675.940983]  <TASK>
[  675.941367]  dump_stack_lvl+0x8b/0xb3
[  675.942044]  should_fail.cold+0x5/0xa
[  675.942737]  ? kvmalloc_node+0x3e/0x100
[  675.943426]  should_failslab+0x5/0x10
[  675.944076]  __kmalloc_node+0x76/0x360
[  675.944754]  kvmalloc_node+0x3e/0x100
[  675.945411]  alloc_fdtable+0x139/0x270
[  675.946083]  dup_fd+0x718/0xca0
[  675.946678]  copy_process+0x1c74/0x6d40
[  675.947369]  ? lock_is_held_type+0xd7/0x130
[  675.948109]  ? find_held_lock+0x2c/0x110
[  675.948832]  ? __cleanup_sighand+0xb0/0xb0
[  675.949581]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  675.950539]  ? _copy_from_user+0x139/0x170
[  675.951273]  ? kernel_clone+0x2f8/0xa60
[  675.951972]  kernel_clone+0xe7/0xa60
[  675.952621]  ? lock_is_held_type+0xd7/0x130
[  675.953368]  ? copy_init_mm+0x20/0x20
[  675.954044]  ? lock_is_held_type+0xd7/0x130
[  675.954804]  __do_sys_clone3+0x1c9/0x2d0
[  675.955511]  ? __ia32_sys_clone+0x150/0x150
[  675.956277]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  675.957222]  ? vfs_write+0x188/0xae0
[  675.957868]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  675.958827]  ? fput+0x2a/0x50
[  675.959382]  ? syscall_enter_from_user_mode+0x1d/0x50
[  675.960272]  do_syscall_64+0x3b/0x90
[  675.960937]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  675.960960] RIP: 0033:0x7fc730828b19
[  675.960977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  675.965929] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  675.965955] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  675.968885] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  675.970105] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  675.971331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  675.972544] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  675.973782]  </TASK>
23:04:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x6000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:13 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34)

[  676.007655] FAULT_INJECTION: forcing a failure.
[  676.007655] name failslab, interval 1, probability 0, space 0, times 0
[  676.010010] CPU: 0 PID: 5994 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  676.010250] FAULT_INJECTION: forcing a failure.
[  676.010250] name failslab, interval 1, probability 0, space 0, times 0
[  676.011453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  676.011473] Call Trace:
[  676.011480]  <TASK>
[  676.011488]  dump_stack_lvl+0x8b/0xb3
[  676.017338]  should_fail.cold+0x5/0xa
[  676.018019]  ? create_object.isra.0+0x3a/0xa20
[  676.018857]  should_failslab+0x5/0x10
[  676.019524]  kmem_cache_alloc+0x5b/0x480
[  676.020250]  create_object.isra.0+0x3a/0xa20
[  676.021030]  ? kasan_unpoison+0x23/0x50
[  676.021747]  kmem_cache_alloc+0x239/0x480
[  676.022479]  create_new_namespaces+0x30/0xb30
[  676.023297]  copy_namespaces+0x391/0x450
[  676.024019]  copy_process+0x2832/0x6d40
[  676.024728]  ? lock_is_held_type+0xd7/0x130
[  676.025489]  ? find_held_lock+0x2c/0x110
[  676.026223]  ? __cleanup_sighand+0xb0/0xb0
[  676.027007]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  676.027982]  ? _copy_from_user+0x139/0x170
[  676.028735]  ? kernel_clone+0x2f8/0xa60
[  676.029446]  kernel_clone+0xe7/0xa60
[  676.030107]  ? lock_is_held_type+0xd7/0x130
[  676.030897]  ? copy_init_mm+0x20/0x20
[  676.031587]  ? lock_is_held_type+0xd7/0x130
[  676.032355]  __do_sys_clone3+0x1c9/0x2d0
[  676.033073]  ? __ia32_sys_clone+0x150/0x150
[  676.033858]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  676.034837]  ? vfs_write+0x188/0xae0
[  676.035503]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  676.036466]  ? fput+0x2a/0x50
[  676.037029]  ? syscall_enter_from_user_mode+0x1d/0x50
[  676.037947]  do_syscall_64+0x3b/0x90
[  676.038641]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  676.039546] RIP: 0033:0x7f3d8a0d9b19
[  676.040198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.043432] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  676.044764] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  676.046011] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  676.047272] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  676.048519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.049765] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  676.051060]  </TASK>
[  676.051475] CPU: 1 PID: 5991 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  676.053284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  676.055732] Call Trace:
[  676.056287]  <TASK>
[  676.056766]  dump_stack_lvl+0x8b/0xb3
[  676.057612]  should_fail.cold+0x5/0xa
[  676.058448]  ? create_object.isra.0+0x3a/0xa20
[  676.059455]  should_failslab+0x5/0x10
[  676.060272]  kmem_cache_alloc+0x5b/0x480
[  676.061156]  create_object.isra.0+0x3a/0xa20
[  676.062115]  ? kasan_unpoison+0x23/0x50
[  676.063004]  kmem_cache_alloc+0x239/0x480
[  676.063908]  create_new_namespaces+0x30/0xb30
[  676.064898]  copy_namespaces+0x391/0x450
[  676.065784]  copy_process+0x2832/0x6d40
[  676.066669]  ? lock_is_held_type+0xd7/0x130
[  676.067599]  ? find_held_lock+0x2c/0x110
[  676.068497]  ? __cleanup_sighand+0xb0/0xb0
[  676.069425]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  676.070622]  ? _copy_from_user+0x139/0x170
[  676.071539]  ? kernel_clone+0x2f8/0xa60
[  676.072407]  kernel_clone+0xe7/0xa60
[  676.073218]  ? lock_is_held_type+0xd7/0x130
[  676.074147]  ? copy_init_mm+0x20/0x20
[  676.075013]  ? lock_is_held_type+0xd7/0x130
[  676.075946]  __do_sys_clone3+0x1c9/0x2d0
[  676.076829]  ? __ia32_sys_clone+0x150/0x150
[  676.077781]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  676.078969]  ? vfs_write+0x188/0xae0
[  676.079774]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  676.080949]  ? fput+0x2a/0x50
[  676.081639]  ? syscall_enter_from_user_mode+0x1d/0x50
[  676.082764]  do_syscall_64+0x3b/0x90
[  676.083570]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  676.084665] RIP: 0033:0x7f37c9f3ab19
[  676.085453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.089351] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  676.090977] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  676.092490] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  676.093999] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  676.095524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.097032] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  676.098568]  </TASK>
23:04:14 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35)

23:04:14 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26)

23:04:14 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  676.194320] FAULT_INJECTION: forcing a failure.
[  676.194320] name failslab, interval 1, probability 0, space 0, times 0
[  676.196298] CPU: 0 PID: 6004 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  676.197656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  676.199545] Call Trace:
[  676.199974]  <TASK>
[  676.200347]  dump_stack_lvl+0x8b/0xb3
[  676.201002]  should_fail.cold+0x5/0xa
[  676.201647]  ? create_object.isra.0+0x3a/0xa20
[  676.202427]  should_failslab+0x5/0x10
[  676.203085]  kmem_cache_alloc+0x5b/0x480
[  676.203779]  create_object.isra.0+0x3a/0xa20
[  676.204534]  ? kasan_unpoison+0x23/0x50
[  676.204571]  __kmalloc_node+0x201/0x360
[  676.204601]  kvmalloc_node+0x3e/0x100
[  676.204623]  alloc_fdtable+0x139/0x270
[  676.204645]  dup_fd+0x718/0xca0
[  676.204677]  copy_process+0x1c74/0x6d40
[  676.204704]  ? lock_is_held_type+0xd7/0x130
[  676.204726]  ? find_held_lock+0x2c/0x110
[  676.204765]  ? __cleanup_sighand+0xb0/0xb0
[  676.204799]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  676.204824]  ? _copy_from_user+0x139/0x170
[  676.204850]  ? kernel_clone+0x2f8/0xa60
[  676.204878]  kernel_clone+0xe7/0xa60
[  676.204905]  ? lock_is_held_type+0xd7/0x130
[  676.204925]  ? copy_init_mm+0x20/0x20
[  676.204965]  ? lock_is_held_type+0xd7/0x130
[  676.204991]  __do_sys_clone3+0x1c9/0x2d0
[  676.205018]  ? __ia32_sys_clone+0x150/0x150
[  676.217264]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  676.217294]  ? vfs_write+0x188/0xae0
[  676.217320]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  676.217344]  ? fput+0x2a/0x50
[  676.217377]  ? syscall_enter_from_user_mode+0x1d/0x50
[  676.221399]  do_syscall_64+0x3b/0x90
[  676.222046]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  676.222928] RIP: 0033:0x7fc730828b19
[  676.223553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.226665] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  676.227942] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  676.229141] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  676.230339] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  676.231554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.232756] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  676.233974]  </TASK>
23:04:14 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000fe80}}, 0x1c)

23:04:14 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x30000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  676.274970] FAULT_INJECTION: forcing a failure.
[  676.274970] name failslab, interval 1, probability 0, space 0, times 0
[  676.277286] CPU: 1 PID: 6010 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  676.278944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  676.281201] Call Trace:
[  676.281721]  <TASK>
[  676.282175]  dump_stack_lvl+0x8b/0xb3
[  676.282994]  should_fail.cold+0x5/0xa
[  676.283781]  ? alloc_mnt_ns+0xd4/0x4a0
[  676.284579]  should_failslab+0x5/0x10
[  676.285351]  kmem_cache_alloc_trace+0x55/0x3c0
[  676.286289]  alloc_mnt_ns+0xd4/0x4a0
[  676.287060]  copy_mnt_ns+0x108/0xa90
[  676.287831]  ? rcu_read_lock_sched_held+0x3a/0x70
[  676.288807]  ? kmem_cache_alloc+0x332/0x480
[  676.289687]  create_new_namespaces+0xd6/0xb30
[  676.290624]  copy_namespaces+0x391/0x450
[  676.291453]  copy_process+0x2832/0x6d40
[  676.292264]  ? lock_is_held_type+0xd7/0x130
[  676.293130]  ? find_held_lock+0x2c/0x110
[  676.293969]  ? __cleanup_sighand+0xb0/0xb0
[  676.294845]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  676.295941]  ? _copy_from_user+0x139/0x170
[  676.296804]  ? kernel_clone+0x2f8/0xa60
[  676.297611]  kernel_clone+0xe7/0xa60
[  676.298365]  ? lock_is_held_type+0xd7/0x130
[  676.299249]  ? copy_init_mm+0x20/0x20
[  676.300040]  ? lock_is_held_type+0xd7/0x130
[  676.300909]  __do_sys_clone3+0x1c9/0x2d0
[  676.301729]  ? __ia32_sys_clone+0x150/0x150
[  676.302636]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  676.303731]  ? vfs_write+0x188/0xae0
[  676.304487]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  676.305590]  ? fput+0x2a/0x50
[  676.306239]  ? syscall_enter_from_user_mode+0x1d/0x50
[  676.307288]  do_syscall_64+0x3b/0x90
[  676.308037]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  676.309054] RIP: 0033:0x7f3d8a0d9b19
[  676.309788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.313372] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  676.314873] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  676.316271] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  676.317667] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  676.319078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.320478] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  676.321904]  </TASK>
23:04:27 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x30000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:27 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36)

23:04:27 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r3 = syz_io_uring_setup(0x7a5a, &(0x7f0000000080)={0x0, 0xf2ce, 0x20, 0x0, 0x37}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = syz_open_dev$loop(&(0x7f0000000000), 0x800, 0x4400)
fcntl$getownex(r4, 0x10, &(0x7f0000000040)={0x0, <r5=>0x0})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
kcmp$KCMP_EPOLL_TFD(r5, 0x0, 0x7, r6, &(0x7f00000000c0)={0xffffffffffffffff, r7, 0xfff})
r8 = socket(0x784bb16097f6e884, 0x4, 0x8000)
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000003480)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r9=>0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r8, 0x50009418, &(0x7f0000001480)={{r6}, r9, 0x1c, @inherit={0x70, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000000000000006050000000000000002000000000000ea8500000000f5721f66c1611d0000000000040000000080000200000000000800010100000000000000010000000000000020000000000000fb0000000000000001000000000000000100010000000000fa00000006000000364ea59c5fbc52c4f217b89b1db0c65c0051a7c6ea405e5f51826fbecb4479d79debd5c6c8de4c8f0d2fd5149aef9bf2afb56426a84130a2d2863e6803db4b54dbf05134f76bae38b9ea"]}, @name="5192ded127ff63e7bb9320d11a97c6177dd15ecb1b152a9c467baef02f22bd2f30bcf740c322fc820b32993228615a995d4e8cd939b05ac4802c6e7a203383add13f6776f03d47bd10615f6e8ee39181afcc55122b8d673569d770a9f5f870cb5eb3adb3832deaffca901763e56d8f10fec28d6629cc30326e50be0b30bf1dd18d3434078924a5daf4455df60da7e40310cbdf3ddfbada71b71c368f33a9f745e27880c9d38bba8b0a4aeafc607157c1190f6d4291441ed7afac79db6611292a8b9c6da09af0e2715e8eaf6b742a43d5953139b6160744e0b339280b5b71736eec9af809c84ead1d93a95892c8d244cee1d61bad37e5eae50c19e60f7c6e0a49fc9efbda0e0c663e959293d335e7cc7f6ab03004a8540018f079aa4a5a5aa1c0662ab7e22b57c5dfdcd9f8057b98fde4d373bfcfbf8b0c8f3180778b4289de8d3615be3d3a883a89ee9748018616147015f54f3b27c2af2eef11e5c8e5af6a40bf32995c2e3fbc4e4fcbada358782d570855a781f131be2f00c25b4e94617cad91c495568ed5367e3dc938d111430ca4340959a489119e297b56d871041ab5102a6d5a43cf02cdc6d6c37e1c22215d43a0357a3aaf0ee392a7d48f5274be57a6d20d1a51651ac32204e38400abf61acaa3049fa78f4f41dc117562c2a6a1a630e34214c4d513f1429fe979a642a7c8e072be325750693a712f3e2cdf0595cf0bb65055496cb019b4bfe812be9c5265d3062e06bf79d72969930d619dd67982a5b86ea918120493a30348b7b6cf4f49f1e0d8f91b9515201dfcd06547cb16bd8e4652d44510b19f9b13ba803b299ced1e78c451f97b25651c7ce0c3d56337a56503f3c7773b8baa6bc110e3ff60acc7e8111efeb57259db03c9fdbcdcc515a85d1400956ba4eeb4c96199f584b0eefad9fc1d9ece07e899b7aaab43590494f1dee39b804ae2d1ceaf8bdac56655969c65dc808086d03737379e466d731592edbcf74de9fe689a0dae23be3775c003cf55685f73441e954c3173c2efb5c0c9c7a7ffd70c28cb352a35226f6c706a8ba5b6fcc380f37faf85a85fd578ac4f39ecab58f28706e20bf444bb193b8d515c57e81a2493e68d8b87c96139c478d0c67df16f74cea1af5b4988f74279d5c81a4f18d6f224bf2056e547dd2b53122843be358cd9e2c16a4233b4c654632d190fe49f6561000c2afb97abb5f9cafda933e6eabd739f6005e163faaf0fb4f8bd2fb6101533f870cb3ba39ae46c5b3d59016c2d12c9002a0c3738b8ddc2033775c3fa7bd1d3d055f6b07ee649d825370e8e7c30efbb5bd9564272884ff3adca70190406d333d7a80c9200bec170a3aa16bfd65b9776dcafc58d8587024be9c5ec42e9f6119fceda2f26c90d717f0cccd73db1601afdb60119551489fbab9400f8cc6dfbb1587c953a6a5fa58cfae1718b1f9bd02457074ff54c765b6cddf29acead7d8de0d22d3714c69e9b194b6caf4ca80229f63575f80050ad8bace53a6f6eea9020f60f1b5ef1f1385bfe5a0420776e4a335bebb7fad31199843056d195baf12431f3bf30322aa4b462f2f33468c2e91a9befbaaa6cbc44af5793c7b8674f0f07ec19c43319382e4bf60810ac8a7140d46f7ebf4b0a755fdfa6e39c232b8da2f34d060ce5963f2d5534884309ce4e325240cda618e106954c92a0ca144ed4fbacf5f541b4d6febb5fee6812c91001157e07f99baa1233b7fdc1cea46f0356dda8e87a962b4f09a1914e85be28afdb94a0fdf7a70a72c9e4ef2ba76603bcbad216ad7eb8ccbdeab30cbf353f059994e9aa519731a25e670919ea805161360727847850a4ddd7862d8315a1d951072dbc6974dbc9d095d12275c25a51c12cb21bfd6b886979938e4d82204e9b9afa3936928ff80237e7931b265bca6acb6fac1c2447f6dbde36aa58baf85aa90320cfa79c7c237bc5133e1fe96f7b2e8185c51ad235bf83a137f7430d1090573f892dcc007760e765e27481b7423981e574a5c058ab61a27e6c605aa6bcd237af4c6e4cd87f27e8ce4fd972e11c89ec7023dd32d1b7a1ceb243dc9d40018c6bc7bd82bae56a6995a1bab861b60efd1c0a863fb825943af10b764ed652e22e29e2c905c20abbb17bc0388741596f1189f69d72d60f71d1c7fc002347ca3904cd9e124b37030669da9122005c3b5bb3e20975b299f07e846fd9aff167c7da5a24fb77f6de831cee2d54a3650cb586618b9f3d4917b27b13a9a400bb9b30e641661d9869647c18693f6b93e8a3d77dcce29c93c7a63244e874977251f3c1b356abdc568e47ec499efe2bd48220b426d64d44d1ce4d347d4f51b2d9daddba03bbe7ddce2dc843c86b357ca287a5cfb9f6cac7ae74beedf6867c4657d3addcb59d3ea15ce3f0f3b496199c527df9dfd712a3cd693e927dcc3f581bf8f48dd5d40fbd55320cf8cec0724c3a6f878cf5d4c944d217cd89a7fe2e9caed9e90358be1eaaa77cc61427a35386fc81d52e7d357e52546f6cf81011c796110065dc76e2b21a5744cfc416dd17eaa803966fda6b03181b720df82df8471db090de5f4ba46e7cf30b8a30a0e91a2f820c67ee29967fca2751549ec6fdb2197c5d44f65b3b45893a7bd1e915a9231e1c6ee4abc7d84c4523d86a8012fad035fc5646f5620cbcd17b307d71f7ca758ad3ff7b6bdd4204b7e1e47e13bf3ced7cd5b202063656002854728d37c20f4720e684fc4f9f15547c1490e92b33cc32e5c90af00ac51d5591c400e5064de6f8be63da72fa09a72068ad4d790737ea8f754f47ab38f23a8115c49c11da0fa148046b5918ddfd510291421a4cdf2e8e44148332b3959d852c08ceffe4cd0107e6947f225ba046923f041f4d3d1fc08946d2f25cdb7cea4f6c2e9fc3bb447837f995e5ea7247f8ffce223d3577a17cb8abca2d85a1d77066d6cbd69e2cf362968de9d868f2946d49c0790332c3b0c4dbdb26a5d1e3b9d058bf61932c145f5978787351039e9d666cc43c27ad51e15be671201f3fb6afe4cba5ea576e0f6d867bd56257fdb2825115efc6462dca6df07c394f3ac56642463866002fd7c20130ae69411f3bbeb88d97e1a0659e8940b3d6b9eb21a2202c35e17c71157df466449d0b9d78b2aec7879200f1248ba7174a365b9030b5cd34ad5f52fcbf3c956651d6e8bb49d2675f5fc987c5e792ea46575ff2fbde4537d3e1b839df5f70e290a799c3c0b70bd7834f934ff4b742bed1c387842deb53d03855e3d0e160023d31d356a2e3247056bb54fdf33998dd563911b78f148ed978481b08bd24554a2e4662ef04e63ab51196ab39aba9e2a328d4f291333bc2c16c4a528cf368f5c947ea541862d7a77bff61ee4faa14d1ff252570200f8a73b6e0158018861c80f77268be73d01a24b5af901ae8e4c15c65673d66ce9886f3365cfd26bf91e2d1d15e6b570aacbc5ca1b38fd8c5038e52837689fee3c7e69f633219f3d3211c1b37879fe9d7f4d65a064ee80481279f4a7ffe066115d208f3bfa710d443637b22a2fd9fe1c0c02f8fac20ab76b21734e03d4f55a23e52be6e4cd99eb660f1db3775caac569f7fd980da94d6e835354d70499c165cda7e8dcba7159da0a42414f49c480bb8bb46e7085e4ed9df754c7d2fda0a751c63ccf12acfa949f5d513b8d6a9b766da59bcfb6ea6b775991e99ff3ea22a5cd4a6048819ed4aae1cd84279a9c67029dbd925b25e1e62b2dc929013b533e907739aea553483f8e9b15a7d49d88d449d5d6ab6f575e6fdd8144f3bc451f898ee206a3dfe9fc58c20f6f0b4ba5f8959c9d3f3b771efe5caca46e7389515948223463330518d405a83e7982796ba67e3cf01775618e93d019885b70f48c96c18e3855af7131610b533b3aa6c7e0e59ed858136772a05a642f825c309aaa9ec0fee1b1b0ffbf4f6ee66e4ddb2460ca33f80030c8071f92c04673598005779c1b57e830f8ba17ca007cab764a74acb64afe0b36777f73f796f9d30a19649a09cb49341134c779cd592fb3931720cb9c5405b4b041e16c3922f08137c9afb4bc0ef0fc5cd549b40a579992ed2fef9702132d1f69866bb94f17099426bccfabb679834b15f0711052f56b896ad74f116f264bc5e167e0ec68b3e4ce7a59415272ec65655ec7e44cfed2e19e1d273900f7f3efade255077b4b15c385aa19a965e885d4c5b062f7a335b301d563a4f2e5e5c7fd63ba90ad8cd8ca149d292adf896df8c54f01002c9cfc95381b10cd48f403bd5d65656741bc9c5a0cf1b986bc8e4769753531abc6a6062a468b7b7a5db7c085767f8c7d86b9da785c72ce76b04c9822c3e63cbf31fd52b46f73a56b41c8e01609f5577e6e5a7ca880c4cde04f1cac96b10f586706bb7e78943e0941db9ec9e3b96540242db23bd8109ae5066534a091be39a9dc38c629d30e6690458d270156d45ae45a6d476d57c62cf631f6e420c388fac75253163a98f113e6780c196047350f0f8470f705408352ee32aa4cb2167801f2a07a8de6fd53321fa5d6abfde94a1af11e8edeb8662c7377ad1b23339dc12a0e2ae6965ff6079109c1a435dcfb2392681b98e98960d0cb0e64e04614864f37125ff3f5bc57652a34fdc8585db7de9bea60577b0cda268d1ecd12588d82af640935514e155e597c0cf53cb523e406a470a8cab502b2ceb4ff04cba70fe2b9e9a291965abf82b6d60547e266bad512db5b9e4dc5dd6c4ccaf499f7e89a6e4e6fa4c8bfcf55cfd3cb6b85d134bb74eed466db17512fadfae07ea3fc6a6fc8c56b163fe37d1122466e7609672f689891ff01b0fbdb96604667e695bd1942594f05539e623757da034c676aeebd3f1edebf7236d65aad346bfb2d5b1205d4b98b5643c6fe4e503504167a0efe4690b7db2853e41cb3b0e78e8afbcf6a92baeee5a6e04ad299365209099357341d3660bd3aa069e425ad699a2e4dd97d6aaf50463992e92bfbdee4ea4ba25d764f7c604c309ef34c5ca99125ef8386503b34c31d2d63debd464dee7833a447ce0a5c6d3081c910b09c53e8e3f385a66b153b08a9b717784bf07804883269f1eab17efd56748a501e6f24d41fd000d4c1506f701413eb783b4a6b05875d983d9dfba5e7d3b3d6e6854c2962c19d421814289e20ba20702d811d8b6629766acc5bbcffe63841e8acf9cde57d9514e536460f422c8edeae33be4e9005e3ebc3285ead3f5c5e9683b1f8dedfe89ec13cb6878b43e01e272678f254c34172753cf8e9dbf98e1ecb8a71892a1670cfe92cef43aee84ef185049cba3686bf4e1ed088f66bf99f49da015d923ff0fc7eff4b9a4b54e0bf5b748d03802ece9e7d70a659e2eda1d46f45ce03d0313c6247c87e5c9a2865f4724ee11981235a0cc345956a224e248eee1e4bf2ad65bc7a51efe0bf6b01982d973ebcafb710825b79fdc539ec38106e9b11c2b061c55148df96974a47ff37be3478c47e45cac69a0e54ddc92d2f084e1c0e8442f338149182961aaa961b8e454becf928349aaa82eece927edd380c94d53ac93ae283d05a2b288b26636bafa9dfdae38f07b9409c539a5cc79cf0d46507ea7cec098baadcd0e885cb10f90b8dcbf36f43815eaeb3b40a571deb430032b474f23dda11f2ce31e12929634994bef9350b6deeaa4c5cdf45e2840eac378a3df335f06850a6cd1724b49d9248c538a49d787384fa09f448e66a2a477a73bf7eddbb635e2d533a99aacbb"})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r10, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)=ANY=[@ANYBLOB="5d007f849dcc66e93a6df31928a4c3e235df4d0f9b70851b6d8423613a2371", @ANYRES16=r11, @ANYBLOB="010000000000000000000e0000000800028004000280"], 0x1c}}, 0x48004)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000200)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r12=>0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000002480)={{r10}, r12, 0x0, @unused=[0xffffffff, 0xffffffffffff8001, 0x3332, 0x10001], @subvolid})
ioctl$BTRFS_IOC_RM_DEV_V2(r2, 0x5000943a, &(0x7f0000000640)={{r3}, r9, 0x4, @inherit={0x68, &(0x7f0000000180)={0x1, 0x4, 0x8, 0x6, {0x4, 0x1, 0x9, 0x4, 0x2}, [0x7fff, 0x0, 0x3, 0x2]}}, @devid})
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:04:27 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:04:27 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x34000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:27 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27)

23:04:27 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35)

23:04:27 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000fec0}}, 0x1c)

23:04:27 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe000ff00}}, 0x1c)

[  689.318848] FAULT_INJECTION: forcing a failure.
[  689.318848] name failslab, interval 1, probability 0, space 0, times 0
[  689.320032] CPU: 1 PID: 6037 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  689.320904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  689.322076] Call Trace:
[  689.322342]  <TASK>
[  689.322577]  dump_stack_lvl+0x8b/0xb3
[  689.323006]  should_fail.cold+0x5/0xa
[  689.323408]  ? copy_fs_struct+0x45/0x340
[  689.323842]  should_failslab+0x5/0x10
[  689.324246]  kmem_cache_alloc+0x5b/0x480
[  689.324676]  copy_fs_struct+0x45/0x340
[  689.325091]  ? copy_process+0x1d05/0x6d40
[  689.325547]  copy_process+0x3323/0x6d40
[  689.325979]  ? lock_is_held_type+0xd7/0x130
[  689.326406]  ? find_held_lock+0x2c/0x110
[  689.326873]  ? __cleanup_sighand+0xb0/0xb0
[  689.327338]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  689.327933]  ? _copy_from_user+0x139/0x170
[  689.328403]  ? kernel_clone+0x2f8/0xa60
[  689.328840]  kernel_clone+0xe7/0xa60
[  689.329256]  ? lock_is_held_type+0xd7/0x130
[  689.329717]  ? copy_init_mm+0x20/0x20
[  689.330144]  ? lock_is_held_type+0xd7/0x130
[  689.330617]  __do_sys_clone3+0x1c9/0x2d0
[  689.331071]  ? __ia32_sys_clone+0x150/0x150
[  689.331555]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  689.332154]  ? vfs_write+0x188/0xae0
[  689.332570]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  689.333167]  ? fput+0x2a/0x50
[  689.333519]  ? syscall_enter_from_user_mode+0x1d/0x50
[  689.334084]  do_syscall_64+0x3b/0x90
[  689.334493]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  689.335074] RIP: 0033:0x7fc730828b19
[  689.335444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  689.337430] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  689.338250] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  689.338952] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  689.339643] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  689.340333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  689.341019] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  689.341721]  </TASK>
[  689.348273] FAULT_INJECTION: forcing a failure.
[  689.348273] name failslab, interval 1, probability 0, space 0, times 0
[  689.350704] CPU: 0 PID: 6041 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  689.352416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  689.355134] Call Trace:
[  689.355763]  <TASK>
[  689.356304]  dump_stack_lvl+0x8b/0xb3
[  689.357238]  should_fail.cold+0x5/0xa
[  689.358090]  ? alloc_mnt_ns+0xd4/0x4a0
[  689.358937]  should_failslab+0x5/0x10
[  689.359735]  kmem_cache_alloc_trace+0x55/0x3c0
[  689.360712]  alloc_mnt_ns+0xd4/0x4a0
[  689.361513]  copy_mnt_ns+0x108/0xa90
[  689.362309]  ? rcu_read_lock_sched_held+0x3a/0x70
[  689.363339]  ? kmem_cache_alloc+0x332/0x480
[  689.364260]  create_new_namespaces+0xd6/0xb30
[  689.365218]  copy_namespaces+0x391/0x450
[  689.366107]  copy_process+0x2832/0x6d40
[  689.366955]  ? lock_is_held_type+0xd7/0x130
[  689.367839]  ? find_held_lock+0x2c/0x110
[  689.368699]  ? __cleanup_sighand+0xb0/0xb0
[  689.369588]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  689.370743]  ? _copy_from_user+0x139/0x170
[  689.371583]  ? kernel_clone+0x2f8/0xa60
[  689.372419]  kernel_clone+0xe7/0xa60
[  689.373162]  ? lock_is_held_type+0xd7/0x130
[  689.374062]  ? copy_init_mm+0x20/0x20
[  689.374872]  ? lock_is_held_type+0xd7/0x130
[  689.375727]  __do_sys_clone3+0x1c9/0x2d0
23:04:27 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x34000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  689.376531]  ? __ia32_sys_clone+0x150/0x150
[  689.377512]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  689.378589]  ? vfs_write+0x188/0xae0
[  689.379348]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  689.380424]  ? fput+0x2a/0x50
[  689.381049]  ? syscall_enter_from_user_mode+0x1d/0x50
[  689.382063]  do_syscall_64+0x3b/0x90
[  689.382806]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  689.383808] RIP: 0033:0x7f3d8a0d9b19
[  689.384531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  689.388091] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  689.389566] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  689.390966] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  689.392366] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  689.393736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  689.395131] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  689.396709]  </TASK>
23:04:27 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}}, 0x1c)

[  689.406941] FAULT_INJECTION: forcing a failure.
[  689.406941] name failslab, interval 1, probability 0, space 0, times 0
[  689.409357] CPU: 0 PID: 6040 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  689.411154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  689.413525] Call Trace:
[  689.414088]  <TASK>
[  689.414578]  dump_stack_lvl+0x8b/0xb3
[  689.415445]  should_fail.cold+0x5/0xa
[  689.416298]  ? alloc_mnt_ns+0xd4/0x4a0
[  689.417164]  should_failslab+0x5/0x10
[  689.417986]  kmem_cache_alloc_trace+0x55/0x3c0
[  689.419011]  alloc_mnt_ns+0xd4/0x4a0
[  689.419843]  copy_mnt_ns+0x108/0xa90
[  689.420640]  ? rcu_read_lock_sched_held+0x3a/0x70
[  689.421707]  ? kmem_cache_alloc+0x332/0x480
[  689.422624]  create_new_namespaces+0xd6/0xb30
[  689.423646]  copy_namespaces+0x391/0x450
[  689.424516]  copy_process+0x2832/0x6d40
[  689.425404]  ? lock_is_held_type+0xd7/0x130
[  689.426355]  ? find_held_lock+0x2c/0x110
[  689.427247]  ? __cleanup_sighand+0xb0/0xb0
[  689.428205]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  689.429369]  ? _copy_from_user+0x139/0x170
[  689.430288]  ? kernel_clone+0x2f8/0xa60
[  689.431190]  kernel_clone+0xe7/0xa60
[  689.431981]  ? lock_is_held_type+0xd7/0x130
[  689.432930]  ? copy_init_mm+0x20/0x20
[  689.433761]  ? lock_is_held_type+0xd7/0x130
[  689.434732]  __do_sys_clone3+0x1c9/0x2d0
[  689.435630]  ? __ia32_sys_clone+0x150/0x150
[  689.436575]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  689.437742]  ? vfs_write+0x188/0xae0
[  689.438541]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  689.439713]  ? fput+0x2a/0x50
[  689.440394]  ? syscall_enter_from_user_mode+0x1d/0x50
[  689.441537]  do_syscall_64+0x3b/0x90
[  689.442338]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  689.443487] RIP: 0033:0x7f37c9f3ab19
[  689.444277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  689.448280] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  689.449881] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  689.451454] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  689.452987] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  689.454532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  689.456087] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  689.457661]  </TASK>
23:04:39 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37)

23:04:39 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36)

23:04:39 executing program 5:
syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8002)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0}, {r1, 0x4006}], 0x2, 0xffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r1, {0x8}}, './file0\x00'})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast1, @in=@empty, 0x4e24, 0x6, 0x4e22, 0xa8b, 0x2, 0xb26eb3091dce329a, 0x80, 0x87, r6, 0xee00}, {0x400, 0xffff, 0x7e31, 0x1f, 0x1, 0x101, 0x0, 0x8}, {0x4, 0xffff, 0x5, 0x2}, 0x5, 0x6e6bbe, 0x2, 0x0, 0x1, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d2, 0x2b}, 0xa, @in6=@local, 0x3502, 0x0, 0x2, 0xf9, 0xfffffff9, 0xffffffff, 0x7fffffff}}, 0xe8)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)={0x68, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x68}}, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x7fffffff)
ioctl$LOOP_SET_FD(r0, 0x4c00, r2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
dup3(r0, r7, 0x80000)

23:04:39 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:04:39 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xfc}, 0x1c)

23:04:39 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28)

23:04:39 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x400300, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:39 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x400300, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  701.934409] FAULT_INJECTION: forcing a failure.
[  701.934409] name failslab, interval 1, probability 0, space 0, times 0
[  701.935743] CPU: 1 PID: 6073 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  701.936633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  701.937852] Call Trace:
[  701.938130]  <TASK>
[  701.938371]  dump_stack_lvl+0x8b/0xb3
[  701.938810]  should_fail.cold+0x5/0xa
[  701.939251]  ? create_object.isra.0+0x3a/0xa20
[  701.939757]  should_failslab+0x5/0x10
[  701.940172]  kmem_cache_alloc+0x5b/0x480
[  701.940621]  create_object.isra.0+0x3a/0xa20
[  701.941100]  ? kasan_unpoison+0x23/0x50
[  701.941554]  kmem_cache_alloc+0x239/0x480
[  701.942009]  copy_fs_struct+0x45/0x340
[  701.942441]  ? copy_process+0x1d05/0x6d40
[  701.942912]  copy_process+0x3323/0x6d40
[  701.943370]  ? lock_is_held_type+0xd7/0x130
[  701.943386]  ? find_held_lock+0x2c/0x110
[  701.943414]  ? __cleanup_sighand+0xb0/0xb0
23:04:39 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37)

[  701.943438]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
23:04:39 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x1000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  701.943456]  ? _copy_from_user+0x139/0x170
[  701.943475]  ? kernel_clone+0x2f8/0xa60
[  701.943495]  kernel_clone+0xe7/0xa60
23:04:39 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x1000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  701.943514]  ? lock_is_held_type+0xd7/0x130
23:04:39 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29)

[  701.943528]  ? copy_init_mm+0x20/0x20
[  701.943556]  ? lock_is_held_type+0xd7/0x130
[  701.943574]  __do_sys_clone3+0x1c9/0x2d0
23:04:40 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xfd}, 0x1c)

[  701.943593]  ? __ia32_sys_clone+0x150/0x150
[  701.943624]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  701.943640]  ? vfs_write+0x188/0xae0
[  701.943658]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  701.943675]  ? fput+0x2a/0x50
[  701.943698]  ? syscall_enter_from_user_mode+0x1d/0x50
23:04:40 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  701.943717]  do_syscall_64+0x3b/0x90
[  701.943739]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  701.943754] RIP: 0033:0x7fc730828b19
[  701.943764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:04:40 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x2000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:40 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38)

23:04:40 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x2000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  701.943777] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  701.943791] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  701.943800] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  701.943808] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  701.943816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  701.943824] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  701.943846]  </TASK>
[  701.945773] FAULT_INJECTION: forcing a failure.
[  701.945773] name failslab, interval 1, probability 0, space 0, times 0
[  701.945790] CPU: 1 PID: 6075 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  701.945804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  701.945812] Call Trace:
[  701.945816]  <TASK>
[  701.945820]  dump_stack_lvl+0x8b/0xb3
[  701.945842]  should_fail.cold+0x5/0xa
[  701.945862]  ? create_object.isra.0+0x3a/0xa20
[  701.945883]  should_failslab+0x5/0x10
[  701.945894]  kmem_cache_alloc+0x5b/0x480
[  701.945912]  create_object.isra.0+0x3a/0xa20
[  701.945931]  ? kasan_unpoison+0x23/0x50
[  701.945953]  kmem_cache_alloc_trace+0x22e/0x3c0
[  701.945976]  alloc_mnt_ns+0xd4/0x4a0
[  701.945995]  copy_mnt_ns+0x108/0xa90
[  701.946014]  ? rcu_read_lock_sched_held+0x3a/0x70
[  701.946030]  ? kmem_cache_alloc+0x332/0x480
[  701.946049]  create_new_namespaces+0xd6/0xb30
[  701.946073]  copy_namespaces+0x391/0x450
[  701.946093]  copy_process+0x2832/0x6d40
[  701.946111]  ? lock_is_held_type+0xd7/0x130
[  701.946124]  ? find_held_lock+0x2c/0x110
[  701.946150]  ? __cleanup_sighand+0xb0/0xb0
[  701.946174]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  701.946191]  ? _copy_from_user+0x139/0x170
[  701.946208]  ? kernel_clone+0x2f8/0xa60
[  701.946228]  kernel_clone+0xe7/0xa60
[  701.946246]  ? lock_is_held_type+0xd7/0x130
[  701.946260]  ? copy_init_mm+0x20/0x20
[  701.946287]  ? lock_is_held_type+0xd7/0x130
[  701.946306]  __do_sys_clone3+0x1c9/0x2d0
[  701.946324]  ? __ia32_sys_clone+0x150/0x150
[  701.946354]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  701.946370]  ? vfs_write+0x188/0xae0
[  701.946388]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  701.946405]  ? fput+0x2a/0x50
[  701.946426]  ? syscall_enter_from_user_mode+0x1d/0x50
[  701.946446]  do_syscall_64+0x3b/0x90
[  701.946465]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  701.946478] RIP: 0033:0x7f37c9f3ab19
[  701.946487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  701.946499] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  701.946514] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  701.946522] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  701.946530] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  701.946539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  701.946546] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  701.946568]  </TASK>
[  701.958064] FAULT_INJECTION: forcing a failure.
[  701.958064] name failslab, interval 1, probability 0, space 0, times 0
[  701.958233] CPU: 0 PID: 6076 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  701.958262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  701.958280] Call Trace:
[  701.958287]  <TASK>
[  701.958297]  dump_stack_lvl+0x8b/0xb3
[  701.958346]  should_fail.cold+0x5/0xa
[  701.958385]  ? alloc_vfsmnt+0x23/0x6b0
[  701.958418]  should_failslab+0x5/0x10
[  701.958440]  kmem_cache_alloc+0x5b/0x480
[  701.958478]  alloc_vfsmnt+0x23/0x6b0
[  701.958512]  clone_mnt+0x6d/0xdc0
[  701.958554]  copy_tree+0xfe/0xa50
[  701.958586]  ? down_write_killable_nested+0x180/0x180
[  701.958634]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  701.958668]  ? alloc_mnt_ns+0x2ba/0x4a0
[  701.958704]  copy_mnt_ns+0x1a5/0xa90
[  701.958740]  ? rcu_read_lock_sched_held+0x3a/0x70
[  701.958770]  ? kmem_cache_alloc+0x332/0x480
[  701.958806]  create_new_namespaces+0xd6/0xb30
[  701.958864]  copy_namespaces+0x391/0x450
[  701.958902]  copy_process+0x2832/0x6d40
[  701.958937]  ? lock_is_held_type+0xd7/0x130
[  701.958965]  ? find_held_lock+0x2c/0x110
[  701.959017]  ? __cleanup_sighand+0xb0/0xb0
[  701.959064]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  701.959095]  ? _copy_from_user+0x139/0x170
[  701.959130]  ? kernel_clone+0x2f8/0xa60
[  701.959174]  kernel_clone+0xe7/0xa60
[  701.959208]  ? lock_is_held_type+0xd7/0x130
[  701.959236]  ? copy_init_mm+0x20/0x20
[  701.959290]  ? lock_is_held_type+0xd7/0x130
[  701.959326]  __do_sys_clone3+0x1c9/0x2d0
[  701.959362]  ? __ia32_sys_clone+0x150/0x150
[  701.959421]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  701.959452]  ? vfs_write+0x188/0xae0
[  701.959487]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  701.959519]  ? fput+0x2a/0x50
[  701.959562]  ? syscall_enter_from_user_mode+0x1d/0x50
[  701.959600]  do_syscall_64+0x3b/0x90
[  701.959637]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  701.959663] RIP: 0033:0x7f3d8a0d9b19
[  701.959681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  701.959705] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  701.959731] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  701.959748] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  701.959764] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  701.959779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  701.959795] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  701.959838]  </TASK>
[  702.076834] FAULT_INJECTION: forcing a failure.
[  702.076834] name failslab, interval 1, probability 0, space 0, times 0
[  702.076860] CPU: 1 PID: 6090 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  702.076874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  702.076883] Call Trace:
[  702.076888]  <TASK>
[  702.076893]  dump_stack_lvl+0x8b/0xb3
[  702.076920]  should_fail.cold+0x5/0xa
[  702.076940]  ? alloc_vfsmnt+0x23/0x6b0
[  702.076957]  should_failslab+0x5/0x10
[  702.076969]  kmem_cache_alloc+0x5b/0x480
[  702.076989]  alloc_vfsmnt+0x23/0x6b0
[  702.077006]  clone_mnt+0x6d/0xdc0
[  702.077027]  copy_tree+0xfe/0xa50
[  702.077043]  ? down_write_killable_nested+0x180/0x180
[  702.077065]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.077083]  ? alloc_mnt_ns+0x2ba/0x4a0
[  702.077100]  copy_mnt_ns+0x1a5/0xa90
[  702.077123]  ? rcu_read_lock_sched_held+0x3a/0x70
[  702.077138]  ? kmem_cache_alloc+0x332/0x480
[  702.077157]  create_new_namespaces+0xd6/0xb30
[  702.077182]  copy_namespaces+0x391/0x450
[  702.077201]  copy_process+0x2832/0x6d40
[  702.077218]  ? lock_is_held_type+0xd7/0x130
[  702.077232]  ? find_held_lock+0x2c/0x110
[  702.077258]  ? __cleanup_sighand+0xb0/0xb0
[  702.077281]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  702.077297]  ? _copy_from_user+0x139/0x170
[  702.077316]  ? kernel_clone+0x2f8/0xa60
[  702.077335]  kernel_clone+0xe7/0xa60
[  702.077352]  ? lock_is_held_type+0xd7/0x130
[  702.077366]  ? copy_init_mm+0x20/0x20
[  702.077393]  ? lock_is_held_type+0xd7/0x130
[  702.077411]  __do_sys_clone3+0x1c9/0x2d0
[  702.077429]  ? __ia32_sys_clone+0x150/0x150
[  702.077458]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.077474]  ? vfs_write+0x188/0xae0
[  702.077491]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  702.077507]  ? fput+0x2a/0x50
[  702.077528]  ? syscall_enter_from_user_mode+0x1d/0x50
[  702.077547]  do_syscall_64+0x3b/0x90
[  702.077565]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  702.077579] RIP: 0033:0x7f37c9f3ab19
[  702.077589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  702.077601] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  702.077614] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  702.077623] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  702.077631] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  702.077639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  702.077646] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  702.077668]  </TASK>
[  702.101825] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  702.113451] FAULT_INJECTION: forcing a failure.
[  702.113451] name failslab, interval 1, probability 0, space 0, times 0
[  702.159537] FAULT_INJECTION: forcing a failure.
[  702.159537] name failslab, interval 1, probability 0, space 0, times 0
[  702.160314] CPU: 0 PID: 6092 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  702.265894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  702.265920] Call Trace:
[  702.265931]  <TASK>
[  702.265943]  dump_stack_lvl+0x8b/0xb3
[  702.265992]  should_fail.cold+0x5/0xa
[  702.266031]  ? copy_process+0x1ddf/0x6d40
[  702.266070]  should_failslab+0x5/0x10
23:04:40 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38)

[  702.266094]  kmem_cache_alloc+0x5b/0x480
[  702.266130]  copy_process+0x1ddf/0x6d40
[  702.266164]  ? lock_is_held_type+0xd7/0x130
[  702.266192]  ? find_held_lock+0x2c/0x110
[  702.266243]  ? __cleanup_sighand+0xb0/0xb0
[  702.266288]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  702.266320]  ? _copy_from_user+0x139/0x170
[  702.266354]  ? kernel_clone+0x2f8/0xa60
[  702.266392]  kernel_clone+0xe7/0xa60
[  702.266426]  ? lock_is_held_type+0xd7/0x130
[  702.266453]  ? copy_init_mm+0x20/0x20
[  702.266505]  ? lock_is_held_type+0xd7/0x130
[  702.266539]  __do_sys_clone3+0x1c9/0x2d0
[  702.266575]  ? __ia32_sys_clone+0x150/0x150
[  702.266632]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.266663]  ? vfs_write+0x188/0xae0
[  702.266696]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  702.266728]  ? fput+0x2a/0x50
[  702.266770]  ? syscall_enter_from_user_mode+0x1d/0x50
[  702.266807]  do_syscall_64+0x3b/0x90
[  702.266844]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  702.266896] RIP: 0033:0x7fc730828b19
[  702.266917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  702.266941] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  702.266967] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  702.266985] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  702.267000] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  702.267016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  702.267031] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  702.267072]  </TASK>
[  702.267081] CPU: 1 PID: 6102 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  702.267100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  702.267110] Call Trace:
[  702.267117]  <TASK>
[  702.267122]  dump_stack_lvl+0x8b/0xb3
[  702.267152]  should_fail.cold+0x5/0xa
[  702.267173]  ? create_object.isra.0+0x3a/0xa20
[  702.267197]  should_failslab+0x5/0x10
[  702.267209]  kmem_cache_alloc+0x5b/0x480
[  702.267230]  create_object.isra.0+0x3a/0xa20
[  702.267249]  ? kasan_unpoison+0x23/0x50
[  702.267271]  kmem_cache_alloc+0x239/0x480
[  702.267289]  alloc_vfsmnt+0x23/0x6b0
[  702.267307]  clone_mnt+0x6d/0xdc0
[  702.267329]  copy_tree+0xfe/0xa50
[  702.267346]  ? down_write_killable_nested+0x180/0x180
[  702.267369]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.267388]  ? alloc_mnt_ns+0x2ba/0x4a0
[  702.267406]  copy_mnt_ns+0x1a5/0xa90
[  702.267425]  ? rcu_read_lock_sched_held+0x3a/0x70
[  702.267441]  ? kmem_cache_alloc+0x332/0x480
[  702.267459]  create_new_namespaces+0xd6/0xb30
[  702.267485]  copy_namespaces+0x391/0x450
[  702.267504]  copy_process+0x2832/0x6d40
[  702.267523]  ? lock_is_held_type+0xd7/0x130
[  702.267537]  ? find_held_lock+0x2c/0x110
[  702.267565]  ? __cleanup_sighand+0xb0/0xb0
[  702.267590]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  702.267606]  ? _copy_from_user+0x139/0x170
[  702.267625]  ? kernel_clone+0x2f8/0xa60
[  702.267645]  kernel_clone+0xe7/0xa60
[  702.267663]  ? lock_is_held_type+0xd7/0x130
[  702.267677]  ? copy_init_mm+0x20/0x20
[  702.267705]  ? lock_is_held_type+0xd7/0x130
[  702.267723]  __do_sys_clone3+0x1c9/0x2d0
[  702.267742]  ? __ia32_sys_clone+0x150/0x150
[  702.267773]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.267789]  ? vfs_write+0x188/0xae0
[  702.267807]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  702.267823]  ? fput+0x2a/0x50
[  702.267846]  ? syscall_enter_from_user_mode+0x1d/0x50
[  702.267865]  do_syscall_64+0x3b/0x90
[  702.267884]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  702.267898] RIP: 0033:0x7f37c9f3ab19
[  702.267908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  702.267921] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  702.267935] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  702.267944] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  702.267952] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  702.267960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  702.267968] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  702.267990]  </TASK>
[  702.307773] FAULT_INJECTION: forcing a failure.
[  702.307773] name failslab, interval 1, probability 0, space 0, times 0
[  702.355967] CPU: 0 PID: 6105 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  702.357688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  702.360062] Call Trace:
[  702.360601]  <TASK>
[  702.361069]  dump_stack_lvl+0x8b/0xb3
[  702.361891]  should_fail.cold+0x5/0xa
[  702.362707]  ? alloc_mnt_ns+0xd4/0x4a0
[  702.363543]  should_failslab+0x5/0x10
[  702.364337]  kmem_cache_alloc_trace+0x55/0x3c0
[  702.365305]  alloc_mnt_ns+0xd4/0x4a0
[  702.366093]  copy_mnt_ns+0x108/0xa90
[  702.366901]  ? rcu_read_lock_sched_held+0x3a/0x70
[  702.367910]  ? kmem_cache_alloc+0x332/0x480
[  702.368822]  create_new_namespaces+0xd6/0xb30
[  702.369780]  copy_namespaces+0x391/0x450
[  702.370640]  copy_process+0x2832/0x6d40
[  702.371493]  ? lock_is_held_type+0xd7/0x130
[  702.372397]  ? find_held_lock+0x2c/0x110
[  702.373271]  ? __cleanup_sighand+0xb0/0xb0
[  702.374176]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  702.375348]  ? _copy_from_user+0x139/0x170
[  702.376242]  ? kernel_clone+0x2f8/0xa60
[  702.377112]  kernel_clone+0xe7/0xa60
[  702.377900]  ? lock_is_held_type+0xd7/0x130
[  702.378825]  ? copy_init_mm+0x20/0x20
[  702.379659]  ? lock_is_held_type+0xd7/0x130
[  702.380577]  __do_sys_clone3+0x1c9/0x2d0
[  702.381435]  ? __ia32_sys_clone+0x150/0x150
[  702.382375]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  702.383535]  ? vfs_write+0x188/0xae0
[  702.384324]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  702.385474]  ? fput+0x2a/0x50
[  702.386147]  ? syscall_enter_from_user_mode+0x1d/0x50
[  702.387251]  do_syscall_64+0x3b/0x90
[  702.388042]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  702.389117] RIP: 0033:0x7f3d8a0d9b19
[  702.389887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  702.393721] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  702.395308] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  702.396783] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  702.398262] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  702.399758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  702.401238] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  702.402738]  </TASK>
[  702.428773] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
23:04:54 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x18000)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
ioctl$LOOP_SET_FD(r2, 0x4c00, r1)
ioctl$LOOP_SET_FD(r0, 0x1269, 0xffffffffffffffff)
getsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f00000000c0)={@remote, @loopback, @multicast2}, &(0x7f0000000180)=0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000040)={r6, 0x5, 0x0, 0x2a})

23:04:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x3000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:54 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39)

23:04:54 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30)

23:04:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x3000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:54 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39)

23:04:54 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:04:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0x80fe}, 0x1c)

[  716.863765] FAULT_INJECTION: forcing a failure.
[  716.863765] name failslab, interval 1, probability 0, space 0, times 0
[  716.866035] CPU: 1 PID: 6120 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  716.867674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  716.870224] Call Trace:
[  716.870232]  <TASK>
[  716.870242]  dump_stack_lvl+0x8b/0xb3
[  716.870289]  should_fail.cold+0x5/0xa
[  716.870331]  should_failslab+0x5/0x10
[  716.870354]  __kmalloc_track_caller+0x79/0x310
[  716.870380]  ? kstrdup_const+0x53/0x80
[  716.875246]  kstrdup+0x36/0x70
[  716.875444] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  716.875886]  kstrdup_const+0x53/0x80
[  716.875910]  alloc_vfsmnt+0xb5/0x6b0
[  716.878784]  clone_mnt+0x6d/0xdc0
[  716.879504]  copy_tree+0xfe/0xa50
[  716.880199]  ? down_write_killable_nested+0x180/0x180
[  716.881235]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  716.882337]  ? alloc_mnt_ns+0x2ba/0x4a0
[  716.883158]  copy_mnt_ns+0x1a5/0xa90
[  716.883287] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  716.883915]  ? rcu_read_lock_sched_held+0x3a/0x70
[  716.886295]  ? kmem_cache_alloc+0x332/0x480
[  716.887188]  create_new_namespaces+0xd6/0xb30
[  716.888106]  copy_namespaces+0x391/0x450
[  716.888930]  copy_process+0x2832/0x6d40
[  716.889724]  ? lock_is_held_type+0xd7/0x130
[  716.890590]  ? find_held_lock+0x2c/0x110
[  716.891429]  ? __cleanup_sighand+0xb0/0xb0
[  716.892289]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  716.893383]  ? _copy_from_user+0x139/0x170
[  716.894226]  ? kernel_clone+0x2f8/0xa60
[  716.895031]  kernel_clone+0xe7/0xa60
[  716.895796]  ? lock_is_held_type+0xd7/0x130
[  716.896652]  ? copy_init_mm+0x20/0x20
23:04:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x4000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  716.897429]  ? lock_is_held_type+0xd7/0x130
[  716.898475]  __do_sys_clone3+0x1c9/0x2d0
[  716.899316]  ? __ia32_sys_clone+0x150/0x150
[  716.900208]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  716.901304]  ? vfs_write+0x188/0xae0
[  716.902055]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  716.903170]  ? fput+0x2a/0x50
[  716.903816]  ? syscall_enter_from_user_mode+0x1d/0x50
[  716.904850]  do_syscall_64+0x3b/0x90
[  716.905608]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.906630] RIP: 0033:0x7f3d8a0d9b19
[  716.907382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  716.911011] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  716.912521] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  716.913933] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  716.915358] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  716.916764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  716.918174] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  716.919615]  </TASK>
[  716.929950] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  716.933539] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  716.945004] FAULT_INJECTION: forcing a failure.
[  716.945004] name failslab, interval 1, probability 0, space 0, times 0
[  716.947395] CPU: 1 PID: 6130 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  716.949038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  716.951301] Call Trace:
[  716.951808]  <TASK>
[  716.952256]  dump_stack_lvl+0x8b/0xb3
[  716.953033]  should_fail.cold+0x5/0xa
[  716.953805]  ? create_object.isra.0+0x3a/0xa20
[  716.954731]  should_failslab+0x5/0x10
[  716.955511]  kmem_cache_alloc+0x5b/0x480
[  716.956334]  create_object.isra.0+0x3a/0xa20
[  716.957221]  ? kasan_unpoison+0x23/0x50
[  716.958031]  kmem_cache_alloc+0x239/0x480
[  716.958868]  copy_process+0x1ddf/0x6d40
[  716.959690]  ? lock_is_held_type+0xd7/0x130
[  716.960561]  ? find_held_lock+0x2c/0x110
[  716.961399]  ? __cleanup_sighand+0xb0/0xb0
[  716.962271]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  716.963405]  ? _copy_from_user+0x139/0x170
[  716.964279]  ? kernel_clone+0x2f8/0xa60
[  716.965083]  kernel_clone+0xe7/0xa60
[  716.965855]  ? lock_is_held_type+0xd7/0x130
[  716.966721]  ? copy_init_mm+0x20/0x20
[  716.967523]  ? lock_is_held_type+0xd7/0x130
[  716.968390]  __do_sys_clone3+0x1c9/0x2d0
[  716.969215]  ? __ia32_sys_clone+0x150/0x150
[  716.970101]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  716.971219]  ? vfs_write+0x188/0xae0
[  716.971968]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  716.973062]  ? fput+0x2a/0x50
[  716.973703]  ? syscall_enter_from_user_mode+0x1d/0x50
[  716.974739]  do_syscall_64+0x3b/0x90
[  716.975506]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.976526] RIP: 0033:0x7fc730828b19
23:04:54 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x4000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  716.977261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  716.981168] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  716.982676] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  716.984100] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  716.985512] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  716.986925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  716.988364] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  716.989795]  </TASK>
[  716.992168] FAULT_INJECTION: forcing a failure.
[  716.992168] name failslab, interval 1, probability 0, space 0, times 0
[  716.994432] CPU: 1 PID: 6132 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
23:04:54 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xc0fe}, 0x1c)

[  716.996076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  716.998431] Call Trace:
[  716.998928]  <TASK>
[  716.999400]  dump_stack_lvl+0x8b/0xb3
[  717.000172]  should_fail.cold+0x5/0xa
[  717.000941]  should_failslab+0x5/0x10
[  717.001690]  __kmalloc_track_caller+0x79/0x310
[  717.002599]  ? kstrdup_const+0x53/0x80
[  717.003406]  kstrdup+0x36/0x70
[  717.004040]  kstrdup_const+0x53/0x80
[  717.004772]  alloc_vfsmnt+0xb5/0x6b0
[  717.005517]  clone_mnt+0x6d/0xdc0
[  717.006228]  copy_tree+0xfe/0xa50
[  717.006917]  ? down_write_killable_nested+0x180/0x180
[  717.007960]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.009036]  ? alloc_mnt_ns+0x2ba/0x4a0
[  717.009823]  copy_mnt_ns+0x1a5/0xa90
[  717.010564]  ? rcu_read_lock_sched_held+0x3a/0x70
[  717.011531]  ? kmem_cache_alloc+0x332/0x480
[  717.012387]  create_new_namespaces+0xd6/0xb30
[  717.013287]  copy_namespaces+0x391/0x450
[  717.014103]  copy_process+0x2832/0x6d40
[  717.014889]  ? lock_is_held_type+0xd7/0x130
[  717.015756]  ? find_held_lock+0x2c/0x110
[  717.016577]  ? __cleanup_sighand+0xb0/0xb0
[  717.017435]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  717.018515]  ? _copy_from_user+0x139/0x170
[  717.019393]  ? kernel_clone+0x2f8/0xa60
[  717.020185]  kernel_clone+0xe7/0xa60
[  717.020932]  ? lock_is_held_type+0xd7/0x130
[  717.021781]  ? copy_init_mm+0x20/0x20
[  717.022567]  ? lock_is_held_type+0xd7/0x130
[  717.023450]  __do_sys_clone3+0x1c9/0x2d0
[  717.024256]  ? __ia32_sys_clone+0x150/0x150
[  717.025130]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.026213]  ? vfs_write+0x188/0xae0
[  717.026972]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  717.028075]  ? fput+0x2a/0x50
[  717.028716]  ? syscall_enter_from_user_mode+0x1d/0x50
[  717.029736]  do_syscall_64+0x3b/0x90
[  717.030485]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  717.031513] RIP: 0033:0x7f37c9f3ab19
[  717.032244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  717.035839] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  717.037352] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  717.038737] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  717.040154] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  717.041566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  717.042968] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  717.044427]  </TASK>
23:04:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x9000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:04:55 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:04:55 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31)

23:04:55 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/netpoll', 0x40, 0x4)
ioctl$LOOP_SET_FD(r1, 0x1269, r0)

23:04:55 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40)

23:04:55 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40)

23:04:55 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xfc00}, 0x1c)

23:04:55 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x9000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  717.270288] FAULT_INJECTION: forcing a failure.
[  717.270288] name failslab, interval 1, probability 0, space 0, times 0
[  717.272582] FAULT_INJECTION: forcing a failure.
[  717.272582] name failslab, interval 1, probability 0, space 0, times 0
[  717.272594] CPU: 0 PID: 6153 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  717.272624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  717.278586] Call Trace:
[  717.279090]  <TASK>
[  717.279524]  dump_stack_lvl+0x8b/0xb3
[  717.280290]  should_fail.cold+0x5/0xa
[  717.281044]  ? copy_process+0x1f5d/0x6d40
[  717.281874]  should_failslab+0x5/0x10
[  717.282615]  kmem_cache_alloc+0x5b/0x480
[  717.283429]  copy_process+0x1f5d/0x6d40
[  717.284213]  ? lock_is_held_type+0xd7/0x130
[  717.285052]  ? find_held_lock+0x2c/0x110
[  717.285872]  ? __cleanup_sighand+0xb0/0xb0
[  717.286717]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  717.287804]  ? _copy_from_user+0x139/0x170
[  717.288635]  ? kernel_clone+0x2f8/0xa60
[  717.289418]  kernel_clone+0xe7/0xa60
[  717.290149]  ? lock_is_held_type+0xd7/0x130
[  717.290990]  ? copy_init_mm+0x20/0x20
[  717.291763]  ? lock_is_held_type+0xd7/0x130
[  717.292613]  __do_sys_clone3+0x1c9/0x2d0
[  717.293417]  ? __ia32_sys_clone+0x150/0x150
[  717.294292]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.295380]  ? vfs_write+0x188/0xae0
[  717.296116]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  717.297191]  ? fput+0x2a/0x50
[  717.297824]  ? syscall_enter_from_user_mode+0x1d/0x50
[  717.298837]  do_syscall_64+0x3b/0x90
[  717.299591]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  717.300594] RIP: 0033:0x7fc730828b19
[  717.301316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  717.304878] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  717.306341] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  717.307727] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  717.309101] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  717.310474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  717.311865] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  717.313264]  </TASK>
[  717.313716] CPU: 1 PID: 6155 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  717.315360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  717.317584] Call Trace:
[  717.318089]  <TASK>
[  717.318529]  dump_stack_lvl+0x8b/0xb3
[  717.319311]  should_fail.cold+0x5/0xa
[  717.320079]  ? create_object.isra.0+0x3a/0xa20
[  717.321013]  should_failslab+0x5/0x10
[  717.321784]  kmem_cache_alloc+0x5b/0x480
[  717.322604]  create_object.isra.0+0x3a/0xa20
[  717.323522]  ? kasan_unpoison+0x23/0x50
[  717.324340]  __kmalloc_track_caller+0x1f0/0x310
[  717.325275]  ? kstrdup_const+0x53/0x80
[  717.326059]  kstrdup+0x36/0x70
[  717.326703]  kstrdup_const+0x53/0x80
[  717.327474]  alloc_vfsmnt+0xb5/0x6b0
[  717.328221]  clone_mnt+0x6d/0xdc0
[  717.328934]  copy_tree+0xfe/0xa50
[  717.329639]  ? down_write_killable_nested+0x180/0x180
[  717.330676]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.331775]  ? alloc_mnt_ns+0x2ba/0x4a0
[  717.332575]  copy_mnt_ns+0x1a5/0xa90
[  717.333323]  ? rcu_read_lock_sched_held+0x3a/0x70
[  717.334280]  ? kmem_cache_alloc+0x332/0x480
[  717.335168]  create_new_namespaces+0xd6/0xb30
[  717.336078]  copy_namespaces+0x391/0x450
[  717.336892]  copy_process+0x2832/0x6d40
[  717.337689]  ? lock_is_held_type+0xd7/0x130
[  717.338545]  ? find_held_lock+0x2c/0x110
[  717.339391]  ? __cleanup_sighand+0xb0/0xb0
[  717.340256]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  717.341349]  ? _copy_from_user+0x139/0x170
[  717.342198]  ? kernel_clone+0x2f8/0xa60
[  717.343001]  kernel_clone+0xe7/0xa60
[  717.343761]  ? lock_is_held_type+0xd7/0x130
[  717.344619]  ? copy_init_mm+0x20/0x20
[  717.345405]  ? lock_is_held_type+0xd7/0x130
[  717.346278]  __do_sys_clone3+0x1c9/0x2d0
[  717.347113]  ? __ia32_sys_clone+0x150/0x150
[  717.347999]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.349088]  ? vfs_write+0x188/0xae0
[  717.349832]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  717.350917]  ? fput+0x2a/0x50
[  717.351565]  ? syscall_enter_from_user_mode+0x1d/0x50
[  717.352594]  do_syscall_64+0x3b/0x90
[  717.353342]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  717.354363] RIP: 0033:0x7f37c9f3ab19
[  717.355108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  717.358711] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  717.360206] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  717.361604] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  717.363009] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  717.364438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  717.365849] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  717.367297]  </TASK>
[  717.483802] FAULT_INJECTION: forcing a failure.
[  717.483802] name failslab, interval 1, probability 0, space 0, times 0
[  717.486079] CPU: 0 PID: 6161 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  717.487704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  717.489889] Call Trace:
[  717.490386]  <TASK>
[  717.490822]  dump_stack_lvl+0x8b/0xb3
[  717.491595]  should_fail.cold+0x5/0xa
[  717.492352]  ? create_object.isra.0+0x3a/0xa20
[  717.493250]  should_failslab+0x5/0x10
[  717.493983]  kmem_cache_alloc+0x5b/0x480
[  717.494780]  create_object.isra.0+0x3a/0xa20
[  717.495650]  ? kasan_unpoison+0x23/0x50
[  717.496441]  __kmalloc_track_caller+0x1f0/0x310
[  717.497341]  ? kstrdup_const+0x53/0x80
[  717.498099]  kstrdup+0x36/0x70
[  717.498747]  kstrdup_const+0x53/0x80
[  717.499491]  alloc_vfsmnt+0xb5/0x6b0
[  717.500223]  clone_mnt+0x6d/0xdc0
[  717.500897]  ? __cond_resched+0x13/0x20
[  717.501685]  copy_tree+0xfe/0xa50
[  717.502364]  ? down_write_killable_nested+0x180/0x180
[  717.503385]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.504450]  ? alloc_mnt_ns+0x2ba/0x4a0
[  717.505232]  copy_mnt_ns+0x1a5/0xa90
[  717.505963]  ? rcu_read_lock_sched_held+0x3a/0x70
[  717.506899]  ? kmem_cache_alloc+0x332/0x480
[  717.507793]  create_new_namespaces+0xd6/0xb30
[  717.508687]  copy_namespaces+0x391/0x450
[  717.509513]  copy_process+0x2832/0x6d40
[  717.510292]  ? lock_is_held_type+0xd7/0x130
[  717.511135]  ? find_held_lock+0x2c/0x110
[  717.511946]  ? __cleanup_sighand+0xb0/0xb0
[  717.512783]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  717.513846]  ? _copy_from_user+0x139/0x170
[  717.514674]  ? kernel_clone+0x2f8/0xa60
[  717.515462]  kernel_clone+0xe7/0xa60
[  717.516192]  ? lock_is_held_type+0xd7/0x130
[  717.517027]  ? copy_init_mm+0x20/0x20
[  717.517790]  ? lock_is_held_type+0xd7/0x130
[  717.518633]  __do_sys_clone3+0x1c9/0x2d0
[  717.519448]  ? __ia32_sys_clone+0x150/0x150
[  717.520312]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  717.521378]  ? vfs_write+0x188/0xae0
[  717.522106]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  717.523183]  ? fput+0x2a/0x50
[  717.523809]  ? syscall_enter_from_user_mode+0x1d/0x50
[  717.524814]  do_syscall_64+0x3b/0x90
[  717.525569]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  717.526569] RIP: 0033:0x7f3d8a0d9b19
[  717.527316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  717.530843] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  717.532360] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  717.533736] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  717.535118] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  717.536486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  717.537853] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  717.539274]  </TASK>
23:05:16 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

23:05:16 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 41)

23:05:16 executing program 3:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 41)

23:05:16 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xfd00}, 0x1c)

23:05:16 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:05:16 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$LOOP_SET_FD(r0, 0x1269, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000009c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x2}]}]}, 0x1c}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r5, 0x5, 0x9, 0x75, 0x6})
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
syncfs(r7)

23:05:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0xf000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:05:16 executing program 4:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32)

[  738.537595] FAULT_INJECTION: forcing a failure.
[  738.537595] name failslab, interval 1, probability 0, space 0, times 0
[  738.539875] CPU: 0 PID: 6181 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  738.541479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  738.543731] Call Trace:
[  738.544241]  <TASK>
[  738.544678]  dump_stack_lvl+0x8b/0xb3
[  738.545448]  should_fail.cold+0x5/0xa
[  738.546210]  ? create_object.isra.0+0x3a/0xa20
[  738.547124]  should_failslab+0x5/0x10
[  738.547212] FAULT_INJECTION: forcing a failure.
[  738.547212] name failslab, interval 1, probability 0, space 0, times 0
[  738.547879]  kmem_cache_alloc+0x5b/0x480
[  738.547917]  create_object.isra.0+0x3a/0xa20
[  738.551819]  kmemleak_alloc_percpu+0xa0/0x100
[  738.552715]  pcpu_alloc+0x7bf/0x1060
[  738.553487]  alloc_vfsmnt+0xfd/0x6b0
[  738.554235]  clone_mnt+0x6d/0xdc0
[  738.554945]  copy_tree+0xfe/0xa50
[  738.555656]  ? down_write_killable_nested+0x180/0x180
[  738.556675]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.557762]  ? alloc_mnt_ns+0x2ba/0x4a0
[  738.558551]  copy_mnt_ns+0x1a5/0xa90
[  738.559302]  ? rcu_read_lock_sched_held+0x3a/0x70
[  738.560267]  ? kmem_cache_alloc+0x332/0x480
[  738.561131]  create_new_namespaces+0xd6/0xb30
[  738.562028]  copy_namespaces+0x391/0x450
[  738.562849]  copy_process+0x2832/0x6d40
[  738.563648]  ? lock_is_held_type+0xd7/0x130
[  738.564503]  ? find_held_lock+0x2c/0x110
[  738.565327]  ? __cleanup_sighand+0xb0/0xb0
[  738.566190]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  738.567268]  ? _copy_from_user+0x139/0x170
[  738.568122]  ? kernel_clone+0x2f8/0xa60
[  738.568914]  kernel_clone+0xe7/0xa60
[  738.569660]  ? lock_is_held_type+0xd7/0x130
[  738.570514]  ? copy_init_mm+0x20/0x20
[  738.571295]  ? lock_is_held_type+0xd7/0x130
[  738.572166]  __do_sys_clone3+0x1c9/0x2d0
[  738.572984]  ? __ia32_sys_clone+0x150/0x150
[  738.573871]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.574945]  ? vfs_write+0x188/0xae0
[  738.575689]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  738.576784]  ? fput+0x2a/0x50
[  738.577416]  ? syscall_enter_from_user_mode+0x1d/0x50
[  738.578449]  do_syscall_64+0x3b/0x90
[  738.579190]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  738.580232] RIP: 0033:0x7f3d8a0d9b19
[  738.580957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  738.584604] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  738.586090] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  738.587509] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  738.588927] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  738.590349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  738.591775] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  738.593215]  </TASK>
[  738.593678] CPU: 1 PID: 6187 Comm: syz-executor.4 Not tainted 5.16.0-rc5-next-20211217 #1
[  738.595393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  738.597704] Call Trace:
[  738.598242]  <TASK>
[  738.598693]  dump_stack_lvl+0x8b/0xb3
[  738.599501]  should_fail.cold+0x5/0xa
[  738.600314]  ? create_object.isra.0+0x3a/0xa20
[  738.601259]  should_failslab+0x5/0x10
[  738.602040]  kmem_cache_alloc+0x5b/0x480
[  738.602879]  create_object.isra.0+0x3a/0xa20
[  738.603807]  ? kasan_unpoison+0x23/0x50
[  738.604656]  kmem_cache_alloc+0x239/0x480
[  738.605505]  copy_process+0x1f5d/0x6d40
[  738.606326]  ? lock_is_held_type+0xd7/0x130
[  738.607212]  ? find_held_lock+0x2c/0x110
[  738.608091]  ? __cleanup_sighand+0xb0/0xb0
[  738.608974]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  738.610088]  ? _copy_from_user+0x139/0x170
[  738.610949]  ? kernel_clone+0x2f8/0xa60
[  738.611218] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  738.611779]  kernel_clone+0xe7/0xa60
[  738.613973]  ? lock_is_held_type+0xd7/0x130
[  738.614861]  ? copy_init_mm+0x20/0x20
[  738.615672]  ? lock_is_held_type+0xd7/0x130
[  738.616574]  __do_sys_clone3+0x1c9/0x2d0
[  738.617412]  ? __ia32_sys_clone+0x150/0x150
[  738.618313]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.619443]  ? vfs_write+0x188/0xae0
[  738.620226]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  738.621338]  ? fput+0x2a/0x50
[  738.621453] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  738.621994]  ? syscall_enter_from_user_mode+0x1d/0x50
[  738.624487]  do_syscall_64+0x3b/0x90
[  738.625267]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  738.626308] RIP: 0033:0x7fc730828b19
[  738.627060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  738.630778] RSP: 002b:00007fc72dd9e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  738.630815] RAX: ffffffffffffffda RBX: 00007fc73093bf60 RCX: 00007fc730828b19
[  738.630832] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  738.630847] RBP: 00007fc72dd9e1d0 R08: 0000000000000000 R09: 0000000000000000
[  738.630862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
23:05:16 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xfe80}, 0x1c)

[  738.630877] R13: 00007ffe22acbb9f R14: 00007fc72dd9e300 R15: 0000000000022000
[  738.630917]  </TASK>
[  738.672841] FAULT_INJECTION: forcing a failure.
[  738.672841] name failslab, interval 1, probability 0, space 0, times 0
[  738.675210] CPU: 1 PID: 6190 Comm: syz-executor.3 Not tainted 5.16.0-rc5-next-20211217 #1
[  738.676903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  738.679198] Call Trace:
[  738.679729]  <TASK>
[  738.680187]  dump_stack_lvl+0x8b/0xb3
[  738.680985]  should_fail.cold+0x5/0xa
[  738.681769]  ? create_object.isra.0+0x3a/0xa20
[  738.682741]  should_failslab+0x5/0x10
[  738.683086] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  738.683533]  kmem_cache_alloc+0x5b/0x480
[  738.685798]  create_object.isra.0+0x3a/0xa20
23:05:16 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x60000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  738.686707]  kmemleak_alloc_percpu+0xa0/0x100
[  738.687832]  pcpu_alloc+0x7bf/0x1060
[  738.688642]  alloc_vfsmnt+0xfd/0x6b0
[  738.689415]  clone_mnt+0x6d/0xdc0
[  738.690143]  copy_tree+0xfe/0xa50
[  738.690881]  ? down_write_killable_nested+0x180/0x180
[  738.691967]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.693088]  ? alloc_mnt_ns+0x2ba/0x4a0
[  738.693904]  copy_mnt_ns+0x1a5/0xa90
[  738.694661]  ? rcu_read_lock_sched_held+0x3a/0x70
[  738.695482] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
[  738.695671]  ? kmem_cache_alloc+0x332/0x480
[  738.697974]  create_new_namespaces+0xd6/0xb30
[  738.698924]  copy_namespaces+0x391/0x450
[  738.699766]  copy_process+0x2832/0x6d40
[  738.700577]  ? lock_is_held_type+0xd7/0x130
[  738.701451]  ? find_held_lock+0x2c/0x110
[  738.702295]  ? __cleanup_sighand+0xb0/0xb0
[  738.703182]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  738.703215]  ? _copy_from_user+0x139/0x170
[  738.703249]  ? kernel_clone+0x2f8/0xa60
[  738.703287]  kernel_clone+0xe7/0xa60
[  738.703322]  ? lock_is_held_type+0xd7/0x130
[  738.703349]  ? copy_init_mm+0x20/0x20
[  738.703412]  ? lock_is_held_type+0xd7/0x130
[  738.703447]  __do_sys_clone3+0x1c9/0x2d0
[  738.703483]  ? __ia32_sys_clone+0x150/0x150
[  738.703539]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.703569]  ? vfs_write+0x188/0xae0
[  738.703602]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  738.703633]  ? fput+0x2a/0x50
[  738.703675]  ? syscall_enter_from_user_mode+0x1d/0x50
[  738.703711]  do_syscall_64+0x3b/0x90
[  738.703747]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  738.703781] RIP: 0033:0x7f37c9f3ab19
[  738.703810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  738.703846] RSP: 002b:00007f37c74b0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  738.723591] RAX: ffffffffffffffda RBX: 00007f37ca04df60 RCX: 00007f37c9f3ab19
[  738.725033] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  738.726472] RBP: 00007f37c74b01d0 R08: 0000000000000000 R09: 0000000000000000
[  738.727931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  738.729374] R13: 00007ffc4d9c6d4f R14: 00007f37c74b0300 R15: 0000000000022000
[  738.730869]  </TASK>
23:05:16 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000800), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000008c0)={0x0, 0x60000000, &(0x7f0000000880)={&(0x7f0000000840)={0x14, r1, 0x1}, 0x14}}, 0x0)

23:05:16 executing program 0:
clone3(&(0x7f0000000000)={0x1a1a0100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 42)

23:05:16 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000600), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000085ec07aab508292930a897cc580473a94e84598c49cab6a3a435212bc11f2a664797331c890b0d24d8a388fb26a2f15364a65c7501a2c792e32d34e782e4bc52e347b1e70aa377c025f15eaaa9a1bf561acd8bdb38b4", @ANYRES16=r3, @ANYBLOB="010000000000000000000e0000000800028004000280"], 0x1c}}, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r2)
ioctl$LOOP_SET_FD(r0, 0x1269, r1)

23:05:16 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r0, 0x1}, {r1, 0x4006}], 0x2, 0xffff)
r2 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f0000000300)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba', 0x0)
poll(&(0x7f0000000140)=[{r2}, {r3, 0x4006}], 0x2, 0xffff)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa840, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})

[  738.931742] FAULT_INJECTION: forcing a failure.
[  738.931742] name failslab, interval 1, probability 0, space 0, times 0
[  738.934406] CPU: 1 PID: 6210 Comm: syz-executor.0 Not tainted 5.16.0-rc5-next-20211217 #1
[  738.936297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  738.938894] Call Trace:
[  738.939643]  <TASK>
[  738.940232]  dump_stack_lvl+0x8b/0xb3
[  738.941253]  should_fail.cold+0x5/0xa
[  738.942236]  ? create_object.isra.0+0x3a/0xa20
[  738.943344]  should_failslab+0x5/0x10
[  738.944273]  kmem_cache_alloc+0x5b/0x480
[  738.945231]  ? mark_held_locks+0x9e/0xe0
[  738.946197]  create_object.isra.0+0x3a/0xa20
[  738.947249]  kmemleak_alloc_percpu+0xa0/0x100
[  738.948325]  pcpu_alloc+0x7bf/0x1060
[  738.949237]  alloc_vfsmnt+0xfd/0x6b0
[  738.950121]  clone_mnt+0x6d/0xdc0
[  738.950954]  copy_tree+0xfe/0xa50
[  738.951791]  ? down_write_killable_nested+0x180/0x180
[  738.953012]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  738.954301]  ? alloc_mnt_ns+0x2ba/0x4a0
[  738.955246]  copy_mnt_ns+0x1a5/0xa90
[  738.956156]  ? rcu_read_lock_sched_held+0x3a/0x70
[  738.957165]  ? kmem_cache_alloc+0x332/0x480
[  738.958029]  create_new_namespaces+0xd6/0xb30
[  738.958935]  copy_namespaces+0x391/0x450
[  738.959763]  copy_process+0x2832/0x6d40
[  738.960566]  ? lock_is_held_type+0xd7/0x130
[  738.961423]  ? find_held_lock+0x2c/0x110
[  738.962251]  ? __cleanup_sighand+0xb0/0xb0
[  738.963112]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  738.964226]  ? _copy_from_user+0x139/0x170
[  738.965072]  ? kernel_clone+0x2f8/0xa60
[  738.965875]  kernel_clone+0xe7/0xa60
[  738.966624]  ? lock_is_held_type+0xd7/0x130
[  738.967490]  ? copy_init_mm+0x20/0x20
[  738.968273]  ? lock_is_held_type+0xd7/0x130
[  738.969140]  __do_sys_clone3+0x1c9/0x2d0
[  738.969951]  ? __ia32_sys_clone+0x150/0x150
[  738.970841]  ? restore_fpregs_from_fpstate+0xcc/0x1e0
[  738.971905]  ? syscall_enter_from_user_mode+0x1d/0x50
[  738.972941]  do_syscall_64+0x3b/0x90
[  738.973699]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  738.974718] RIP: 0033:0x7f3d8a0d9b19
[  738.975472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  738.979120] RSP: 002b:00007f3d8764f188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  738.980624] RAX: ffffffffffffffda RBX: 00007f3d8a1ecf60 RCX: 00007f3d8a0d9b19
[  738.982032] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000000
[  738.983456] RBP: 00007f3d8764f1d0 R08: 0000000000000000 R09: 0000000000000000
[  738.984861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  738.986267] R13: 00007ffcc34ec5ef R14: 00007f3d8764f300 R15: 0000000000022000
[  738.987708]  </TASK>
[  752.247903] kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff8880096d6100 (size 176):
  comm "syz-executor.5", pid 295, jiffies 4294850979 (age 575.718s)
  hex dump (first 32 bytes):
    02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000dda2faa6>] prepare_creds+0x2b/0x6f0
    [<00000000237fe0d7>] copy_creds+0x72/0x930
    [<00000000600c3b83>] copy_process+0x10d5/0x6d40
    [<00000000ebadc1d1>] kernel_clone+0xe7/0xa60
    [<000000004aea1670>] __do_sys_clone+0xc1/0x100
    [<000000009f8ea917>] do_syscall_64+0x3b/0x90
    [<0000000076bf7eb3>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88800c86f4c0 (size 32):
  comm "syz-executor.5", pid 295, jiffies 4294850979 (age 575.718s)
  hex dump (first 32 bytes):
    01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000d6c5db51>] security_prepare_creds+0x10a/0x180
    [<0000000059b498ff>] prepare_creds+0x505/0x6f0
    [<00000000237fe0d7>] copy_creds+0x72/0x930
    [<00000000600c3b83>] copy_process+0x10d5/0x6d40
    [<00000000ebadc1d1>] kernel_clone+0xe7/0xa60
    [<000000004aea1670>] __do_sys_clone+0xc1/0x100
    [<000000009f8ea917>] do_syscall_64+0x3b/0x90
    [<0000000076bf7eb3>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88801e483600 (size 1544):
  comm "syz-executor.5", pid 295, jiffies 4294850979 (age 575.718s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    10 36 48 1e 80 88 ff ff 10 36 48 1e 80 88 ff ff  .6H......6H.....
  backtrace:
    [<00000000bb221a68>] copy_process+0x1f5d/0x6d40
    [<00000000ebadc1d1>] kernel_clone+0xe7/0xa60
    [<000000004aea1670>] __do_sys_clone+0xc1/0x100
    [<000000009f8ea917>] do_syscall_64+0x3b/0x90
    [<0000000076bf7eb3>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88803f803580 (size 6592):
  comm "syz-executor.5", pid 4330, jiffies 4294851004 (age 575.693s)
  hex dump (first 32 bytes):
    02 40 02 00 00 00 00 00 00 00 00 00 00 00 00 00  .@..............
    00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000001d7f1828>] copy_process+0x2fb7/0x6d40
    [<00000000ebadc1d1>] kernel_clone+0xe7/0xa60
    [<000000004aea1670>] __do_sys_clone+0xc1/0x100
    [<000000009f8ea917>] do_syscall_64+0x3b/0x90
    [<0000000076bf7eb3>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88800da1f1e0 (size 352):
  comm "syz-executor.5", pid 4330, jiffies 4294851085 (age 575.612s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    1b 00 00 00 00 00 00 00 7e e7 ec 03 00 00 00 00  ........~.......
  backtrace:
    [<000000008f6c14d0>] taskstats_exit+0x5c6/0xac0
    [<000000003dd24c8d>] do_exit+0x994/0x2960
    [<000000000479d0d6>] do_group_exit+0x125/0x310
    [<00000000515d1d0e>] __x64_sys_exit_group+0x3a/0x50
    [<000000009f8ea917>] do_syscall_64+0x3b/0x90
    [<0000000076bf7eb3>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: leak checking failed

VM DIAGNOSIS:
23:05:38  Registers:
info registers vcpu 0
RAX=ffffffff84080550 RBX=ffffffff85032600 RCX=ffffffff84062541 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff85007e40
R8 =0000000000000001 R9 =ffff88806ce38953 R10=ffffed100d9c712a R11=0000000000000001
R12=fffffbfff0a064c0 R13=ffffffff858bf050 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff8408055b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0d1b7dca40 CR3=000000000df76000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 656a626f20646563 6e6572656665726e
YMM02=0000000000000000 0000000000000000 2936373120657a69 7328203030313664
YMM03=0000000000000000 0000000000000000 3220646970202c22 352e726f74756365
YMM04=0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2020303020303020
YMM05=0000000000000000 0000000000000000 3020303020303020 3030203030203030
YMM06=0000000000000000 0000000000000000 7365747962203233 2074737269662820
YMM07=0000000000000000 0000000000000000 2e35373520656761 2820393739303538
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=ffffffff84080550 RBX=ffff8880081a9ac0 RCX=ffffffff84062541 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000001 RSP=ffff888008207e78
R8 =0000000000000001 R9 =ffff88806cf38953 R10=ffffed100d9e712a R11=0000000000000001
R12=ffffed1001035358 R13=ffffffff858bf050 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff8408055b RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffea877ab88 CR3=000000000c766000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM02=0000000000000000 0000000000000000 0000000000000000 416fc9e000000000
YMM03=0000000000000000 0000000000000000 0000ff0000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 732f6c61636f6c2f 7273752f3d485441
YMM05=0000000000000000 0000000000000000 622f6c61636f6c2f 7273752f3a6e6962
YMM06=0000000000000000 0000000000000000 73752f3a6e696273 2f7273752f3a6e69
YMM07=0000000000000000 0000000000000000 6e69622f3a6e6962 732f3a6e69622f72
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000